Last week, I wrote about Visa Payments Forum 2026 and trust.

The more I think about agentic payments, the more I believe trust is only the starting point.

The next question is authorization.

Not authorization in the narrow, technical sense of whether a payment credential was valid or whether a transaction was approved.

Authorization in the legal, regulatory, and network-rules sense.

What exactly did the user authorize an AI agent to do?

That question may become one of the most important issues in payments as agentic commerce moves from concept to operating model.

An AI agent may soon be able to search, compare, select, and pay on behalf of a consumer or business. That creates convenience. But it also creates a new control problem.

A consumer may tell an agent:

Book the cheapest flight. Buy the best replacement part. Renew the subscription. Find the right gift. Complete this business purchase within a budget.

But what happens when the agent technically follows the instruction and still produces an outcome the user did not expect?

The cheapest flight has a terrible connection. The product has restrictive return terms. The merchant is legitimate, but unfamiliar. The subscription renews under terms the consumer barely understood.

That is where agentic payments become less about AI and more about law, regulation, and network operating rules.

TILA, Regulation Z, Regulation E, consumer dispute rights, merchant obligations, chargeback rules, and Visa and Mastercard frameworks all become part of the conversation.

Because the issue is not only whether the transaction was authenticated.

The issue is whether the agent had authority to make that specific transaction, with that merchant, for that amount, under those terms, within the scope of what the user actually delegated.

That is a much harder standard to operationalize.

This is why I believe the most important infrastructure in agentic payments will be proof.

Proof of user intent. Proof of delegated authority. Proof of agent identity. Proof of transaction controls. Proof of merchant terms. Proof of approval thresholds. Proof of what was authorized, when it was authorized, and under what limits.

In traditional payments, authorization is often treated as a moment.

In agentic payments, authorization becomes a chain.

The user delegates. The agent interprets. The platform enforces limits. The merchant presents terms. The network applies rules. The issuer authorizes. The record has to survive a dispute.

That chain is where trust becomes operational.

Agentic payments will not scale simply because AI can buy things faster.

They will scale when consumers, merchants, issuers, acquirers, networks, and AI platforms can clearly understand who authorized what, who is responsible when the agent gets it wrong, and which rules apply when the transaction is challenged.

If last week’s conversation was about trust, this week’s question is more specific:

In an AI-mediated transaction, how do we make consent visible?