What Is Mastercard Verifiable Intent and Why It Matters for Agentic Commerce

On March 5, 2026, Mastercard and Google introduced Verifiable Intent: an open-source, standards-based cryptographic framework that creates tamper-resistant proof of user authorization for every transaction executed by an AI agent. It is not a new payment product. It is the trust infrastructure that agentic commerce has been missing since the first AI agents began placing orders on behalf of human buyers.

The timing is not accidental. Autonomous AI agents are already transacting. OpenAI's Agentic Commerce Protocol (ACP) Instant Checkout has been live since September 2025. Google's Universal Commerce Protocol (UCP) launched with 20 partners in January 2026. PayPal integrated with Mastercard's Agent Pay platform in October 2025. The payments infrastructure for AI commerce was ahead of the trust infrastructure. Verifiable Intent closes that gap.

For brands and merchants, the significance is straightforward: the fundamental question of whether you can trust an AI agent transaction is now being answered at the infrastructure level. The remaining question is whether your business is positioned to be found, evaluated, and transacted by the agents placing those orders.

What Problem Does Verifiable Intent Solve?

Every agentic commerce transaction carries three questions that traditional payment infrastructure was never designed to answer.

First: did the consumer actually authorize this? When a human taps a card, intent is immediate and unambiguous. When an AI agent executes an instruction given hours or days earlier, including booking travel, reordering groceries, or renewing a subscription, that clarity disappears. The instruction and the transaction are separated in time, and possibly in context.

Second: did the agent follow the instructions exactly? AI agents can deviate from intent through:

• Model error or hallucination during task execution.
• Prompt injection attacks that redirect agent behavior mid-task.
• Situations the original instructions did not anticipate.
• Platform-level changes between the time of instruction and execution.

Current payment systems have no mechanism to verify that the transaction matches the original authorization.

Third: if something goes wrong, who has the proof? Dispute resolution in traditional payments relies on the cardholder's memory and the merchant's transaction log. In an agentic transaction, neither of those tells the full story. You need a record of what the consumer intended, what the agent was instructed to do, and what actually happened, linked together in a way that cannot be retroactively altered.

Verifiable Intent creates that record.

"Consumers need confidence and verifiable evidence that agents will follow instructions while maintaining privacy. Merchants need assurance that an agent is authorized to transact. Issuers must distinguish legitimate activity from fraud. And if something goes wrong, everyone needs facts, not guesswork." - Pablo Fourez, Chief Digital Officer, Mastercard

Source: Mastercard

How Does Verifiable Intent Work Technically?

Verifiable Intent creates a cryptographic audit trail that links three elements into a single tamper-resistant record:

• The consumer's verified identity.
• Their specific instructions to the AI agent.
• The outcome of the transaction.

The framework's core mechanism is Selective Disclosure, a privacy technique that shares only the minimum information required with each party at each stage. Each stakeholder gets exactly what they need:

• Merchants see enough to verify that an agent is authorized to purchase.
• Issuers see enough to distinguish legitimate agent activity from fraud.
• Dispute resolution systems see enough to determine what went wrong.
• No party sees more than their role requires.

This architecture was built on four established open standards to ensure it works across different wallets, payment networks, and platforms:

• FIDO Alliance standards for authentication and device binding.
• EMVCo specifications covering secure card transaction standards.
• IETF protocols for internet-layer interoperability.
• W3C standards for web-based credential exchange.

The specification and a reference implementation have both been open-sourced. Developers can access them at verifiableintent.dev and on GitHub. This is not a proprietary Mastercard API. It is an open standard that any wallet, payment processor, or AI agent platform can implement.

Source: Fintech News Singapore

How Does Verifiable Intent Fit Into the Protocol Stack?

Verifiable Intent is not a competing protocol. It is a trust layer designed to operate alongside the protocols already processing agentic transactions. The current agentic commerce protocol landscape has three distinct layers:

Layer 1: Discovery and recommendation. AI agents find products through AI search surfaces: ChatGPT, Perplexity, and Google AI Overviews. This is the AEO and GEO layer. It determines whether your business is in the consideration set when an agent is evaluating options.

Layer 2: Transaction execution. Once an agent selects a product, ACP and UCP govern how checkout happens:

• ACP (Agentic Commerce Protocol, developed by Stripe and OpenAI, live September 2025).
• UCP (Universal Commerce Protocol, developed by Google and Shopify, live January 2026).
• AP2 (Google's Agent Payments Protocol, handles payment authorization within either flow).

Layer 3: Trust and authorization verification. This is where Verifiable Intent operates. It does not replace ACP, UCP, or AP2. It creates the cryptographic record that makes transactions across all of those protocols verifiable, disputable, and trustworthy.

Stavan Parikh, Vice President and General Manager of Payments at Google, confirmed the complementary design: "Strong, interoperable trust infrastructure like Verifiable Intent that is compatible with Agent Payments Protocol is a natural accelerator for scaling agentic commerce."

Source: Fintech News Singapore

What Is Mastercard Agent Pay and Where Does Verifiable Intent Fit?

Verifiable Intent is the latest layer added to Agent Pay, Mastercard's agentic payments program launched in April 2025.

