How Amex’s AI agent commerce stack ensures secure, auditable transactions

American Express is quietly reshaping how AI agents handle commerce, but not in the way most industry observers expect. While competitors like Visa and Mastercard rely on banks to issue cards and route payments, Amex operates as both the issuer and the payment network—a unique position that allows it to enforce strict controls over AI-driven transactions. The company’s Agentic Commerce Experiences (ACE) developer kit is designed to solve some of the thorniest challenges in agentic commerce: trust, validation, and accountability.

Luke Gebb, Amex’s executive vice president and global head of innovation, argues that this integrated model is critical for the future of AI-powered shopping. “We believe trust and security are foundational to advancing agentic commerce,” Gebb told VentureBeat. “For the first time, an issuer is stepping forward with a solution that gives full control over transactions at the payment layer.”

The trust problem in AI-driven shopping

Agentic commerce promises to automate purchases, but it also introduces significant risks. Consumers fear rogue agents draining their accounts, merchants worry about unpaid orders, and banks brace for a surge in chargebacks and fraud. Unlike traditional e-commerce, where humans approve each step, AI agents operate autonomously—often without clear mechanisms to verify intent or prevent misuse.

Amex’s ACE kit addresses these concerns by introducing a layered validation process. While the company asserts that its system verifies agent identity and aligns transactions with user-defined intents, the exact mechanics remain opaque. Traditional systems rely on a mix of deterministic checks and semantic evaluations to match intent with outcomes, but Amex has not disclosed how its validation layer functions in detail. This lack of transparency is a recurring criticism in the industry, where many protocols excel at handling technical proofs but fail to address upstream human validation.

Raj Ananthanpillai, CEO of identity verification provider Trua, highlights the gap: “Payment protocols handle proofs and fund movements well, but they often leave the human authorization process as a black box. Without cryptographic proof that an agent acts under a verified user’s explicit authority, merchants, issuers, and networks face elevated risks of fraud, repudiation, and sanctioned transactions.”

How the ACE developer kit works

The ACE kit is structured to give developers the tools needed to build secure, auditable AI agent transactions. Its key components include:

• Agent registration: Establishes trust by verifying the identity of both consumer and merchant agents before any transaction begins. This ensures that only authorized entities participate in the process.

• Account enablement: Links the user’s Amex account to their AI agent, granting explicit permission for the agent to act on their behalf. This step is critical for preventing unauthorized actions.

• Intent intelligence: Creates an intent contract—a predefined set of user instructions that the agent must follow. The system generates an Intent ID and a Proof of Intent Token, which serve as immutable records of authorization. These tokens can be used to resolve disputes or verify compliance with user-defined constraints.

• Payment credentials: Issues single-use tokens for transactions, embedding limits such as spending caps or merchant restrictions. For example, if a user specifies a $500 budget for a purchase, the token will reject any attempt to exceed that amount.

• Cart context and validation: Compares the agent-submitted shopping cart against the original intent contract. This step ensures that the final purchase aligns with the user’s stated goals, reducing the risk of mismatched or fraudulent orders.

Gebb explains the process with an example: “Once an agent identifies the desired item—say, red shoes—it requests payment credentials in the form of a token. This token is bound by the constraints set by the cardholder, such as a $500 spending limit. The system won’t allow a $600 purchase because the token enforces those boundaries.”

The path forward for agentic commerce

Amex’s approach underscores a fundamental truth about agentic commerce: technology alone cannot solve its challenges. Systems must balance automation with accountability, ensuring that AI agents act within clear, verifiable boundaries. While Amex’s closed-loop model provides robust transaction control, the lack of transparency in its validation process may give some stakeholders pause.

Industry experts argue that widespread adoption hinges on two factors: clear accountability frameworks and interoperable standards. Projects like Google’s Agent Pay Protocol (AP2) focus on interoperability, but they often lack the transaction-level control that Amex offers. As AI agents become more sophisticated, the need for standardized, auditable systems will only grow.

For now, Amex’s ACE kit remains a niche solution, limited to its own payment network. But its emphasis on trust, intent contracts, and single-use tokens could set a precedent for how AI-driven commerce evolves—one transaction at a time.