American Express Sets Pace on Agentic Commerce Standards

American Express is positioning itself to guide agentic commerce toward common norms, using safeguards for ai agent transactions as a consumer-protection blueprint.

That theme anchored a Tuesday session at Nacha’s Smarter Faster Payments event, where two Amex executives outlined the card network’s evolving approach.

In this model, software agents act on shopper instructions to complete defined purchases. The market remains early, with few real transactions as companies pilot bots; over time, the payment step is expected to run automatically.

Morgan Stanley estimated in December that United States bot-driven sales could total between $190 billion and $385 billion by 2030.

Stefan Olofsson, senior vice president and general manager of Amex’s global network, said the company deliberately moved slower than rivals to ensure the needs of every stakeholder in the payments stack were addressed.

That work culminated in an early-month update detailing how the experience would operate for Card Members, registered agents, and merchants, with Amex claiming first-mover protection when bots go astray. The update also described Amex’s Agentic Commerce Experiences (Ace) developer kit, aimed at developers, merchants, and partners building shopping agents that can be registered and recognized in Amex’s network. Amex positioned the kit as a way to make agent-led checkout more predictable by standardizing how agents are onboarded, how Card Member permissions are expressed, and how intent data moves between agents, merchants, and the network. The Ace kit includes agent registration services, consent and permissions tooling for Card Members, intent authentication and tokenization APIs for payment requests, testing and sandbox environments, and event and audit logs designed to help participants trace what an agent was allowed to do versus what it did.

When a Card Member authorizes an ai agent to make a purchase and the agent transmits authenticated purchase intent, American Express said it will shield eligible users from charges related to ai agent error, subject to terms. Amex said the purpose of its Agent Purchase Protection is to give Card Members a clear backstop when a properly authorized agent makes an unintended purchase, extending existing purchase protections to this new flow. The company framed it as covering mistakes tied to a registered agent operating under a customer’s permissions (for example, buying the wrong item, selecting the wrong merchant, duplicating an order, or purchasing outside the user’s limits), rather than treating every problem as a traditional unauthorized-use case. Eligibility is subject to requirements such as using a registered agent, meeting account and transaction conditions, and reporting issues within required time frames.

The company said its aim is to verify both the human and the agent and to clarify intent to mitigate registered agent mistakes while building transparency, accountability, and confidence. That process includes linking an agent to a verified developer or merchant, issuing credentials to the agent, and binding Card Member consent to explicit constraints such as approved merchants, spending limits, frequency, and time windows. Each purchase is designed to carry an authenticated, auditable intent message so the merchant and the network can confirm which agent acted, who authorized it, and what was approved at the time of checkout.

Disputes Will Emerge

Olofsson reinforced that message during a session framed around whether disagreements will follow, noting that Card Members must feel their credentials are secure within ai environments and that merchants must trust bots will not fuel additional disputes or chargebacks. He said Amex expects agent transactions to include standardized authorization data and an audit trail that can be used in dispute resolution, helping merchants respond with evidence of Card Member consent and the agent’s registered identity. The goal, he added, is to keep familiar dispute and chargeback processes while adding agent-specific proof points that speed triage when errors stem from automation rather than fraud.

To achieve that, sellers will look for consistency across networks—from Amex to Visa and Mastercard—so ai-initiated transactions behave similarly. While competitors are crafting their own frameworks, Amex is advocating a shared playbook.

He said agent-led buying depends on ecosystem interoperability: no single party controls the entire journey, so standards and secure exchanges between agents and payment systems are essential. Amex argued that its closed-loop network helps by applying more uniform rules across relationships it directly manages and by using first-party network data to enforce permissions and detect anomalies, even as agent identity and intent signals must be exchangeable across providers and rails.

Asked afterward about cross-network collaboration, he declined to provide details.

He pointed to collaborative efforts among players including Amex and Stripe, the ai firm OpenAI, and standards bodies such as EMVCo and the Fido Alliance. He described that work as spanning pilot programs and joint technical efforts to define how agent identity, authentication, and intent messages should be formatted, exchanged, and verified, alongside contributions to broader standards-setting on security and credentialing.

Visa, Mastercard Weigh In

On Tuesday’s earnings call, Visa chief executive officer Ryan McInerney, questioned about agent-driven fraud and Amex’s stance, indicated Visa expects to offer comparable protections.

He told analysts it is still early and, as use cases and threat vectors mature, Visa will adjust capabilities and rules as it has historically.

McInerney also emphasized that rule changes will come with broad ecosystem support as the model evolves.

A Mastercard spokesperson said the No. 2 United States network will extend its existing card protections to its agent-focused product, Mastercard Agent Pay.

The spokesperson added that with Mastercard Agent Pay, buyers and sellers should expect strong security, fraud safeguards, and dispute resolution whether a human or an ai agent initiates the payment.

Judy Nguyen, Amex’s vice president of enterprise payments, stressed the space is still early-stage. She said growth hinges on trust and transparency for customer-authorized transactions to known counterparties, backed by data. She pointed to clearer permissioning and visibility into what an agent is allowed to do, along with data signals and monitoring that can flag unusual behavior, support audits, and help merchants and consumers understand how a purchase was initiated.

For the near term, she expects agent-led payments to concentrate in a few areas over the next 12 to 18 months:

• Recurring purchases at larger merchants
• Low-ticket purchases at larger merchants
• Subscriptions
• Bill pay

Meanwhile, pilots will multiply, and the industry will need to align protections across payment rails. Nguyen said consumers using agent-driven transactions will expect comparable safeguards whether they pay with cards or via pay-by-bank.

“A clear liability framework must exist and be communicated to the customer so they feel comfortable with the transaction,” she said.

A workable agentic commerce model requires liability rules that are easy for consumers to understand and consistent enough for merchants, networks, and agent providers to apply at scale.

Justin Bachman contributed to this report.