What Agent Pay established:

• Infrastructure for registering AI agents on Mastercard's network.
• Authentication protocols verifying agent identity before any transaction.
• A credentialing system determining which agents are authorized to transact at all.

What Verifiable Intent adds on top:

• A cryptographic proof layer that travels with every transaction.
• An immutable link between the original consumer authorization and the executed transaction.
• A shared source of truth for dispute resolution across all parties.

Think of it this way: Agent Pay answers "is this agent authorized to transact?" Verifiable Intent answers "did this transaction match what the consumer actually authorized?"

The Agent Pay ecosystem has grown significantly since its April 2025 launch. PayPal integrated Agent Pay into its wallet in October 2025, enabling AI agents to complete purchases using PayPal credentials. Three major processors - Adyen, Fiserv, and Worldpay - have publicly committed to integrating Verifiable Intent into their merchant solutions.

Sanjay Saraf, Chief Product Officer of Merchant Solutions at Fiserv, said: "Verifiable Intent marks a meaningful step forward in how intent, authentication, and accountability are established in agentic commerce. By integrating with Mastercard Agent Pay, Fiserv is delivering a new trust layer that helps merchants secure agent-initiated transactions."

Mastercard plans to integrate Verifiable Intent into the intent APIs of Agent Pay within the coming months, moving from open specification to production infrastructure.

Sources: Mastercard, PayPal Newsroom

What Does This Mean for Brands and Merchants?

Verifiable Intent changes the calculus for merchants in three specific ways.

Dispute resolution becomes tractable. Today, when a consumer disputes an AI agent transaction, the merchant has limited evidence. The transaction log shows what was purchased and when. It does not show what the consumer originally instructed the agent to do, or whether the agent followed those instructions. Verifiable Intent creates that record, which shifts dispute resolution meaningfully in favor of merchants acting in good faith.

Fraud liability becomes clearer. Issuers using Verifiable Intent can distinguish between:

• A fraudulent transaction: an unauthorized agent acting outside its scope.
• A legitimate transaction the consumer now regrets.
• An agent error: the transaction was authorized but executed incorrectly.

This distinction is currently difficult to make with confidence. The cryptographic audit trail makes it provable.

Consumer trust in agentic checkout increases. The adoption barrier for agentic commerce is not primarily technical. It is consumer confidence. Buyers need assurance that:

• The AI agent will not overspend against their budget.
• The agent will purchase exactly what they specified.
• They can dispute and recover from any unauthorized transaction.
• Their payment credentials are not exposed to the merchant or agent unnecessarily.

Verifiable Intent provides the mechanism for all four of these assurances.

What Brands Should Do Now

Verifiable Intent is not yet in production. The standard is open-sourced and available for implementation, but the full production rollout through Adyen, Fiserv, and Worldpay will take additional months. The readiness work required to take advantage of Verifiable Intent when it is live is the same work required to be transactable via ACP and UCP today.

Audit your payment processor relationships. If you process with Adyen, Fiserv, or Worldpay, ask your processor contact about their Agent Pay roadmap. These are the first confirmed production deployments for Verifiable Intent.

Confirm ACP and UCP readiness. ACP Instant Checkout requires Stripe as payment processor and product feed compliance. UCP requires a verified Google Merchant Center feed, structured product data, and UCP enablement.

Audit your structured product data. AI agents construct carts based on your product schema. Errors in price, availability, return policy, or shipping result in abandoned transactions or disputes. Review your Offer, MerchantReturnPolicy, and ItemAvailability schema for accuracy and completeness.

Get entity clarity in place. Consistent structured data and sameAs signals to authoritative sources help AI agents accurately identify your business and route trust verification correctly.

Mastercard has confirmed that Verifiable Intent will be integrated into the Agent Pay intent APIs within months of the March 2026 announcement. The open-source specification is available now at verifiableintent.dev for teams that want to begin implementation ahead of the production rollout. Brands already built on ACP, UCP, and clean structured product data will be the best positioned when that rollout completes.

The Convert Phase: Transaction Readiness for Agentic Commerce

For brands building agentic commerce readiness, Verifiable Intent is Convert phase infrastructure. The Convert phase is the seventh and final phase of the A.G.E.N.T.I.C. methodology, the systematic approach to agentic commerce optimization developed by agenticplug.ai. It addresses a specific question: can your business close a sale when an AI agent has already decided to buy from you?

Most brands working on AI visibility focus on the earlier phases: building entity clarity, structuring content for AI extraction, and earning third-party citations. These are the right starting points. A brand that is invisible to AI search cannot be found by AI agents regardless of how good its checkout experience is.

But visibility without transactability is a dead end. An AI agent that discovers your product, evaluates it positively, and attempts to purchase, and then encounters a payment flow that requires human navigation, will either abandon the transaction or route to a competitor with protocol support.

Full Convert phase readiness covers:

• ACP integration via Stripe for ChatGPT-initiated transactions.
• UCP support for Google Shopping and Google-powered agent flows.
• AP2 compatibility for Google's agent payment authorization.
• Structured product schema (MerchantReturnPolicy, Offer, ItemAvailability) enabling accurate cart construction.
• Verifiable Intent readiness through processor relationships with Adyen, Fiserv, or Worldpay.

Brands that complete this stack are transactable by the agents making purchasing decisions today.