Everyone Is Building Rails for Agents. Nobody Is Building the Safety Net for Merchants.
The agentic payments stack is agent-centric by design. When a bot-initiated transaction goes sideways, merchants eat the chargeback. That liability gap is the real systemic risk nobody is pricing in.
The One Thing That Matters Today
Three separate infrastructure moves landed in the same week in mid-March — Stripe's Tempo blockchain went live on mainnet with the Machine Payments Protocol, Visa launched Intelligent Commerce Connect, and Mastercard closed the BVNK acquisition. Everyone covered that race. Almost nobody covered the asymmetry underneath it: all three moves are designed to make agents more capable of initiating payments. None of them solve what happens when an agent-initiated transaction triggers a dispute. Merchants hold that bag, exactly as they have in every prior wave of "frictionless" checkout. The agent payments stack is being built for the agent. The liability architecture is still built for the human checkout era. That gap is the most underpriced risk in agentic commerce right now — and it's about to get very expensive for a very large number of merchants.
What Happened (and Why It Matters)
Stripe's Tempo blockchain launched mainnet on March 18 alongside the Machine Payments Protocol (MPP), a co-developed standard that lets AI agents pay for services autonomously in USDC — no human approval required at each step. Visa and Lightspark immediately extended MPP to support cards and Bitcoin Lightning respectively. A live payments directory launched with 100+ compatible services. (The Defiant) The speed of that ecosystem adoption signals MPP is being taken seriously as rail infrastructure — but the protocol is agent-facing. It says nothing about merchant chargeback liability when agent-initiated orders go wrong.
Visa launched Intelligent Commerce Connect on April 8, a protocol-agnostic platform supporting Visa's Trusted Agent Protocol, Stripe's MPP, OpenAI's Agentic Commerce Protocol, and Google's Universal Commerce Protocol through a single integration, with AWS, Expedia Group, and Intuit already on as pilot partners. (ByteIota) This is Visa's most explicit play to become the interoperability layer across competing agent protocols. [Editor's take: This is smart positioning. Being the hub between protocols costs less than winning the protocol war.]
GR4VY published a ground-level merchant explainer on agentic payments that is the most honest piece I've read this year. Key line: "Regulation around agentic payments is still undefined. When fraud occurs, responsibility is unclear. Is it the agent platform, the wallet, the payment provider, or the merchant? History suggests merchants will bear much of the burden until rules catch up." (GR4VY) This is the merchant-side reality that the protocol press releases omit entirely.
The Consumer Bankers Association's Agentic AI Symposium white paper, published in January but now circulating widely, is explicit about the liability problem: "Merchants might face chargeback liability even if the consumer authorized the agent to make purchases, because chargebacks are typically liability-neutral for issuers but generate significant costs for merchants." It also flags that agentic agents generating high-volume price-monitoring traffic could overrun merchant infrastructure. (CBA Symposium PDF) The banking industry knew this was coming in January. The payment protocol developers apparently didn't read the memo.
Forrester updated its B2C agentic payments state-of-play, noting the flurry of announcements continues but flagging that the trust layer — not the rail layer — is the actual bottleneck to mainstream merchant adoption. (Forrester) Translation: protocols are shipping. Merchant confidence is not.
Checkout.com published analysis on chargeback exposure in agentic commerce, noting global dispute volumes are forecast to grow 24% between 2025 and 2028 largely due to card-not-present transactions — and that agent-mediated checkout will intensify that pressure significantly. (Checkout.com) That 24% is before the agent-commerce wave has even hit meaningful scale. What does that number look like in 2027?
eMarketer put the structural tension clearly: "AI agents will shift payment choice from consumer preference to cost optimization. Payment providers must build the trust layer that enables agentic commerce to scale." (eMarketer) Payment choice shifting to cost optimization is a feature for large merchants with negotiating leverage. It's a liability for smaller merchants who end up price-matched by an agent and then hit with a chargeback when the consumer disputes it anyway.
The Bet
[Editor's take — this is opinion grounded in the sourced facts above.]
The agentic payments infrastructure race is real and the momentum is genuine: Tempo/MPP going live on mainnet with 100+ services in the directory on day one is not a press release, it's a functioning ecosystem. Visa threading its interoperability layer across four competing protocols in one product is a real moat-building move. I'm not bearish on the rails getting built.
