As recent developments from OpenAI, Mastercard and Visa lay the groundwork for a future where AI agents can shop, compare and purchase goods on behalf of consumers, FStech news editor Alexandra Leonards explores the role financial institutions will play in this emerging ecosystem – the opportunities it could unlock, and the complex fraud challenges it may introduce as agentic commerce comes to life.

Rapid advances in practical agentic commerce – where AI systems act independently to make and complete purchases on behalf of users – have set the stage for a fundamental shift in online transactions. As 2025 draws to a close, the e-commerce landscape looks markedly different from the beginning of the year.

Since FStech spoke with Mastercard’s chief AI and data officer, Greg Ulrich, in the summer about the company’s ambitions in this space, the company – along with several other major players – has made significant progress.

In early October, Mastercard announced that, alongside payment platform PayOS, it had completed a transaction using an agentic token that enables AI agents to execute payments on behalf of users.

Two weeks later, Visa unveiled its Trusted Agent Protocol – a foundational framework for agentic commerce designed to establish secure communication between merchants and AI agents during transactions.

OpenAI has also moved decisively into this space with the launch of Instant Checkout, a feature allowing users to buy products directly within ChatGPT. Initially rolled out to US-based Etsy sellers and Shopify merchants in September, the service expanded last month through partnerships with Walmart and PayPal.

The PayPal agreement, which embeds PayPal’s digital wallet within the platform, represents a major step for OpenAI on its agentic commerce journey. The integration is expected to connect tens of millions of merchants to the platform by 2026.

“What distinguishes the PayPal–OpenAI move is its potential scale and openness: rather than a closed ecosystem limited to a single retail environment, this model is platform-agnostic, connecting potentially tens of millions of merchants across the web,” says Luca Russignan, deputy head of the Capgemini Research Institute for Financial Services. “It marks a potential shift from ChatGPT as a conversational platform to a commerce marketplace and cements PayPal as the underlying platform to enable payments.”

While the idea of an AI bot making autonomous payments might seem a step too far for UK consumers accustomed to strong authentication and visible checkpoints, recent research suggests that the public may be more receptive than expected.

A global study by Checkout.com found that 40 per cent of UK shoppers would be comfortable allowing agentic AI to manage routine purchases they consider “boring”, such as paying phone bills, buying groceries or ordering household essentials.

Research from Worldpay published last week also suggests that UK shoppers expect around seven per cent of their total online purchases to be made via AI agents by 2030 – potentially accounting for up to £29 billion in online spending.

Banks vs PayTechs

But beneath this rapid innovation lies a deeper competitive tension. As PayTechs and technology firms push ahead, traditional banks face the challenge of remaining relevant in a market increasingly defined by automation and AI decision-making.

Elias Ghanem, global head of the Capgemini Research Institute for Financial Services, says that progress from OpenAI and Mastercard is laying the foundation for the next leap in commerce – one where buying becomes delegated, automated and continuous.

When asked what role financial institutions might play in this new environment, he notes that many banks remain slowed by back-office inefficiencies, creating bottlenecks that limit their ability to adapt to an AI-driven payments landscape.

According to Capgemini research, while 41 per cent of banks report adopting generative AI technologies, 60 per cent of PayTechs have already integrated them across their operations.

“This highlights a critical innovation gap that becomes more pronounced in the agentic commerce era,” continues Ghanem. “Especially when we account for the fact that AI agents introduce new fraud risks and unresolved questions around liability: who pays when an agent commits fraud?

“Banks’ inability to scale beyond pilots and proofs-of-concept is widening the gap between what they can do and what merchants want.”

He cites onboarding as an example: traditional fraud detection systems were designed to recognise human behavioural patterns but struggle to adapt to AI-driven transactions.

“Banks must shift from monitoring individual human behaviours to understanding AI agent operations across multiple users and scenarios,” he explains. “Similarly, we will need new authentication models to support delegated authority, where users grant specific permissions to AI agents while maintaining transaction oversight and control.”

Ghanem says that PayTechs currently dominate this battleground – one reason why 40 per cent of small and mid-sized merchants are already considering switching providers due to faster onboarding and simpler integration, according to recent Capgemini research.

He argues that this highlights the urgency for banks to modernise and remain central to the evolving payments ecosystem. Control over authentication and tokenisation layers will ultimately determine who owns the customer relationship in agentic commerce and therefore who captures the greatest value. For banks, this makes the ability to issue trusted digital credentials and manage agent permissions a strategic imperative.

The rise of embedded AI checkouts will also shift consumer behaviour traditionally grounded in brand loyalty toward algorithm-driven decision-making, where price, reviews, delivery speed and inventory availability outweigh brand affinity.

“As a result, merchants will expect their financial institutions to deliver seamless, omnichannel and intelligent payment solutions. It is non-negotiable,” says Ghanem. “This also signals readiness for AI-mediated commerce relationships that prioritise efficiency and data-driven optimisation over traditional marketing approaches.”

James Fry, head of enterprise product at payments processor Worldpay, says that banks will remain central as issuers of payment credentials, risk managers and identity stewards.

“Agentic commerce creates new touchpoints where issuers can add value by approving agent permissions, issuing agentic tokens, and offering enhanced fraud detection and dispute resolution services,” he explains. “Banks that integrate with agent toolkits and provide clear consumer controls over agent permissions will be best placed to retain cardholder trust and capture value from new transaction flows.”

Fry adds that collaboration between merchants, token providers and platform operators will be essential to maintain liability frameworks and ensure regulatory compliance.

Yet as these ecosystems evolve, the same autonomy that powers convenience also opens new vectors for abuse. The next challenge is understanding how fraudsters may exploit agent behaviour in ways that current systems were never designed to detect.

