Visa Inc. has launched the Trusted Agent Protocol, a new framework designed to facilitate secure communication between artificial intelligence (AI) agents and merchants during transactions, aiming to enhance trust and streamline agent-driven commerce.

The protocol, developed in collaboration with Cloudflare, is now available in the Visa Developer Center and GitHub. It seeks to address specific challenges within agent-driven commerce, such as the management of bot detection systems that might mistakenly block legitimate agentic transactions, the support for agent-driven guest and logged-in checkouts, and the preservation of consumer visibility behind agent interactions and payment data. This initiative follows a significant increase in AI-driven traffic to U.

S. retail websites, which surged by over 4,700% in the past year, with 85% of shoppers reporting an improved experience when using AI for shopping, according to Adobe Data Insights from August 2025.

Jack Forestell, Chief Product & Strategy Officer at Visa, stated, “We believe the entire payments ecosystem has a responsibility to ensure sellers can trust AI agents as much as they trust their best customers and networks. For the past year, we’ve worked closely with sellers, issuers and partners to make sure agent-initiated transactions are as seamless and secure as any payment today. Our new agent protocol is focused on creating no-code functionality for merchants to securely identify agents with an intent to buy and provide a better payments and personalized experience for its known users.”

The Trusted Agent Protocol is designed to allow approved AI agents to securely transmit crucial information to merchants. This provides a mechanism for identifying trusted agents with genuine commerce intent, distinguishing them from malicious automation or rogue bots. Initial feedback on the protocol has been received from early partners, including Adyen, Ant International, Checkout.com, Coinbase, CyberSource, Elavon, Fiserv, Microsoft, Nuvei, Shopify, Stripe, and Worldpay.

Stephanie Cohen, Chief Strategy Officer at Cloudflare, commented, “Securing the future of commerce is a shared responsibility, especially as AI agents begin to act on behalf of consumers. Our work with Visa on the Trusted Agent Protocol is a vital step in building the necessary guardrails for this new ecosystem.”

The protocol includes specifications for agent-specific cryptographic signatures, encompassing:
* **Agent Intent:** An indicator that the agent is trusted and intends to retrieve product details or make a purchase.
* **Consumer Recognition:** Data elements that show whether a consumer has an existing account or prior interactions with the merchant.
* **Payment Information:** The option for agents to carry payment data to support the merchant’s preferred checkout or payment method.

While the initial specifications are applied to the Visa network, Visa emphasizes an open, ecosystem-wide approach for enabling agents to act safely on consumers’ behalf. The company is committed to aligning with global standards bodies such as IETF, OpenID Foundation, and EMVCo. Visa is also collaborating with ecosystem partners to ensure the Trusted Agent Protocol complements other recently announced protocols, including the Agentic Commerce Protocol, and is working with Coinbase to ensure interoperability with x402. Built upon the HTTP Message Signature standard and aligned with Web Both Auth, the protocol is designed to facilitate trust between merchants and agents using existing web infrastructure, requiring minimal user experience changes on merchant websites.