Four agentic payments protocols, mapped: what AP2, ACP, UCP, and x402 actually solve
One protocol's flagship deployment already failed in production. Here's what each one actually authorises, and why that matters less than picking sides.
Why four agentic payments protocols exist for one problem that isn't one problem
By June 2026, four agentic payments protocols are live, partly overlapping, and routinely written about as if they're competing for the same ground. They aren't. AP2, ACP, UCP, and x402 split into three different layers of the same transaction: who authorised it, how the checkout actually executes inside a given interface, and how money moves when there's no traditional merchant relationship at all. Conflating the three is why so much coverage of agentic commerce reads like the same press release with a different logo pasted on top.
One of the four has already been pressure-tested in a large, real consumer deployment, and it failed within five months. That failure says more about how people actually want to shop than it does about any protocol's technical merits, which is the part most comparison posts skip entirely. What follows is a map of what each protocol actually does, what already broke, and the one decision that matters more than which acronym a business ends up integrating.
| Protocol | Built by / governed by | What it actually solves | Where it stood, June 2026 |
|---|---|---|---|
| AP2 | Google, donated to FIDO Alliance (Apr 2026) | Proves who authorised a purchase, via signed mandates | 60+ launch partners; payment-agnostic; no flagship failure yet |
| ACP | OpenAI and Stripe | Executes checkout inside a chat surface via tokenised payment | Flagship deployment (ChatGPT Instant Checkout) shut down Mar 2026, near-zero sales |
| UCP | Google, Shopify, Etsy, Wayfair, Target, Walmart | Covers discovery through post-purchase, over REST/A2A/MCP | Shopify opened public self-serve registration on 17 June 2026 |
| x402 | Coinbase | Machine-to-machine micropayments via revived HTTP 402 | Stablecoin-settled; deliberately skips checkout and authorisation |
AP2: proving who authorised the purchase, not moving the money
Google announced the Agent Payments Protocol (AP2) on 16 September 2025 to answer a narrower question than “how do agents pay for things”: how does anyone downstream of an AI agent's purchase prove a human actually authorised it? On 28 April 2026, Google handed governance of the spec to the FIDO Alliance, the body that already runs the WebAuthn and passkey standards. That move reads less like a product launch and more like an attempt to get AP2 treated as shared infrastructure rather than a Google product.
AP2's mechanism is three linked mandates: an Intent Mandate that records what the user actually asked for, a Cart Mandate that cryptographically signs the exact items and price the agent is about to commit to, and a Payment Mandate that ties an approved payment method to that verified cart. All three are W3C Verifiable Credentials, meaning they're signed, tamper-evident records rather than ordinary JSON sent over TLS. The protocol is deliberately payment-method agnostic, supporting cards, bank transfers, stablecoins, and other crypto rails without favouring any of them.
The underlying idea is familiar to anyone who has worked with electronic signature audit trails: prove that consent existed, in a verifiable and tamper-evident form, before anything happens downstream, rather than trying to reconstruct intent after the fact. FlowVerify's own audit trail does the same job for documents that AP2's mandates do for purchases; different domain, structurally the same problem.
AP2 launched with more than 60 partners, including Mastercard, PayPal, American Express, Adyen, Coinbase, Etsy, Intuit, Revolut, Salesforce, UnionPay International, and Worldpay. None of that is the same as adoption. AP2 itself never touches the money; it produces the paper trail that lets a card network, a bank, or a regulator reconstruct who agreed to what. That makes it foundational and, so far, almost invisible. Nobody writes a headline about a mandate that worked quietly.
ACP: checkout inside someone else's chat window
The Agentic Commerce Protocol (ACP), built by OpenAI and Stripe and open-sourced at agenticcommerce.dev, solves a different problem to AP2. It doesn't ask whether a purchase was authorised; it asks how an agent completes a purchase inside an interface, a chat window, that was never built to be a checkout page. ACP routes payment through Stripe's Shared Payment Token, a tokenised reference that lets an agent finish a transaction without the underlying card details ever passing through the model or the chat session itself.
The protocol's flagship surface was ChatGPT's Instant Checkout, which launched on 29 September 2025 with Etsy as a day-one merchant and an announced rollout to more than a million Shopify merchants. From 26 January 2026, OpenAI began charging a 4% transaction fee on completed purchases after an initial free period. On paper, this was the most ambitious agentic-commerce surface of the four: a consumer product with hundreds of millions of users, wired directly into one of the two largest e-commerce platforms in the world.
What happened when ACP's first big bet actually shipped
It didn't work. OpenAI quietly shut Instant Checkout down in March 2026, roughly five months after launch. Trade publication Digital Commerce 360 reported that fewer than a dozen of the supposedly eligible Shopify merchants had actually completed integration by the time the feature was pulled, despite the headline figure of more than a million merchants nominally covered. Sales through the feature were, by most accounts, close to zero.
