Agentic commerce: designing systems for delegated transactions

Agentic commerce introduces a structural change in how transactions are initiated and authorised. When AI agents are permitted to discover offers, compare alternatives and execute purchases on behalf of users, payment systems must evolve beyond static, one-time authorisation models.

For enterprises, the question is not whether agentic commerce will emerge, but whether current payment infrastructure can support delegated, programmable and continuously governed transactions. This article builds off of our previous one examines the architectural requirements that underpin agentic commerce and outlines how enterprises should rethink payment design in response.

From event-based payments to delegated authority

Traditional digital payments are event-based. A user initiates a checkout, confirms intent and authorises a transaction. The payment system validates the request, settles funds and records the result. Even recurring payments typically follow a predictable, predefined cadence.

Agentic commerce changes this pattern. AI agents operate within authorised boundaries and may execute transactions dynamically based on evolving conditions such as price thresholds, delivery windows or inventory changes. Salesforce describes this broader shift as moving from reactive to reasoning-based commerce systems, where agents plan and act across workflows rather than responding to isolated prompts.

In this environment, payment systems must support ongoing, conditional authority rather than isolated transaction events. This has significant implications for how consent, limits and controls are implemented.

Programmable authorisation and bounded execution

A foundational requirement of agentic commerce is programmable authorisation. Instead of approving each transaction manually, users must be able to define constraints within which an agent can operate.

Mastercard has framed this transition as intent-based commerce, where the system acts once the user’s objective and guardrails are established. Translating this into payment architecture requires support for variable recurring authorisations, capped spending envelopes and real-time revocation mechanisms.

From an engineering perspective, this means:

• Payment tokens and credentials must be bound to policy objects, not just accounts
• Authorisation engines must evaluate contextual variables against user-defined rules
• Systems must allow dynamic adjustments without full re-onboarding of payment credentials
  
  

These controls cannot exist solely at the interface layer. They must be enforced at the infrastructure level, ideally through policy engines that are auditable and deterministic.

Variable amounts and adaptive settlement

Agentic transactions are unlikely to be static. In many use cases, the final transaction amount may vary from initial estimates. Grocery baskets, usage-based services, dynamic pricing and marketplace fulfilment all introduce variability.

JP Morgan has noted that agent-driven commerce will require payment models that accommodate dynamic pricing and post-authorisation adjustments without reintroducing friction . Architecturally, this implies support for:

• Pre-authorised transaction ceilings
• Incremental capture flows
• Secure mechanisms for charging within approved limits
• Transparent reconciliation and user visibility

Systems that rely solely on rigid, single-capture card models may struggle in this environment. Instead, flexible authorisation frameworks and bank-based or programmable payment methods become more relevant.

Identity, authentication and traceability

Agentic commerce introduces a new actor in the transaction flow: the AI agent itself. While the user remains the principal, the agent becomes the executor. This raises identity and traceability considerations.

Mastercard’s developer guidance on agentic commerce emphasises the importance of secure authentication, transaction-level traceability and clear demarcation of agent-initiated flows. Engineering teams must ensure that:

• Agent identities are cryptographically bound to user accounts
• Delegated actions are logged with sufficient metadata
• Dispute processes can distinguish between human-initiated and agent-initiated transactions

This is not only a security requirement but also a regulatory and governance concern. Audit trails must remain robust even when execution is automated.

Fraud detection in an agent-driven context

Fraud models traditionally rely on behavioural signals derived from human interaction patterns, such as typing speed, device fingerprinting or navigation behaviour. Agentic commerce alters these baselines.

IBM highlights that agentic systems require new approaches to risk modelling because behaviour becomes more consistent, automated and potentially high-frequency. Fraud detection systems must therefore incorporate contextual policy validation alongside anomaly detection.

In practice, this means:

• Evaluating whether transactions fall within pre-approved parameters
• Monitoring deviations from declared intent rather than purely behavioural anomalies
• Integrating policy compliance checks into authorisation logic
  
  

Fraud prevention becomes more about verifying rule adherence than detecting irregular clicks.

Observability and real-time governance

Agentic commerce compresses the time between intent and execution. Systems must therefore provide real-time observability into authorisation decisions, spending thresholds and exception handling.

Google Cloud describes agentic retail as requiring coordination across systems in real time, with high reliability and low latency. For payment architecture, this translates into:

• Real-time event streaming and monitoring
• Immediate propagation of revocation or limit changes
• Strong consistency guarantees across distributed services

If a user revokes permission or adjusts a spending limit, that change must be enforced instantly across all execution pathways. Delayed propagation introduces risk.

Payment orchestration as a strategic layer

Agentic commerce increases the strategic importance of payment orchestration. Rather than simply routing transactions to the cheapest acquirer or the highest approval path, orchestration layers must account for policy compliance, delegated authority and variable capture flows.

McKinsey suggests that AI agents will reduce switching costs and increase transparency across suppliers. This increases competitive pressure on infrastructure quality. Payment systems that are composable and adaptable will integrate more easily into agent ecosystems.

For CTOs, this raises a broader question: is payment infrastructure treated as a fixed utility or as a programmable layer that can evolve alongside AI-driven commerce models?

Architectural principles for enterprise readiness

While implementation details will vary, several principles emerge for enterprises preparing for agentic commerce.

First, treat authorisation as a programmable construct rather than a binary approval event. Consent, limits and conditions should be expressible as policies that can be evaluated in real time.

Second, ensure payment credentials are tokenised and abstracted from front-end flows. Delegated execution depends on decoupling user interaction from transaction settlement.

Third, invest in strong auditability. Agent-initiated transactions must be attributable, explainable and reversible within defined governance frameworks.

Fourth, prioritise low-latency, highly available infrastructure. Agentic commerce amplifies the impact of downtime and inconsistent state.

These principles align with the broader industry view that agentic commerce represents an architectural evolution rather than a feature release.

Conclusion

Agentic commerce will introduce delegated execution into mainstream digital transactions. For enterprises, this shifts payment architecture from event-based processing to policy-driven infrastructure.

Developers and technical leaders must ensure that systems support programmable authorisation, variable transaction models, secure identity binding and real-time governance. Organisations that adapt early will be positioned to support agent-mediated demand without sacrificing control, transparency or compliance.

Agentic commerce does not eliminate the need for robust payment infrastructure. It increases it. The difference is that infrastructure must now accommodate autonomous decision-making while preserving trust and oversight at scale.

‍