Know Your Agent: How the Race to Authenticate AI Buyers Is Rewiring Payment Liability
A weak signal in financial services: while consumers debate whether AI agents will shop on their behalf, Visa, Mastercard and Google are quietly setting privately-owned authentication and dispute standards for agent-initiated payments, rewriting card-not-present liability ahead of regulators on a 2026 to 2028 horizon.
The consensus on agentic commerce is that AI buyers are coming and the open question is consumer adoption. The 2026 evidence sits below that: payment networks are racing to own the agent-authorization stack before regulators arrive. Agent-initiated transactions default to card-not-present rails with no merchant liability shift, so authentication and dispute economics are being rewritten in privately-set standards. The Bank of England, FCA and IMF have all flagged the gap inside ten weeks. The question is no longer whether agents pay, but who owns the trust layer through which they do.
Signal Identification
A regulatory pivot wrapped inside a capability disruption. Agents transacting semi-autonomously is consensus; the non-obvious shift is that authentication, identity and dispute architecture is being written by card networks ahead of supervisors, with the FCA, Bank of England and IMF arriving second.
What's Changing
The consensus framing: 2026 is the year banks move from AI "assistance" to "transactional authority", with Lloyds projecting about 100 million pounds in value from enterprise-wide agentic deployment this year (World Economic Forum, 23/02/2026). The non-obvious move sits below. On 5 March 2026 Mastercard and Google launched Verifiable Intent, an open-source framework binding consumer identity, agent instructions and outcome into a cryptographic audit trail, built on FIDO, EMVCo, IETF and W3C standards with consortium commitments from Fiserv, IBM, Checkout.com, Basis Theory and Getnet (PYMNTS, 05/03/2026).
The networks are wiring agentic AI into dispute and acceptance economics. Visa processed more than 106 million disputes globally in 2025, up 35 percent since 2019, and launched AI dispute-resolution alongside a Trusted-Agent-Protocol bill-pay tie-up with Ramp covering 50,000-plus corporate clients; Mastercard executed its first agentic payment in Hong Kong with HSBC, extending across the US, Australia and India (American Banker, 02/04/2026). Regulators arrived second: the FCA states it will be "considering whether change or development of regulation is needed to support agentic AI payments" (Financial Conduct Authority, 31/03/2026), and the FPC asked the Bank and FCA to draw out risks specifically (Bank of England, 01/04/2026).
Networks set the standards; regulators arrive second
Public-record sequence: PYMNTS, FCA, Bank of England, IMF (March-April 2026).
Disruption Pathway
The pathway runs three stages. First, network-set standards: Mastercard and Visa lock in privately-owned authentication and dispute protocols with consortium commitments before any regulator has consulted. Second, supervisory catch-up: the FCA, Bank of England and IMF describe the gap, and Bank of England staff frame the open question as whether a central authority should mandate agent identity rather than letting networks settle it privately (Bank of England Bank Underground, 21/05/2026). Third, liability reset: chargeback economics are rewritten through whichever trust layer becomes canonical.
Stresses concentrate at three points. Authentication: existing Know-Your-Customer and multi-factor architecture relies on explicit human action, exposed by probabilistic agents driving deterministic infrastructure (International Monetary Fund, 24/04/2026). Fragmentation: identity frameworks, protocols and communication layers are non-interoperable. Liability: merchants and issuers face chargeback exposure when an agent acts inside delegated authority but outside intent. Adaptations follow at two levels: operational, with networks proposing cryptographic intent-binding and Know-Your-Agent identity; and regulatory, with the FPC tasking the Bank and FCA to identify systemic externalities before private standards harden.
Why This Matters
For card networks, merchants, issuers, payments regulators and AI agent providers, the assumption to revise is that agentic commerce sits inside existing card-not-present economics. The binding constraint is not whether agents shop, but whose standard authenticates them and where the chargeback lands. Boards at acquirers, processors and merchant platforms should be deciding whether to adopt Verifiable Intent, build to a competing standard, or wait for supervisory clarity. Regulators face the mirror choice: set the trust layer themselves or accept a privately-owned one. The 2026 to 2027 window is decisive.
Decision-action posture for this signal: Prepare: standards are live but contested, supervisors have flagged but not legislated, and the architecture will be set in the next 12 to 24 months; capability investment belongs on the cycle now, with named triggers from the next FCA or FPC publication.
