Building the Agentic Economy

“The utility of autonomous agents is, in part, tied to their ability to engage in economic activity.” - OpenID Foundation¹

People happily ask ChatGPT and Gemini to research products, compare prices, and find deals. In fact, Shopify reported AI-driven traffic was up 7x since Jan 2025². But handing an agent your credit card to complete a purchase? That hits a different trust threshold. 61% of consumers say they would trust agents with purchases under $20, but that drops to 39% as the amount increases.³

Fully autonomous agentic commerce, where AI agents handle your weekly shop, book your holiday, and manage your subscriptions without human approval, still feels distant. Yet the infrastructure to enable an agentic economy is being built at an unprecedented rate.

In a six-month period from April to September 2025, Visa, Mastercard, PayPal, Stripe, and Google all launched agentic payment infrastructures. While McKinsey projects that by 2030, agentic commerce could orchestrate $3-5 trillion in global revenue.⁴

The challenge is agents need a single credential that provides identity and payment authorization across any merchant, without creating accounts, exposing sensitive data, or waiting for human approval. Agents have different lifecycles, capability requirements, and trust models than humans or traditional software⁵. If agents can't identify themselves and pay in one atomic transaction, autonomous commerce remains theoretical.

An Accelerating Ecosystem

The payment networks, Visa, Mastercard, and PayPal, all launched agentic commerce infrastructure with capabilities to complete transactions on a user's behalf. Stripe and OpenAI co-launched the Agentic Commerce Protocol, enabling add to cart and checkout in ChatGPT, and Google followed with Universal Commerce Protocol, backed by similar partners of Target, Walmart, and Shopify. The technical solutions differ, but the architectural pattern is the same:

Agents need credentials that combine
"who", "whose money," and "can pay."

McKinsey predicts the US B2C retail market could see up to $1 trillion in orchestrated revenue by 2030⁴. While more conservative projections from Morgan Stanley ($190-385 billion)⁶ and Bain ($300-500 billion)⁷ suggest greater uncertainty about adoption velocity. What's certain is nearly every major payment network, tech platform, and commerce infrastructure provider has decided the transition is inevitable enough to warrant immediate and substantial investment.

The Problem They’re Solving

Think about booking a weekend trip. Flights, hotel, rental car, restaurant reservations. Each requires creating an account, verifying your email, and entering payment details.

Now imagine designing your trip through conversation with an agent that knows your preferences, budget constraints, and priorities, then having that agent handle the bookings. Prototypes like Autoura (built by DIF Hospitality & Travel working group co-chair, Alex Bainbridge) are testing whether users will want to design complex trips through AI conversation, and seeing what that reveals about the infrastructure required. But today, even if users embrace the concept, the agents hit a wall at checkout.

The agent needs to arrive at each merchant and prove: “I'm acting on behalf of verified user X, with authorization to spend up to $Y on travel between these dates, and here's cryptographic proof of payment capability. Complete the booking." All in one presentation. No account creation, no passwords, no credential exposure.

Traditional systems can't do this. They handle identity separately from payment. Authentication happens in one system (OAuth, SAML), payment authorization in another (card networks, bank verification). By the time you've manually intervened at every checkpoint, you might as well have booked the trip yourself.

Why Identity and Payments Are Converging

Without identity, payments lack security and accountability. Without payments, identity lacks transactional value. For autonomous agents, the two must be united.

The major financial players recognize this. Mastercard's Agentic Tokens combine identity verification with spending controls and include an audit trail of which agents acted. PayPal's architecture emphasizes W3C Verifiable Credentials (VCs) for all mandate structures, signaling convergence on open standards.

Even regulators are moving in this direction. By November 2027, financial institutions in Europe must accept EUDI wallet credentials for Strong Customer Authentication under PSD2 (EU payment rules)⁸. The wallet's architecture enables users to prove identity and authorize payments through device-bound cryptographic keys within a single interface. But it assumes a human with Face ID approving each transaction. For agents operating autonomously, you need delegation primitives the wallet doesn't have: spend limits, merchant constraints, time bounds, and the ability to prove “I'm authorized to spend up to €50 on groceries this week” without human approval for each purchase⁹.

As Andor Kesselman notes, “If you look at agent payment protocols, nearly all of them have identity as a fundamental layer.” The architecture is converging, but what's missing is the programmability of those credentials for autonomous use.

A Decentralised Approach

Centralized infrastructure hits a wall when agents need to transact across services that don't share a common identity provider. This is why organisations like NANDA (MIT) and AGNTCY (Linux Foundation) are building infrastructure for the “Internet of Agents”, solving how agents discover each other, verify capabilities, coordinate tasks and collaborate across platforms to solve complex problems.

