Top of Permission — Agentic Commerce (3 of 4)
Issuers face a fork: be the passive endpoint of an agent's decision, or the layer that governs it.
Third of four from the agentic commerce research. This one's about where the real value sits.
When an AI agent goes to pay, something has to decide whether that specific transaction is allowed. Not the card number — the permission behind it. Is this agent authorized to act for this cardholder? For this kind of purchase? Up to this amount? Under these conditions? Right now, at this moment, given everything it's already done today?
That decision has to live somewhere. And it's a genuinely new and valuable position in the stack — one that, right now, is largely unclaimed. I've been calling it the top of permission: the governing layer that sits above the transaction and answers the authorization question before a charge is ever attempted.
Here's the fork I think every issuer faces. One path is to remain the passive endpoint — the agent and the networks make the decisions, and the card simply settles whatever arrives. The economics of that path are thin and getting thinner; you become a balance sheet that other people's decisions route through, competing on cost. The other path is to become the governance layer itself: to own the rules for what an agent may do with your credential, to hold the record of what the cardholder actually consented to, to set and enforce the limits, to handle revocation cleanly, and to be the place where the permission question gets answered.
The second path is harder, and it's where the durable value is. It also raises the bar operationally, and I want to be precise about this: real-time, granular, auditable permissioning simply isn't what card authorization systems were originally built to do. That's a new requirement — and it's new for every processing environment, regardless of vintage or provider. The point isn't who's incumbent. The point is who builds the capability.
That's the honest framing, because this is where I think the strategic mistake gets made. It's tempting to treat agentic permissioning as a message to pass through — one more field to accept and forward. But the institutions that treat it as a product to own, something they build and stand behind, position themselves at the top of a stack that is still forming. The ones that wait will inherit whatever standard someone else sets, and then spend years conforming to it.
Endpoint, or governance layer. It's a choice available right now, while the layer is still unclaimed. It won't stay unclaimed for long.
The full argument is on The Payments Corner.
Franco Di Pietro
The Payments Corner
30+ years across payments, fintech, banking, and financial infrastructure. Operator-level perspectives on the systems that move money.
Related Insights
Memory shortage, rising consumer prices, and the issuing stack's modernization imperative
AI-driven memory scarcity is already pushing consumer hardware prices higher—forcing banks and issuers to choose between modernizing their origination and decisioning infrastructure or ceding the financing layer to faster competitors.
Authorization in agentic payments shifts from moment to chain
As AI agents execute transactions on behalf of consumers and businesses, the payment industry must move beyond narrow technical authorization to operationalize legal and regulatory proof of delegated authority. The question of what a user actually authorized an agent to do—and who is liable when outcomes diverge from intent—will determine whether agentic commerce scales.
Visa's Sixty-Year-Old Playbook for Agentic Commerce
Visa's announcements at the Payments Forum apply its sixty-year-old tollbooth playbook to agentic commerce: don't pick the AI winner, become the trust layer every transaction has to clear through. The standards for agent-driven commerce are being written this week — with you at the table or without you.