The Payment Expert Podcast is joined by author and advisor David Birch to discuss what changes about security and trust once an AI agent, rather than a person, makes the purchase
In the latest episode of the Payment Expert Podcast, David Birch, author, advisor and commentator on digital financial services, argues that the move from human to machine-initiated payments rests on a problem the industry has never fully solved: knowing who – or what – is on the other end of a transaction.
Birch says fraud is already out of control before agents even enter the picture, and, as of yet, there is no proper digital identity infrastructure underpinning online commerce.
Most security today is probabilistic – systems scoring whether a login “looks a bit like Dave” rather than confirming that it is. Emerging tools such as the EU Digital Identity Wallet and mobile driving licences move things closer, he notes, but the gap is real.
Identity: Two new questions in the loop
Agents, Birch argues, add two questions a card transaction never had to answer. First, what is this agent – a service, or a tampered-with copy? Second, what is it allowed to do, and on whose behalf?
Answering either needs infrastructure that does not yet exist. Nobody, he says, will build a single global database of every agent, its code hashes and its permissions; the world will be more distributed than that.
Standards are beginning to coalesce – Google‘s Agent Payments Protocol (AP2) uses W3C verifiable credentials to carry signed proof of intent – but the framework to check those signatures, the equivalent of a certificate authority, is still missing. In the meantime, Birch notes, some large acquirers are building interim databases of agents for merchants to reference.
A three-layer stack
Birch distils agentic commerce as three layers: a demand layer which captures intent and context; a discovery and trust layer that establishes who is supplying what and whether they can be trusted; and an execution layer where payment happens.
Standardisation is needed at all three, he says – and the payments layer is the easiest.
“If you know who everybody is in a transaction, the payments are actually not that complicated,” he says. Get the trust layer right and much of the friction disappears.
He is wary of agents that simply log in as the user – a route merchants dislike, since it bypasses everything they built their checkout to do and pushes discovery toward a price-only race to the bottom.
“We don’t want agents pretending to be people,” he says. “We want agents being agents and showing that they have the appropriate credentials.”
On payments themselves, Birch sees card tokens as a workable interim standard, with alternatives such as the newly announced Open USD stablecoin consortium widening the options – and letting agents negotiate the cheapest rail in milliseconds.
The latest episode of the Payment Expert Podcast is available now on Spotify, YouTube, Apple Podcasts, and all major podcast platforms. Subscribe to the Payment Expert newsletter to make sure you don’t miss an episode.