AP2 is how AI agents will make payments on your behalf—securely, accountably, and with your explicit permission. AP2 (the Agent Payments Protocol) is an open standard introduced by Google in 2025 that gives AI agents a cryptographically-verified way to execute payments under user-authorized mandates. Built on agent-interoperability standards like A2A and MCP, AP2 centers on 'mandates'—digitally-signed records that prove a user authorized an agent to transact for a specific amount under defined conditions. With 60+ partners including Coinbase, PayPal, American Express, and Mastercard, AP2 is payment-method agnostic, supporting cards, bank transfers, and stablecoins.

AP2 solves a fundamental trust problem in agent-driven commerce: how can a merchant or payment processor know that an AI agent was genuinely authorized to spend money on a user's behalf? Traditional payment flows assume a human is in the driver's seat. But as autonomous AI agents handle procurement, bill-paying, and subscription management, the question of authorization becomes urgent. AP2 answers it through mandates—cryptographically-signed authorization records that bind an agent to a specific user's intent. A mandate specifies what an agent can spend, on what, and under what conditions. When an agent attempts a transaction, it presents the mandate as proof. The payment provider cryptographically verifies the signature, confirms the user issued it, and checks that the transaction respects the mandate's constraints. This makes every agent-driven payment auditable, revocable, and legally accountable.

AI agents are becoming transaction engines. An autonomous agent might book flights, renew subscriptions, hedge crypto positions, or settle invoices—all without human intervention. But without a standard authorization layer, agents have two bad options: operate with over-broad access (a security nightmare) or ask for human approval every time (defeating automation). AP2 splits the difference: a user grants a mandate once, the agent executes many times, and every transaction is verifiable. This unlocks safe, high-frequency agent-driven payments at scale.

A user creates a mandate using their payment provider or agent platform—specifying an agent's identity, spending limits, time windows, merchant categories, or other constraints. This mandate is cryptographically signed with the user's keys, making it tamper-proof and transferable across payment networks. When an agent wants to transact, it includes the mandate in the payment request. The merchant or payment processor verifies the signature, confirms the mandate is active and unrevoked, and checks that the transaction (amount, merchant, timestamp) falls within the mandate's bounds. If all checks pass, the payment is authorized. If not, it's rejected. The entire chain is logged for audit and dispute resolution.

AP2 launched in 2025 as an open protocol, not a single product. Google convened major payment networks (Mastercard, American Express, PayPal, Coinbase) and payment platforms to build it together. This breadth is intentional: AP2 works across payment rails—a mandate-authorized agent can charge a card, initiate a bank transfer, or settle in stablecoins using the same authorization logic. The protocol is network-agnostic and payment-method-agnostic, designed to become as foundational to agent commerce as HTTP is to the web.

As agent adoption accelerates, AP2 will likely become table stakes for payment infrastructure. Expect the protocol to extend into subscription management, real-time spend analytics, and cross-chain settlement. Regulators will also watch closely—AP2's auditability and mandate transparency align well with emerging rules on algorithmic decision-making and consumer consent. The question is not whether AP2 spreads, but how fast payment platforms adopt it and how deeply it integrates into agent frameworks.

Every payment infrastructure layer will eventually touch AP2. Stripe's agent toolkit, Coinbase's CDP, and newer platforms like Soap are all architecting around mandate-based authorization. For enterprises running autonomous workflows—procurement bots, treasury agents, subscription managers—AP2 becomes the lingua franca for proving agent authorization to any payment network. Soap is an AI-native payment infrastructure platform that unifies cards, banking, stablecoins, and crypto rails with built-in compliance and subscription management. Soap implements AP2 by allowing customers to create cryptographically-signed mandates via its API (supporting KYC identity verification, device location pings for fraud detection, and customer account management), then enabling agents to present those mandates when initiating charges—ensuring every agent-driven transaction is traceable, revocable, and compliant. AP2 is the missing piece in autonomous commerce—a protocol that makes agent-driven payments trustworthy without sacrificing speed or flexibility. As AI agents evolve from experimental sidekicks to core business infrastructure, AP2 will likely become the standard authorization layer across global payment networks.