The easy reading is that ACP, the protocol, failed. That's not quite right. ACP survives: OpenAI and Stripe continue developing the spec, and other surfaces built on it haven't been pulled. What failed was a specific bet about behaviour, that people who research a product inside a chat conversation will also want to pay for it there, rather than clicking through to a checkout page they already trust. Five months of evidence from Instant Checkout suggests they mostly didn't.
“Instant Checkout's flagship deployment didn't fail because the cryptography was wrong. It failed because almost nobody wanted to finish a purchase inside a chat window.”
That distinction matters for any business deciding whether to integrate ACP, UCP, or both. The protocol's checkout mechanics, tokenised payment, no exposed card data, hold up fine on their own terms. The open question is which interface, if any, customers will trust enough to actually complete a purchase in, and chat alone hasn't answered that question well yet.
UCP: the coalition protocol trying to outlast both of them
The Universal Commerce Protocol (UCP) arrived later and with a wider coalition behind it: announced on 11 January 2026 at the NRF retail show, co-developed by Google, Shopify, Etsy, Wayfair, Target, and Walmart, and endorsed by more than 20 further organisations including Adyen, American Express, Mastercard, Stripe, Visa, The Home Depot, Macy's, Best Buy, Flipkart, and Zalando. Stripe and Mastercard appearing on this list and ACP's at the same time isn't a contradiction; companies are hedging across more than one protocol rather than betting on a single winner this early.
UCP's scope is deliberately broader than ACP's: discovery, cart, checkout, order tracking, and post-purchase support, structured as a three-tier architecture, a transport-level shopping service at the base, a capability layer for things like checkout and identity linking, and reverse-domain-named extensions on top for anything merchant-specific. Merchants publish a manifest at a standard /.well-known/ucp path, and the protocol supports REST, Agent2Agent (A2A), and Model Context Protocol transports, plugging into the same wiring agents already use for tool calling rather than inventing a payments-only format.
The clearest signal of where UCP is heading came from Shopify, not Google. On 17 June 2026, as part of its Spring '26 Edition release, Shopify removed the approval gate on agent commerce entirely. Any developer can now register an agent profile in Shopify's developer dashboard and call the public MCP endpoint without anyone at Shopify reviewing the integration first. That's close to the opposite of how ACP's Instant Checkout rolled out, curated and dependent on a small number of headline merchant partnerships, and the contrast in approach is unlikely to be accidental.
x402: the payment piece most of this conversation forgets is also agentic
x402, from Coinbase, solves a problem that has nothing to do with shopping carts. It revives HTTP 402, the “Payment Required” status code that has sat unused in the HTTP specification since the 1990s, and gives it an actual job: a client requests a resource or an API call, the server responds with 402 and payment details instead of the content, the client pays, usually in a stablecoin such as USDC, and retries the request to get served.
There's no account creation, no API key, and no checkout flow, because x402 isn't built for a person buying a product. It's built for one machine paying another, per API call, per document, per inference, at a frequency and transaction size that human checkout flows were never designed for. The protocol explicitly stays out of full commerce-lifecycle and authorisation semantics; it's a settlement primitive that sits a layer below AP2, ACP, and UCP, not a competitor to any of them.
Most retail-focused coverage of agentic payments skips x402 entirely, because it isn't solving the version of the problem journalists are writing about. That's exactly why it's worth tracking separately. If AI agents end up paying each other for compute, data, or tool access at machine speed, x402-shaped infrastructure is closer to what that economy will actually run on than anything built for a human clicking buy.
The decision that actually matters more than the protocol
For most businesses deciding whether to integrate any of this in the next year, picking a protocol is the easy part. A Shopify merchant adding UCP support is largely a configuration exercise at this point; a SaaS company adding AP2-style mandate verification to an existing payment flow is an engineering task with a fairly bounded scope. The harder question none of the four protocols answer is what happens when an agent buys the wrong thing.
That gap is where the next year of agentic commerce will actually get decided, not in which acronym wins the press cycle. Whoever writes the first widely adopted dispute-resolution standard for agent-initiated purchases will end up mattering more than whoever wrote the cleanest mandate schema. Right now, nobody has.
Frequently asked questions
Related reading
An AI agent deleted PocketOS's production database in 9 seconds. Credential scoping was the real failure.
A Cursor agent found one unscoped API token and wiped a production database and its backups in nine seconds. The real failure was credential scoping, not the model.
Microsoft's seven new MAI models make a lot more sense once you read the OpenAI contract behind them
Microsoft shipped seven MAI models five weeks after a contract amendment capped what OpenAI owes it at $38 billion through 2030. Read the two events together and the launch looks like a hedge, not a roadmap milestone.
RBI's digital lending rules aren't a compliance patch. They're four permanent states in your loan engine.
RBI's digital lending framework reads like a disclosure checklist. In a loan-servicing codebase it's four states: who can touch the money, who's allowed on the platform, and two clocks it can't ignore.