Posted: June 01, 2026 | Updated: June 01, 2026 at 11:25 AM
E-commerce is shifting from human customers to automated, machine-based agent buyers. This disruption in the e-commerce industry calls for a complete restructuring of policies on fraud, checkout, and liability models that merchants rely on. Machine customers are AI programs authorized by the user that can autonomously search, negotiate, and execute purchases without human intervention. On the other hand, agentic commerce refers to an ecosystem where AI agents interact directly with merchant APIs and payment networks to complete shopping workflows.
Traditional e-commerce checkout flows are designed to block automated AI agents. They require humans at every phase, from visually appealing checkout interfaces to multi-factor authentication. With the steady rise of agentic commerce, the rules of legitimacy in online purchases need a complete overhaul.
Machine customers strip away the need for visual branding; the entire process from wanting a product to paying for it relies on a high-intent moment when the customer communicates to the AI agent that they want to purchase something. This means that merchants must shift their focus from optimizing websites for visual appeal to optimizing them for machine-readability.
Checkout policies are designed to flag automated, high-speed purchasing behavior as “malicious” bot activity. Such merchants currently risk losing a major share of customers purchasing via agentic commerce. To solve this, American Express recently launched the Agentic Commerce Experiences (ACE) Developer Kit in April 2026. It established the first major closed-loop framework that allows AI agents to prove their identity and human intent.
Agentic commerce can be simply understood as AI agents searching, navigating, and making purchases on behalf of a human user. Legacy checkout refers to a standard web-based shopping cart. It relies on UI navigation, cookies, manual typing, and human-in-the-loop fraud checks. In agentic commerce, the human user gives their AI agent a budget and a goal, and the AI executes the entire transaction from discovery to checkout across merchant APIs. This happens via delegated authentication. Delegated authentication is the process by which a human legally and securely transfers purchasing power to their AI agent.
Traditional fraud prevention relies on behavioral biometrics, such as typing speed and mouse patterns. When AI agents interact with these legacy checkout interfaces, these systems flag them as “malicious bots” because they act instantly and lack human behavioral patterns. CAPTCHA and active 3D Secure challenges completely block agentic transactions because they require a human to identify pictures or enter one-time passwords, stalling an autonomous workflow.
This technology speeds up the checkout process. However, it creates fragmentation across multiple sessions. This is because AI agents do not rely on cookies or site settings; they constantly jump between API calls, making it difficult for the merchant to track the customer journey using traditional market analytics. Also, merchants are forced to build custom API bridges for different AI agents, such as ChatGPT or Gemini. This creates an unsustainable engineering burden on the merchant’s infrastructure. Moreover, these bridges break repeatedly every time the AI model updates.
In April 2026, Amex released its ACE Developer Kit, aimed at resolving the false flagging of authorized AI agents on human-designed merchant checkout interfaces. The Amex ACE Developer Kit is a suite of five integrated services built by American Express. With its ability to verify AI agents, validate human intent, and process autonomous payments securely, it can change the landscape of agentic commerce forever.
The Amex ACE Developer Kit provides a closed-loop network for e-commerce. This means the payment system, i.e., Amex, single-handedly operates the whole ecosystem. It acts as the card issuer, the payment network, and the acquirer, which grants full visibility into both the consumer and merchant sides of a transaction. It functions as different entities, such as Agent Registration, Payment Credentials, and Cart Context.
Agent Registration ensures that only verified, secure AI agents can access payment networks, protecting merchants from malicious bots attempting mass fraud. You can think of Agent Registration as a digital bouncer that verifies an AI agent before allowing it to proceed with the transaction. On the other hand, Payment Credentials is meant to allow cardholders to securely link their Amex cards to their AI agents. This establishes a trusted billing relationship without handing raw sensitive information, such as credit card numbers, to third-party developers.
Cart Context is a digital guardrail that prevents the AI agent from purchasing irrelevant products. It allows the AI agent and merchant to share and lock the basket details before proceeding with the transaction, ensuring the agent is purchasing exactly what the human user wanted. Since Amex is a closed-loop network, it can easily verify the human’s request to initiate the transaction and handle errors on the merchant’s side, allowing the AI agent to proceed.
The biggest problem with agentic commerce is proving the human intent behind an AI agent’s actions when the human is not actively involved in the process. AI agents can “hallucinate”, which could lead to fake transactions. Merchants can cryptographically prove that a human actually authorized a purchase, which solves the biggest risk in agentic commerce.
Intent intelligence refers to the process of capturing, structuring, and cryptographically locking the specific boundaries, such as budget, item, and timeframe, that a human gave the AI agent prior to initiating the purchase. The human intent is verified by a “Proof of Intent Token”. It is a digital receipt that is generated at the start of a request that proves the exact parameters the human user defined for the AI agent to operate within.
