The Agentic Commerce Revolution

For 30 years, digital commerce has been a destination. We “go to” a website, a marketplace, or an app. In this single, bundled environment, we handle discovery, comparison, and checkout. The entire architecture of the web, from product pages to payment gateways, is built on this assumption.

This assumption is now facing its first real challenge.

The agentic AI landscape is rapidly unbundling this entire process:

• Discovery is expanding from a search bar into a conversation. Tools like Shopify Magic, for example, are already turning simple support chats into discovery opportunities, guiding users to the right product conversationally.
• Comparison is shifting from a human-driven “20-tab” research process to an autonomous high-speed task. Klarna’s AI assistant already demonstrates this, autonomously comparing products, summarizing reviews, and finding cheaper alternatives—compressing a user’s manual research into a single query.
• Checkout is becoming a delegated, background API call. This final automated step—where the agent, not the human, finalizes the purchase—is precisely what breaks the assumption of human-present intent that our entire global payment system is built on.

This is not a distant future. A 2025 BearingPoint survey of over 320 C-suite executives suggests more than half of B2B sales will occur through conversational interfaces by 2028. When your customer is an AI, your website’s “user experience” is often bypassed. Your new front door is an API.

The Accountability Gap

This shift creates a fundamental accountability gap. The entire global payment system is built on the assumption that a human is present to provide intent, review a cart, and click “Buy.” When an autonomous agent initiates payment, that assumption breaks.

It also introduces a profound hurdle of consumer trust, raising the question of whether users will be willing to delegate this power at all.

These gaps—both technical and human—create fundamental questions that current systems cannot answer:

• Authorization: How can we verify that a user gave an agent specific authority for a particular purchase?
• Authenticity: How can a merchant trust that an agent’s request reflects the user’s true intent, free from errors or AI hallucinations?
• Auditability: How can we create a nonrepudiable chain of proof when a failure occurs, regardless of whether it stems from agent error or malicious fraud? How can a bank, a merchant, and a user all look at the same auditable record to determine what was authorized versus what actually happened?

Without answers, we’re building on assumptions rather than verification. The race to build the smartest agent has distracted the industry from the much harder problem: building a payment infrastructure that can trust them.

Two Philosophies to Solve for Trust

The accountability gap has forced a choice. With the old model broken, the industry is splitting into two distinct, divergent philosophies to solve for trust. This isn’t merely a technical debate but a strategic one about the direction of agentic commerce.

The two philosophies emerging focus on either immediate convenience or provable verification.

Philosophy 1: The conversational checkout (convenience first)

This approach, championed by OpenAI’s Agentic Commerce Protocol (ACP) and its partner Stripe, focuses on solving the most immediate problem: reducing friction for a human-present purchase.

• Its core goal: To convert a successful conversational recommendation into an immediate sale, without forcing the user to leave the chat.
• The analogy: The “in-chat impulse buy.” It’s the digital equivalent of placing a “Buy Now” button right in the middle of your conversation.
• How it works: It uses secure payment tokens (SPTs). When you agree to buy, the agent securely procures a single-use token from a provider (like Stripe) and passes it to the merchant. The agent never sees your credit card, and the merchant gets a secure payment for one specific cart.
• Best for: B2C ecommerce and simple human-in-the-loop transactions (e.g., “Find me that wallet on Etsy and buy it”).
• The limitation: It’s a “walled garden” optimized for a single, immediate, human-approved transaction. It is not designed for complex, autonomous, or “human-absent” tasks.

Philosophy 2: The autonomous trust layer (verification first)

This approach, championed by Google, Shopify, and a broad coalition of tech and retail partners, takes a foundational full stack approach.

While the Agent Payments Protocol (AP2) handles the secure handshake of money, the newly released Universal Commerce Protocol (UCP) standardizes the rest of the shopping lifecycle, including discovery, inventory, cart negotiation, and fulfillment.

• Its core goal: To create a universal “operating system” for agentic commerce. Unlike the walled-garden approach, UCP and AP2 function like HTTP and SSL for the AI era: UCP provides the common language for agents to read catalogs and build carts, while AP2 provides the cryptographic security to pay for them.
• The analogy: The “corporate purchase order” for AI. It creates a formal process for authorization, documentation, and verification that can be audited by any party (a bank, a merchant, a regulator).
• How it works: It relies on verifiable digital credentials (VDCs) to handle both human-present and autonomous scenarios:
  • Human not present: For autonomous tasks, the user signs an Intent Mandate (preapproved rules, e.g., “buy these sneakers, under $300”) upfront. The agent uses this presigned authority to execute the purchase without waking the user.
  • Human present: For high-stakes decisions, the user can review the specific items and cryptographically sign a Cart Mandate, providing a verified “final click.”
    
    UCP standardizes how these mandates are passed between the agent and the merchant, creating a nonrepudiable chain of proof without the merchant needing to integrate with a specific model provider.
    
• Best for: B2B procurement, high-value transactions, regulated industries, and complex “human-absent” tasks (e.g., “Execute this multipart supply order when my inventory drops below 10%”).
• The limitation: It’s an open, complex ecosystem. Its adoption relies on a massive “chicken-and-egg” problem: Merchants, banks, and agent developers all need to adopt these open standards to make the network effect kick in.

Beyond Plumbing: The New Application Layer

While the protocol debate is important, it’s just the plumbing. The protocols solve the how (secure trust), but the real complexity lies in the what. The true significance of these frameworks is how they unlock this “application layer” to handle ambiguity, negotiation, and complex tasks in a way that is finally production-ready.

First, these frameworks solve the “Tokyo penthouse” problem by replacing blind trust with an interactive approval loop.

