{"id":13559,"date":"2025-09-17T08:40:04","date_gmt":"2025-09-17T15:40:04","guid":{"rendered":"https:\/\/jasonsblog.ddns.net\/?p=13559"},"modified":"2025-09-17T08:42:18","modified_gmt":"2025-09-17T15:42:18","slug":"google-unveils-master-plan-for-letting-ai-shop-on-your-behalf","status":"publish","type":"post","link":"https:\/\/jasonsblog.ddns.net\/index.php\/2025\/09\/17\/google-unveils-master-plan-for-letting-ai-shop-on-your-behalf\/","title":{"rendered":"Google Unveils Master Plan for Letting AI Shop on Your Behalf"},"content":{"rendered":"\n<p>Who would want this? And look at all who have signed onto the effort. And I see Ethereum, a cryptocurrency that long ago sold out to the establishment with untrustworthy proof of stake and reversing transactions.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.theregister.com\/2025\/09\/16\/google_unveils_masterplan_for_letting\/\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/www.theregister.com\/2025\/09\/16\/google_unveils_masterplan_for_letting\/<\/a><\/p>\n\n\n<div class=\"wp-block-ub-divider ub_divider ub-divider-orientation-horizontal\" id=\"ub_divider_74a9e8f0-e239-4487-ab71-b22cde04835c\"><div class=\"ub_divider_wrapper\" style=\"position: relative; margin-bottom: 2px; width: 100%; height: 2px; \" data-divider-alignment=\"center\"><div class=\"ub_divider_line\" style=\"border-top: 2px solid #ccc; margin-top: 2px; \"><\/div><\/div><\/div>\n\n\n<h5 class=\"wp-block-heading\">Mastercard, American Express, Coinbase, and PayPal sign up at launch<\/h5>\n\n\n\n<p>Google has given the go-ahead to a plan that lets AI agents make purchases on your behalf and, on Tuesday, released its Agent Payments Protocol (AP2) to make it happen. The system comes with touted safeguards that are intended to prevent thieves from draining bank accounts.<\/p>\n\n\n\n<p>The principle is that shoppers can use AI agents to create a shopping list, exchange information with merchants, and complete payment transactions, without the need for final, human approval. For example, a music fan could tell an agent to buy concert tickets that go on sale at midnight and then go to sleep, knowing that the agent would buy the number and location of tickets they had asked for (presumably with a price limit).<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-rich is-provider-embed-handler wp-block-embed-embed-handler wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"Intro to Google Agent Payments Protocol (AP2)\" width=\"1290\" height=\"726\" src=\"https:\/\/www.youtube.com\/embed\/yLTp3ic2j5c?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n\n\n\n<p>For vendors and payment processors, the protocol provides a verifiable paper trail \u2013 or mandate \u2013 that they can back trace and check. End users can set up an Intent Mandate, which says what they want and how much they wish to pay for it. If the purchase is taking place in real-time (ex: &#8220;find me a pair of white shoes&#8221;), then the human can personally approve the purchase by signing a Cart Mandate. If the purchase takes place when the human is offline (ex: &#8220;get me two tickets at midnight and don&#8217;t pay more than $100 each&#8221;), the Intent Mandate can also give permission for the agent to generate its own Cart Mandate.<\/p>\n\n\n\n<p>&#8220;This chain of evidence culminates in securely linking your payment method to the verified contents of the Cart Mandate,&#8221; Google <a target=\"_blank\" rel=\"noreferrer noopener\" href=\"https:\/\/cloud.google.com\/blog\/products\/ai-machine-learning\/announcing-agents-to-payments-ap2-protocol\/\">wrote<\/a> in a blog post.<\/p>\n\n\n\n<p>&#8220;This complete sequence \u2014 from intent, to cart, to payment \u2014 creates a non-repudiable audit trail that answers the critical questions of authorization and authenticity, providing a clear foundation for accountability.&#8221;<\/p>\n\n\n\n<p>We&#8217;ve asked Google for more details on security checks that can be built into the system and will update this story if we hear back.<\/p>\n\n\n\n<p>The AP2 scheme is an open protocol that works with Google&#8217;s existing <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2025\/05\/20\/agent_name_service_proposal\/\" rel=\"noreferrer noopener\">Agent2Agent<\/a> (A2A) data-sharing systems and Anthropic&#8217;s <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2025\/07\/12\/ai_agent_protocols_mcp_a2a\/\" rel=\"noreferrer noopener\">Model Context Protocol<\/a> (MCP) to allow secure information flows. It&#8217;s part of a wider move to allow AI engines to communicate securely with each other, something the Chocolate Factory has been <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2025\/04\/10\/google_agentic_ai_cloud_next\/\" rel=\"noreferrer noopener\">pushing hard<\/a> of late.<\/p>\n\n\n\n<p>At launch, Google has signed up over 60 companies with major players like Mastercard, PayPal, American Express, and Worldpay getting on board. Salesforce, Red Hat, Adobe, Intuit, and Cloudflare have also joined.<\/p>\n\n\n\n<p>AP2 is also supporting cryptocurrency payments using the x402 protocol, to allow digicash transactions using the same security system. Coinbase, Metamask, and the Ethereum Foundation have already signed up.<\/p>\n\n\n\n<p>&#8220;x402 and AP2 show that agent-to-agent payments aren\u2019t just an experiment anymore, they\u2019re becoming part of how developers actually build,&#8221; said Erik Reppel, head of engineering at the Coinbase Developer Platform in a canned statement.<\/p>\n\n\n\n<p>&#8220;Bringing x402 into AP2 to power stablecoin payments made sense &#8211; it\u2019s a natural playground for agents to start transacting with each other and testing out crypto rails. And it\u2019s exciting to see the idea of agents paying each other resonate with the broader AI community.&#8221;<\/p>\n\n\n\n<p>While the system has some big-name backers, security remains critical. Given the propensity of online thieves to abuse payment processing, hopefully Google will have adequate protections in place. Otherwise, you may be seeing headlines about AI-driven theft in the future.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Who would want this? And look at all who have signed onto the effort. And I see Ethereum, a cryptocurrency that long ago sold out to the establishment with untrustworthy proof of stake and reversing transactions. https:\/\/www.theregister.com\/2025\/09\/16\/google_unveils_masterplan_for_letting\/ Mastercard, American Express, Coinbase, and PayPal sign up at launch Google has given the go-ahead to a plan [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[],"class_list":["post-13559","post","type-post","status-publish","format-standard","hentry","category-tech"],"blocksy_meta":[],"featured_image_src":null,"author_info":{"display_name":"Jason","author_link":"https:\/\/jasonsblog.ddns.net\/index.php\/author\/jturning\/"},"_links":{"self":[{"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/posts\/13559","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/comments?post=13559"}],"version-history":[{"count":3,"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/posts\/13559\/revisions"}],"predecessor-version":[{"id":13564,"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/posts\/13559\/revisions\/13564"}],"wp:attachment":[{"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/media?parent=13559"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/categories?post=13559"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/tags?post=13559"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}