For 20 years, payment security treated bots as the enemy. Agentic commerce just flipped that assumption upside down.

Over the last year, agentic commerce has shifted from a conference concept to reality. Visa enrolled local banks in its Agentic Ready programme, Mastercard unveiled Agent Pay, and OpenAI and Stripe integrated Instant Checkout. By March 2026, Mastercard and Google open-sourced Verifiable Intent. The underlying premise is elegant: an AI agent acts for you, and the payment just happens.

McKinsey projects AI agents could mediate between $3 trillion and $5 trillion in global agentic retail commerce by 2030. But removing the human loop creates an entirely new attack surface. When a human is no longer in the room, how do we know an autonomous agent is doing what the customer actually asked for?

The great inversion

Almost every cyber defence we’ve built rests on a single assumption: humans are legitimate, and automation through bots is suspect. CAPTCHAs, rate limits, and behavioural biometrics exist to block automated traffic.