Some organisations are specifically tackling KYA (Know Your Agent), providing agents with verifiable identities that create a trust layer for autonomous actions across AI ecosystems.

KYAPay gives agents a single portable credential that works across any merchant on the open internet. Instead of creating accounts at each site or storing credit cards, agents present one JWT token combining verified identity with payment authorization and scope-limited permissions, like spend limits, time bounds, and merchant constraints. This lets them pass through bot managers, login walls, and checkout pages without exposing credentials or waiting for human approval, as demonstrated in their prototype launch with Visa Intelligent Commerce.

Tokens alone though don't solve the problem of scale. As Dmitri Zagidulin, advisor to KYAPay and co-chair of the DIF Trusted Agents working group, explains, “when your agent interacts with airlines, hotels, and rental car companies that share no pre-existing trust relationships, each service would need to federate with every other, or route authentication through a universal provider everyone trusts. Neither of which scales globally”. This is why KYAPay includes upgrade paths toward Decentralized Identifiers (DIDs) and W3C VCs, for cryptographically-anchored identity that’s portable across platforms without requiring pre-negotiated federation. Unlike email addresses or OAuth client IDs that belong to specific providers, a DID is controlled by the entity it identifies.

MCP-I takes a complementary approach, extending Anthropic's Model Context Protocol with cryptographic identity and delegation layers. Like KYAPay, it builds on DIDs and VCs, but emphasizes real-time capability verification, checking at the moment of action whether an agent is authorized to perform a specific task. Delegations and revocations are verified at the network edge, and every agent action generates a signed audit receipt.

The Messy Reality

The technical infrastructure might be the easier problem. Agentic commerce rewrites fundamental assumptions about how digital commerce works.

Ecommerce media, advertising directly on platforms like Amazon and Walmart, hit $178.2 billion in 2025, surpassing total TV advertising for the first time¹⁰. Amazon, for example, generated $56.2 billion from advertising in 2024, its third-largest revenue stream operating at 20%+ margins¹¹. If agents bypass visual interfaces and algorithmic search ranking to optimize purely for user intent and price, this entire multi-billion dollar revenue model inherently loses value and faces disruption.

The conflict is already playing out in court. Amazon sued Perplexity AI in November 2025, over its Comet browser, alleging it “covertly accesses customer accounts" and “disguises AI activity as human browsing.” Perplexity countered that “Amazon wants to eliminate user rights so that it can sell more ads.”¹² If Amazon wins, it could force protocol developers to negotiate commercial terms with every major retailer, fragmenting the ecosystem and stalling adoption.

OpenAI's decision to introduce advertising to ChatGPT's free and Go tiers exposes a fundamental tension. As Daniel Kang, assistant professor of computer science at the University of Illinois, warns: “You might expect that the chatbot system will give you an unbiased recommendation, but it might give you an advertisement without disclosure.”¹³ It's the same conflict that transformed Google from "organizing the world's information” into a $307 billion advertising business.

Without open, interoperable protocols, agentic commerce either fragments into competing walled gardens or consolidates around platforms with the same ad-driven incentives it was meant to escape.

The Direction is Set

The infrastructure for verifiable agent transactions is being built. The Agentic Commerce Protocol, the Agent Payments Protocol, KYAPay, MCP-I, all provide technical foundations. But infrastructure may prove easier to upgrade than business models.

Advertising-dependent platforms are discovering their revenue conflicts with agents that optimize for users. Retailers are defending against autonomous access. And as one senior member of IEEE, Kayne McGladrey, remarked sarcastically: “There are absolutely no scams on the internet, and everything is true on the internet. And so this obviously will work really well with large language models.”¹³

Without cryptographic proof of identity and payment capability, agents navigating the open web face the same fraud vectors humans do, but at machine speed and scale, making regulators grapple with how to apply consumer protection frameworks to non-human actors.

The direction however does seem to be set. Identity-linked payment credentials will be the rails on which the agentic economy runs. The question is whether those rails will be open.

“Crucially, for this ecosystem to thrive, it must not become a walled garden.” - OpenID Foundation¹

Join the conversation:

Participate in DIF's Trusted AI Agents working group, currently exploring a wide range of novel approaches beyond today's MCP and A2A paradigms.
Give a read to the MCP-i docs to see a DIF-aligned extension module for the Model Context Protocol
For a more registry-based and policy-first approach, see ToIP's AI and Human Trust WG.

Building AI Trust at Scale — Series
← Previous in this series: Part 4 — Authorising Autonomous Agents at Scale
By DIF Ambassador Misha Deville
View all parts