Fraud and bad actors

Xavier Sheikrojan, director of risk intelligence at commerce protection platform Signifyd, says that OpenAI’s launch of Instant Checkout fundamentally changes how e-commerce operates.

“When a purchase happens entirely within an AI environment, retailers lose the visibility that they traditionally relied on to assess risk and understand buyer intent,” he explains. “As there’s no browsing data or device signals, and sometimes no clear record of shopper consent, it becomes far harder to detect fraud or resolve disputes when things go wrong.”

As with any emerging technology, the potential of agentic commerce is enormous – but so are the unknowns.

Worldpay’s James Fry warns that AI agents holding valid, tokenised credentials and acting under authorised permissions can appear legitimate to systems that rely solely on credential checks.

AI agents can also defeat controls designed to identify human patterns. While human shoppers leave distinct behavioural footprints, agents can mimic browsing habits, adjust their timing, and even solve CAPTCHAs, all while spoofing device identities and fingerprints.

They can also complete checkouts offsite or use stored, tokenised credentials, allowing them to bypass site-level rules such as velocity limits, high-value thresholds or bespoke merchant logic.

According to Signifyd’s Sheikrojan, fraudsters are already experimenting with synthetic agents that imitate legitimate activity, making it harder for legacy systems to distinguish good automation from bad. In essence, merchants will need to distinguish not only who is paying, but which AI is paying – and whether it is acting on legitimate instructions.

“If agents are compromised or misconfigured, they can submit high volumes of authorised-looking transactions that evade simple device or behavioural checks,” adds Fry. “That exposes merchants to fraud, chargebacks and fulfilment losses.”

To mitigate these risks, merchants must combine token verification with contextual signals such as agent source, irregular ordering patterns, speed checks, address verification and step-up authentication for high-risk transactions. Continuous calibration of fraud models to account for evolving agent behaviour will also be essential as malicious actors adapt.

Sheikrojan emphasises that for agent-led shopping to succeed, retailers and payment platforms must build new frameworks for accurate verification and trust – ensuring that innovation does not come at the expense of accountability.

Ultimately, retailers can no longer rely on traditional behavioural or device-based cues to determine whether a purchase is legitimate. Instead, they will need systems capable of identifying when an order is placed by an AI agent and verifying that it originates from a trusted source.

“This means working closely with the platforms facilitating purchases to establish shared standards for authentication, data sharing and accountability,” adds Sheikrojan. “Retailers should also start tagging and monitoring agent-led orders as a separate category, so they can see where new risks are emerging.”

In practice, effective safeguards may depend more on deeper intelligence than on added friction.

“The focus should be on validating the identity and intent behind every order – whether human or AI – using network data, historical context and strong verification layers that extend beyond the merchant’s own site,” continues Sheikrojan.

Fry agrees that retailers should apply the same layered security and verification principles used for payments to agent interactions.

“That means authenticating agents, validating tokens and consent, implementing robust rate limiting and transaction profiling, and ensuring product feeds are only accessible through authenticated APIs or signed schemas,” he says. “At Worldpay, we emphasise approaches such as agnostic vaulting, tokenisation and clear rules for liability and authentication so merchants retain control of customer credentials and can separate agent access from direct customer credentials.”

Adapting to autonomous transactions

As agentic commerce becomes reality, banks, issuers and regulators will need to adapt to this new environment for online transactions.

“Existing authentication models under PSD2 were built for human-initiated transactions, not autonomous ones,” says Sheikrojan. “This will likely also prompt the European Banking Authority to issue clarifications on delegated authentication under PSD3.”

New standards will be needed to define who applies Strong Customer Authentication, who holds liability and how compliance is maintained when the buyer is no longer directly present.

Global regulatory responses remain uneven. While Europe moves toward clarity under PSD3, comparable frameworks in the US and APAC are still nascent, raising questions about cross-border consistency and enforcement.

For financial institutions, agentic commerce presents an opportunity to design new types of payment infrastructure optimised for autonomous systems rather than human users.

“Agent-led transactions can open the door to smarter payment routing, faster settlement and more personalised credit or instalment options triggered automatically by an agent’s decision logic,” continues Sheikrojan. “There’s also a long-term data opportunity.

“Once retailers and banks can recognise agent-led orders, they gain a clearer picture of how purchases are made, which will help refine fraud models, pricing and customer experience strategies. But these benefits ultimately depend on visibility and trust.”

A long road ahead

Despite impressive progress – with the recent OpenAI–PayPal deal demonstrating just how mainstream agentic commerce is becoming – consumer hesitation remains.

According to Checkout.com, nearly half of consumers are concerned about losing control over what AI purchases on their behalf, while 40 per cent fear potential fraud or data misuse. As with most transformative technologies, widespread adoption will depend not only on convenience but on trust.

As payments become increasingly invisible – whether through agentic AI, Open Banking or embedded finance – the industry must ensure that every transaction remains both secure and transparent.

Financial institutions and payment platforms will serve as anchors of trust in this new landscape, helping to interpret AI agent behaviour, refine authentication models and safeguard identity. Yet, as competition from PayTechs intensifies, banks must also address back-office inefficiencies, accelerate technology investment and embrace collaboration to secure their place in the agentic commerce ecosystem.

Agentic commerce represents a profound shift in how value moves across digital channels. If managed well, it could redefine convenience, efficiency and personalisation in online payments. But the success of this transformation will hinge on the industry’s ability to balance automation with accountability – ensuring that as AI takes on greater autonomy, human trust remains at the centre of every transaction.

As agents learn to buy for us, financial institutions must decide whether they will remain passive enablers of those transactions – or active participants in shaping how AI spends our money.

---