Intent intelligence is the technology that translates the human’s commands into a curated set of parameters for the AI agent to understand. For example, if a human commands the AI agent to buy roasted arabica coffee beans, intent intelligence will convert this into a list of constraints, such as budget < $50, specification = arabica, weight = 250 grams. Proof of Intent tokens are generated as soon as the human commands the AI agent to buy something. It allows the payment network to create a locked, verifiable contract that prevents the AI from deviating and buying something unexpected.
During the authorization process, the merchant’s system verifies the items in the cart against the Proof of Intent token, ensuring that the AI did not hallucinate and purchased only the items the human user requested. The structured intent serves as a dispute resolution mechanism. The cryptographic token is the merchant’s defense against a customer claiming not to have ordered the items.
Network tokenization is the process of replacing the sensitive 16-digit credit card number with a unique, encrypted token that is transmitted over the network. It securely transfers payment data, applies specific constraints, and prevents information theft if the network is ever breached. Scoped payment credentials are tokens that are artificially limited in time, by merchant, or by monetary value. This prevents token misuse if it is stolen or the AI goes rogue.
Giving the AI agent your credit card number is a huge security risk. Having such sensitive information flow over the network without human supervision could result in financial catastrophes. To prevent this, the 16-digit number is converted to encrypted codes or tokens by a process known as network tokenization. These tokens are single-use, meaning even if the AI’s memory is breached by hackers, the transaction cannot be repeated.
Scoped credentials allow the human user to set specific constraints on the AI agent, such as spending limits. It physically prevents the AI from exceeding the authorized limit, removing the burden of validating the consumer’s budget from the merchant. It also acts as a fallback mechanism if the AI goes rogue or is breached by hackers, by limiting the losses. Network tokens are updated automatically when a card expires or is replaced. This benefits the merchant by ensuring a continuous transaction flow from the consumer, without the burden of handling declines and account updater services.
Agent Purchase Protection is an Amex policy introduced earlier this year. It protects cardholders from charges that result from errors made by AI agents, provided that the agent was registered and the intent was authenticated. It is an industry-level safety net; the first line of defense against hallucinations and false purchases made by the AI agent. This explicitly shifts the liability of hallucinations away from both consumers and merchants.
In earlier policy, if an AI made a “hallucinated” purchase, the customer would file a chargeback. This would hit the merchant’s operational reserves, withdrawing the transacted amount and an additional chargeback fee. Under the new Amex framework, if the merchant validates the transaction against the provided Proof of Intent token, they are shielded from the liability of losses arising from “agentic errors.” With the new policy, Amex has forced developers and AI companies to implement stricter checks to verify intent, as payment networks will likely revoke permissions if too many errors occur.
While Amex has built a closed-loop network, the broader implementation of agentic commerce requires open standards for other AI companies and banks to prevent a monopoly. Interoperability refers to the ability of different AI agents, payment networks, and merchant APIs to communicate with each other. An important policy that helps implement a universal code is the Agent Payments Protocol (AP2). AP2 is an open protocol that standardizes the exchange of structured data queries among AI agents. It is driven heavily by Google and supported by Amex.
It is not realistic for a merchant to maintain separate, proprietary checkout integrations for different AI agents and banks. This would result in fragmentation and an unsustainable burden on the merchant’s digital infrastructure. The AP2 acts as a universal translator, allowing any AI agent, bank network, and merchant API to communicate seamlessly.
Amex is actively contributing to open standards. This is because Amex is aware that the ACE Developer Kit’s wide adoption is only possible if it expands into the broader agentic commerce market.
Agentic commerce is shifting e-commerce from visually appealing workflows to heavily optimized machine-readable query transfers. Amex’s ACE Developer Kit and AP2 are setting industry benchmarks for security and optimization in agentic commerce. Merchants who optimize their APIs for broader agentic implementation will see sustained growth and revenue inflows in the emerging field of agentic commerce.
They are a set of rules and developer tools created by Amex to securely authenticate agentic transactions, verify human intent, and execute autonomous payments originating from legitimate sources.
The ACE Developer Kit is a suite of five different tools developed by Amex. These tools allow Amex to build a closed-loop network that serves as both a payment network and the developer infrastructure behind a transaction for both the consumer and merchant sides.
Merchants must update their legacy fraud systems to stop relying on human behavioral metrics and instead use cryptographic authentication to whitelist registered, secure AI agents.
It is a cryptographic receipt generated before the AI agent initiates a transaction with the merchant API. It serves as a reference to verify that the purchase made by the AI agent matches the product requested by the human user.
AI agents entirely skip the merchant’s website and interact with merchant catalogs via APIs. To rank higher, the merchants must optimize their catalogs for AI readability.