Counter-Argument
The strongest objection comes from the supervisor itself. The Bank of England's FPC judged that firms had not yet adopted agentic AI in a manner presenting systemic risk, described existing regulation as flexible and outcomes-focused, and asked the Bank and FCA to draw out risks rather than legislate (Bank of England, 01/04/2026). Network-set standards are how every payment innovation has scaled (3-D Secure, tokenisation, EMV); supervisors arrived second and the system absorbed each round.
Yet earlier cycles sat on human-initiated transactions where intent was visible and liability rules settled. Agent payments break both: intent is probabilistic and authorization is delegated. The FPC itself flagged that firms' private incentives could fail to internalise negative externalities such as a rise in payments fraud. A privately-set trust layer acceptable in normal times can compound stress in a tail event, the exact externality supervisors are paid to internalise.
Implications
Taken together the sources point to a durable reset of how authentication and liability are priced in card-not-present commerce, not a transient experiment. The inflection window is 2026 to 2028, defined by whether a network-set trust layer becomes the de facto standard before supervisors mandate an alternative. Winners own the agent-authorization layer and capture the dispute economics flowing through it. Losers are merchants and issuers locked into whichever standard becomes orphaned. The contest is shifting from consumer-facing agentic commerce to the infrastructure underneath.
Early Indicators to Monitor
- FCA publishes a discussion paper on agentic AI payments naming Verifiable Intent or a competitor.
- Bank of England and FCA publish the agentic-AI risks analysis the FPC asked for in March 2026.
- A major acquirer or issuer publicly adopts Verifiable Intent, or announces a competing trust layer.
- EU, Singapore, Hong Kong or India regulators publish their own Know-Your-Agent guidance.
- An agent-initiated chargeback case reaches a regulator or court and sets precedent.
Disconfirming Signals
- Agent-initiated transaction volumes remain trivial through 2026 to 2027.
- The FCA and Bank of England conclude existing card-not-present rules are sufficient.
- Verifiable Intent loses consortium partners or fails to gain merchant or issuer adoption.
- A public-good agent identity standard from a multilateral body (BIS, IMF, ISO) preempts network-owned trust layers.
- A major fraud or liability event causes networks to retreat from agentic payment standardisation.
Strategic Questions
- Should acquirers and issuers adopt Verifiable Intent now, or wait for supervisory clarity that arrives after the standard hardens?
- At what point do regulators move from monitoring agent-authorization standards to mandating an open, public alternative?
- Which merchants carry concentration risk if liability for agent chargebacks defaults to the merchant of record?
Keywords
Agentic payments; Know-Your-Agent; Verifiable Intent; card-not-present liability; payment authentication; agent identity; Mastercard; Visa; FCA agentic AI; Bank of England FPC; IMF payments; trust layer; dispute resolution; chargeback economics
Bibliography
Source tiers: Tier 1, governments, regulators and intergovernmental bodies. Tier 2, think-tanks, academic institutes, major consultancies and quality data providers. Tier 3, quality journalism and specialist trade press. Tier 4, vendor, company and practitioner sources, used only as directional corroboration.
- Tier 1 How Agentic AI Will Reshape Payments (IMF Note 2026/004). International Monetary Fund (24/04/2026).
- Tier 1 Record of the Financial Policy Committee meeting on 27 March 2026. Bank of England (01/04/2026).
- Tier 1 Regulatory Priorities: Payments (March 2026). Financial Conduct Authority (31/03/2026).
- Tier 2 Agentic commerce and the battleground for new payments infrastructure. Bank of England Bank Underground (21/05/2026).
- Tier 2 Emerging trends for 2026: banking enters the agentic era. World Economic Forum (23/02/2026).
- Tier 3 Mastercard Unveils Open Standard to Verify AI Agent Transactions (Verifiable Intent). PYMNTS (05/03/2026).
- Tier 3 US card networks accelerate bets on agentic AI. American Banker (02/04/2026).
Analyst inferences and editorial framing
Claim-fidelity self-disclosure. The "networks own the trust layer ahead of regulators" framing is analyst synthesis across IMF, FPC, FCA and Bank Underground. "Considering whether change or development of regulation is needed to support agentic AI payments" is verbatim from FCA (31/03/2026); the Know-Your-Agent framing is verbatim from Bank Underground (21/05/2026); "transactional authority" is verbatim from the World Economic Forum (23/02/2026), the single structural anchor. Quantification anchors (106 million disputes, 35 percent since 2019, 50,000-plus Ramp clients, 100 million pounds Lloyds value) trace to cited source key-claim text. The "standards first, supervision second" sequencing is analyst characterisation.