What I am bearish on is the assumption that merchant adoption will follow automatically once the agent-side stack matures. It won't. The chargeback liability gap is a structural deterrent that no amount of protocol elegance resolves. Merchants don't care if the agent is authenticated at the Visa Trusted Agent Protocol layer — they care who eats the $200 dispute when that authenticated agent bought a product the consumer later claims they never authorized. Until there is a clearly defined liability framework that extends accountability upstream to the agent platform or wallet provider, mid-market and high-risk merchants will either block agent traffic or add enough friction to defeat the "autonomous" value proposition entirely.
The company I'm watching most closely here isn't Visa, Stripe, or Mastercard. It's whoever builds the merchant-side KYAI layer — the equivalent of what Signifyd and Forter did for card-not-present fraud, but purpose-built for agent-originated transactions with traceable authorization chains. Signifyd is already framing agentic commerce fraud as its next product surface. VendoServices is writing about KYAI frameworks specifically for high-risk merchant dispute defense. That category — agent-aware fraud and dispute infrastructure — is the most undervalued layer in the entire stack right now. The window to build it is open. It won't stay open long once the first wave of agent-driven chargeback spikes makes the problem impossible to ignore.
Counter-Consensus
The consensus view is that the agentic payments bottleneck is a protocol interoperability problem — too many competing standards (x402, AP2, MPP, UCP, ACP), not enough shared infrastructure — and that once the Linux Foundation's x402 Foundation or Visa's multi-protocol hub resolves the fragmentation, adoption accelerates. But that framing assumes merchants are waiting on the protocol layer to mature. They're not. The GR4VY analysis, the CBA white paper, and the Checkout.com chargeback data all point to the same conclusion: merchants are waiting on the liability layer to mature. A merchant doesn't need fewer protocols. They need to know who is legally responsible when an autonomous agent buys $10,000 of inventory and the human behind the agent disputes the transaction 45 days later. No amount of protocol standardization answers that question. The real adoption unlock is regulatory clarity on agent-initiated transaction liability — and that's a 2027 problem at earliest.
From the Community
- r/ycombinator — "What's the state of Agent Payments? Agent to Agent Autonomous...": Builders discussing the current reality that most production agentic payment solutions still require human approval loops, undermining the "autonomous" pitch. The thread captures the gap between the press release version of agentic payments and the integration reality on the ground. (Reddit)
Research & Papers
"SoK: Blockchain Agent-to-Agent Payments" (arXiv, April 2026) — Proposes a lifecycle model for blockchain-based AI agent payments covering discovery, authorization, execution, and accounting across heterogeneous systems. Systematizes the design space across current protocols. Worth reading as a map of where the technical assumptions break down — specifically at the authorization and accounting layers, which map directly to the chargeback liability problem. (arXiv:2604.03733)
"Hardening x402: PII-Safe Agentic Payments via Pre-Execution Metadata Filtering" (arXiv, April 2026) — Flags that x402 payment requests embed PII (resource URLs, descriptions, reason strings) in HTTP headers transmitted to payment servers and the Coinbase facilitator API before any on-chain settlement — and that neither party is typically bound by a data processing agreement. This is a GDPR exposure vector hiding inside an otherwise clean protocol design. Merchants processing European traffic need to read this before enabling x402 endpoints. (arXiv:2604.11430)
Sources
- Tempo Goes Live on Mainnet, Machine Payments Protocol — The Defiant
- Stripe-backed Tempo releases AI payments protocol — Fortune
- Stripe's AI Payments Protocol Signals Machine-To-Machine Commerce Era — Forbes
- Visa Launches Intelligent Commerce Connect — ByteIota
- Agentic payments in 2026: what merchants need to understand — GR4VY
- CBA Agentic AI Symposium White Paper — Consumer Bankers Association
- Agentic Payments In B2C Commerce: Where We Are Now — Forrester
- Chargebacks in agentic commerce — Checkout.com
- Agentic Commerce and Payments 2026 — eMarketer
- What is Agentic Commerce Fraud? — Signifyd
- How AI Agents Will Rewrite Payments Strategy for High-risk Merchants — VendoServices
- SoK: Blockchain Agent-to-Agent Payments — arXiv
- Hardening x402: PII-Safe Agentic Payments via Pre-Execution Metadata Filtering — arXiv
- What's the state of Agent Payments? — Reddit/ycombinator
Agentic Payment · April 20, 2026 · agenticpayment.forum Sources linked inline. Facts are sourced; opinions are labeled. Not financial advice.