Google introduced the Agent Payments Protocol (AP2), an open, payment-agnostic framework that lets AI agents securely initiate and complete transactions across platforms. Built to work alongside the Agent2Agent (A2A) protocol and Model Context Protocol (MCP), AP2 defines how authorization, authenticity, and accountability are handled when an agent triggers a purchase.

Why this matters

AI agents can now act on a user’s behalf, but most payment rails assume a human is pressing “buy.” AP2 addresses three critical gaps:

1. Authorization: cryptographic proof that a user empowered an agent to make a specific purchase.
2. Authenticity: assurance to merchants that an agent’s request reflects the user’s true intent.
3. Accountability: clear evidence to resolve fraud or errors.

The protocol is open and payment-agnostic, supporting cards, bank transfers, and stablecoins, so payments providers and merchants can interoperate without fragmenting the ecosystem.

How AP2 works: mandates + verifiable credentials

AP2 establishes trust with Mandates tamper-proof, cryptographically signed digital contracts backed by verifiable credentials (VCs):

1. Real-time purchases (human present): a user’s request is captured in an Intent Mandate; after review, approval generates a Cart Mandate that locks in items and price—creating an auditable, non-repudiable record from intent to payment.
2. Delegated tasks (human not present): users can pre-authorize rules (e.g., price caps, timing) via an Intent Mandate; when conditions are met, the agent can generate the Cart Mandate automatically.

This chain (intent → cart → payment) links the chosen payment method to verified cart contents and produces a clear audit trail.

Example experiences AP2 enables

1. Smarter shopping: agents watch for desired variants and auto-purchase within a user-set price limit.
2. Personalized offers: merchant agents can respond to user-shared context (e.g., trip dates) with bundled, time-sensitive deals.
3. Coordinated bookings: agents can finalize flight and hotel together once a combined budget is met.
4. Crypto and web3 support
5. AP2 is designed to secure a variety of payment types, including stablecoins. An A2A x402 extension developed with organizations such as Coinbase, Ethereum Foundation, and MetaMask offers a production-ready path for agent-based crypto payments, informing future AP2 crypto integrations.

Industry collaboration

Google says 60+ organizations are contributing to AP2’s direction, including payments networks, processors, platforms, and technology companies (e.g., Adyen, American Express, Ant International, Coinbase, Etsy, Forter, Intuit, JCB, Mastercard, PayPal, Revolut, Salesforce, ServiceNow, UnionPay International, Worldpay, and others). The broader ecosystem also includes companies across commerce, identity, developer tooling, and data streaming that expressed support for AP2’s goals of security, interoperability, and trust.

Google invites networks, issuers, merchants, technology providers, and end users to collaborate on AP2 in an open process, including through standards bodies. Many A2A agent partners plan to make AP2-enabled, transactable experiences available via an AI Agent Marketplace. Potential enterprise uses include agent-driven B2B procurement and license scaling. A public GitHub repository hosts the technical specification, documentation, and reference implementations, with regular updates planned.