Skip to content
Agent Payments Protocol Logo

Agent Payments Protocol (AP2)

What is AP2?

Agent Payments Protocol (AP2) is an open protocol for the emerging Agent Economy. It's designed to enable secure, reliable, and interoperable agent commerce for developers, merchants, and the payments industry. The protocol is available as an extension for the open-source Agent2Agent (A2A) protocol, with more integrations in progress.

Build agents with ADK Logo ADK (or any framework), equip with MCP Logo MCP (or any tool), collaborate via A2A Logo A2A, and use AP2 Logo AP2 to secure payments with gen AI agents.

Why an Agent Payments Protocol is Needed

Today’s payment systems assume a human is directly clicking "buy" on a trusted website. When an autonomous agent initiates a payment, this core assumption is broken, leading to critical questions that current systems cannot answer:

  • Authorization: How can we verify that a user gave an agent specific authority for a particular purchase?
  • Authenticity: How can a merchant be sure an agent's request accurately reflects the user's true intent, without errors or AI "hallucinations"?
  • Accountability: If a fraudulent or incorrect transaction occurs, who is accountable—the user, the agent's developer, the merchant, or the issuer?

This ambiguity creates a crisis of trust that could significantly limit adoption. Without a common protocol, we risk a fragmented ecosystem of proprietary payment solutions, which would be confusing for users, expensive for merchants, and difficult for financial institutions to manage. AP2 aims to create a common language for any compliant agent to transact securely with any compliant merchant globally.

Core Principles and Goals

The Agent Payments Protocol is built on fundamental principles designed to create a secure and fair ecosystem:

  • Openness and Interoperability: As a non-proprietary, open extension for A2A and MCP, AP2 fosters a competitive environment for innovation, broad merchant reach, and user choice.
  • User Control and Privacy: The user must always be in control. The protocol is designed with privacy at its core, using a role-based architecture to protect sensitive payment details and personal information.
  • Verifiable Intent, Not Inferred Action: Trust in payments is anchored to deterministic, non-repudiable proof of intent from the user, directly addressing the risk of agent error or hallucination.
  • Clear Transaction Accountability: AP2 provides a non-repudiable, cryptographic audit trail for every transaction, aiding in dispute resolution and building confidence for all participants.
  • Global and Future-Proof: Designed as a global foundation, the initial version supports common "pull" payment methods like credit and debit cards. The roadmap includes "push" payments such as real-time bank transfers (e.g., UPI and PIX) and digital currencies.

Key Concept: Verifiable Credentials (VCs)

The Agent Payments Protocol engineers trust into the system using Verifiable Credentials (VCs). VCs are tamper-evident, cryptographically signed digital objects that serve as the building blocks of a transaction. They are the data payloads that agents create and exchange. There are three primary types:

  • The Intent Mandate: This VC captures the conditions under which an AI Agent can make a purchase on behalf of the user, particularly in "human-not-present" scenarios. It provides the agent with authority to execute a transaction within defined constraints.
  • The Cart Mandate: This VC captures the user's final, explicit authorization for a specific cart, including the exact items and price, in "human-present" scenarios. The user's cryptographic signature on this mandate provides non-repudiable proof of their intent.
  • The Payment Mandate: A separate VC shared with the payment network and issuer, designed to signal AI agent involvement and user presence (human-present or not) to help assess transaction context.

These VCs operate within a defined role-based architecture and can handle both "human-present" and "human-not-present" transaction types.

Learn more in Core Concepts.

See it in action

  • Human Present Cards

    A sample demonstrating a human-present transaction using traditional card payments.

    Go to sample

  • Human Present x402

    A sample demonstrating a human-present transaction using the x402 protocol for payments.

    Go to sample

  • Digital Payment Credentials Android

    A sample demonstrating the use of digital payment credentials on an Android device.

    Go to sample

Get Started and Build with Us

The Agent Payments Protocol provides a mechanism for secure payments, and it's part of a larger picture to unlock the full potential of agent-enabled commerce. We actively seek your feedback and contributions to help build the future of commerce.

The complete technical specification, documentation, and reference implementations are hosted in our public GitHub repository.

You can get started today by:

  • Downloading and running our code samples.
  • Experimenting with the protocol and its different agent roles.
  • Contributing your feedback and code to the public repository.

Visit the GitHub Repository