The common fear is giving an agent an autonomous $15,000 Intent Mandate for a vague vacation. It’s a fear that stems from treating the agent like a magical all-or-nothing button rather than a collaborative tool. It assumes we would blindly trust it with a high-stakes ambiguous task, ignoring the same common-sense review steps we’d use with a human assistant.

Want Radar delivered straight to your inbox? Join us on Substack. Sign up here.

Instead, the process is a collaboration between the agent and the user:

1. Soft planning: The agent’s application does the flexible, creative work: “I’ve drafted an itinerary for $14,800. It includes your flights, a 4-star hotel, and that sake distillery tour you mentioned. Would you like to review and approve this?”
2. Human review: The user then reviews and refines this plan.
3. Hard verification: Only when the user gives final, explicit approval does the protocol (the mandate) come into play. The agent generates a final, unambiguous Cart Mandate for the specific hotel and airline, which the user cryptographically signs.

This is the key: The agent’s soft intelligence is thus anchored by the protocol’s hard verification.

Second, this new trust layer unlocks capabilities that were previously impossible, like true agent-led price optimization. This highlights a fundamental difference between the two philosophies.

• The conversational checkout (ACP) model is a price-taker. It’s simply a secure token to buy a specific item at its current price.
• The autonomous trust layer (AP2) model is a price-optimizer, specifically when acting autonomously. An Intent Mandate for “these shoes, under $100” is a verifiable letter of authorization.

This mandate empowers the agent to act on your behalf. It can hunt for sales, query multiple vendors, or wait for a price drop. It has the provable authority to execute the purchase if, and only if, it meets the signed constraints—all without needing to bother the user for a final “click.”

Third, and perhaps most strategically significant, is the battle for data sovereignty: The app store versus the open web.

The architecture you choose dictates who owns the customer relationship.

The conversational checkout (ACP) model leans toward an app store philosophy. To participate efficiently, the incentive structure encourages merchants to upload their catalogs and inventory logic directly into the AI platform’s ecosystem. The agent becomes the primary interface, and the merchant becomes a fulfillment node. It offers incredible distribution, but at the cost of commoditization.

The autonomous trust layer (UCP + AP2) defends the open web model. UCP does not ask you to upload your catalog to a central AI authority. Instead, it provides a standard way for you to expose your inventory and logic on your own infrastructure (via a standard /.well-known/ucp discovery endpoint).

In this model, the agent “visits” your API just as a browser visits your website. It negotiates capabilities in real time by asking questions like “Do you support loyalty points?” or “Can you ship to Alaska?” This ensures that even in an AI-first world, the business remains the merchant of record, retaining full control over pricing, presentation, and the customer relationship.

Finally, for architects, the most critical takeaway is how these protocols drive a fundamental decoupling of the commerce stack.

This decoupling breaks the traditional, monolithic approach, where one inflexible application bundles a fast-moving conversational layer, a product catalog, and a slow-moving secure payment vault. This all-in-one model creates an unworkable development conflict.

The future stack solves this by composing three separate services, using the protocols as their secure communication layer:

1. The conversational layer: The agent itself, built for creativity and speed
2. The payment vault: A hardened, separate service for credentials and mandates
3. The merchant API: The machine-readable, queryable catalog

This separation of concerns is the core architectural takeaway. It allows your conversational layer team to move fast and innovate, while your payment vault team can remain slow, secure, and methodical. The protocols provide the verifiable handshake between them.

The C-Suite Call to Action

This shift is happening now. A wait and see approach is not a neutral strategy because it carries the immense risk of being structurally outpaced. This new reality demands immediate, parallel action across the C-suite.

For the CTO and head of engineering, the directive is to prepare for a “headless” future. The traditional website, meticulously designed for human eyes, is on the path to becoming a legacy channel.

Their new front door will be a machine-readable API. While UCP currently offers the most comprehensive blueprint for this—handling inventory, real-time pricing, and fulfillment in a standardized format—the core imperative is architectural decoupling. They must begin separating their commerce logic from the visual frontend now. This ensures the business is ready to serve an autonomous B2B agent (via UCP) or feed a conversational platform (via ACP) without rebuilding the stack for every new model.

This engineering shift is useless without a marketing counterpart. The CMO and head of marketing must begin solving the problem of “agent SEO.” This isn’t a battle for keywords but a new discipline focused on making a brand’s products and reputation perfectly machine-readable. Their new battleground is the structured data, verifiable reviews, and precise product attributes that an agent can parse. When an agent is the new gatekeeper, visual appeal and advertising copy become secondary. They are no longer competing for the #1 spot on a Google search page but for the #1 unambiguous recommendation from a trusted agent.

Finally, the CFO and head of commerce must prepare the business to operate in this new two-speed world. Their risk, fraud, and compliance systems are about to split. They will need one model for high-volume, low-friction “conversational checkouts” (the ACP-style) and a second, more robust, auditable model for high-value B2B “autonomous purchases” (the AP2-style). This will fundamentally change their reconciliation and risk-modeling processes.

Conclusion: The Real Battle Isn’t the Protocol

Any debate between ACP, AP2, and UCP and which protocol is “best” misses the point. We aren’t witnessing a zero-sum competition but a market evolving into necessary parallel models. While the technical depths of UCP deserve their own analysis, its existence alone confirms that the architecture of commerce is decoupling.

These protocols provide the foundational solution to trust, but they are ultimately just the plumbing. The real winners will be the businesses that look beyond the specs and recognize this as an organizational challenge, not just a technical one. Success belongs to the teams that can break down internal silos, enabling the CTO, CMO, and CFO to execute a single, unified agent-first strategy.