Mastercard and Google have recently unveiled Verifiable Intent, an open-standard framework aimed at enhancing trust in AI-driven agentic commerce.

Designed to tackle the authorization and accountability issues that arise with AI systems executing transactions on behalf of consumers, Verifiable Intent offers a solution for scenarios where AI agents make purchasing decisions without real-time human oversight. As these autonomous actions become more frequent, the need for verifiable records of consumer instructions and conditions becomes increasingly important.

A cryptographic log of consumer authorization

Verifiable Intent operates by creating an unalterable record that connects identity, intent, and action into a single document. This framework provides a cryptographic proof of what consumers authorize when delegating tasks to AI agents, ensuring a common source of truth for all parties involved—consumers, merchants, and card issuers. Should disputes arise, a clear audit trail can be referenced, reducing reliance on potentially disputed or incomplete records.

This initiative is compatible with Google’s Agent Payments Protocol (AP2) and Universal Commerce Protocol (UCP), and its design is intended to be flexible enough to operate across various platforms, devices, wallets, and payment networks. For transactions where consumers remain present, Verifiable Intent confirms their approval of the shopping cart and purchase authorization. In more autonomous contexts, it offers merchants the necessary transparency to decide if additional confirmation is required before completing a transaction.

The specification leverages standards from the FIDO Alliance, EMVCo, the Internet Engineering Task Force, and the World Wide Web Consortium. Mastercard plans to enhance the framework by integrating Verifiable Credentials over time, making consumer authorizations more portable and explicitly cryptographically verifiable.

Privacy-focused design and open-source availability

To address privacy concerns related to data minimization, Verifiable Intent incorporates Selective Disclosure, a technique that restricts shared information to what is strictly necessary for specific purposes such as fraud prevention or dispute resolution. This approach avoids exposing broader transaction details.

The Verifiable Intent specification and an initial reference implementation are now open-source, available on GitHub and at verifiableintent.dev. API specifications and developer tools for integrating Verifiable Intent with Mastercard Agent Pay will be released in due course. The framework is expected to be directly integrated into Mastercard Agent Pay’s intent APIs soon, facilitating broader deployment.

In addition to consumer transactions, the framework has applications for machine-to-machine commerce, programmable money implementations, and cross-border business procurement scenarios where spending authority is delegated to automated systems. Several industry partners have shown support for this initiative, including Adyen, Checkout.com, Fiserv, Worldpay (now part of Global Payments), IBM, Basis Theory, and Getnet.

Mastercard continues its work with industry bodies to define additional standards for conversational AI in commerce. Verifiable Intent is presented as a key component enabling responsible and scalable agentic commerce deployments, underscoring the focus on consumer protection within these efforts.