I Built Agentic Payments Infrastructure. Here's What Nobody Is Talking About.
A few months ago I read two pieces by Simon Taylor in Fintech Brainfood that stopped me mid-scroll.
The first, "Agents will use cards first. Then stablecoins," made a deceptively simple argument: AI agents are going to need their own payment credentials. Not your card. Not a shared company card. Their own. Constrained, auditable, disposable. And the infrastructure for that does not exist yet.
The second, "The Checkout is Dead pt2: Invisible Commerce," went further. Taylor argued that we have been thinking about agentic commerce entirely wrong. We have been trying to make checkouts work for agents. But agents do not want a better checkout. They want an alternative. An invisible one. Where the payment happens because an event occurred in the world, not because a human clicked confirm.
Both pieces pointed at the same gap. And I made the mistake of taking them seriously.
I spent the following weeks building something. Here is what I learned.
What Simon Taylor Got Right About Agentic Payments
Taylor's original thesis in "Agents will use cards first" was precise in a way that most agentic commerce writing is not.
He drew a distinction that the industry keeps collapsing: most of what people call agentic commerce is just a human buying something with extra steps. A human researches in ChatGPT and buys normally. A human finds a product and clicks buy inside the chat interface. That is not agentic commerce. That is a new channel with the same old checkout.
The interesting cases, the ones that actually require new infrastructure, are when agents need to do things entirely by themselves. Access another AI model. Purchase a dataset. Pay for a service from another agent. Right now developers manually pre-buy everything their agents might need and hand over access. As Taylor put it, that is not very agentic.
His answer was a virtual card. Single-use. Budget-capped. Merchant-locked. Constrained by design. A credential that exists for one purpose and then disappears.
"What you want is a constrained payment method, spend only at certain merchants, within a set budget, maybe self-destruct after a single use. That sounds a lot like a virtual card."
That framing is exactly right. And it is what I set out to build.
His follow-up piece added a harder edge. After Walmart reported a 66% conversion drop when purchases moved inside ChatGPT, and after OpenAI phased out Instant Checkout, Taylor concluded that we have been doing this wrong from the start. Taking something optimized for humans, the checkout, and embedding it inside an AI interface does not produce frictionless commerce. It produces worse commerce.
"We should not be trying to make better checkouts. We should be replacing them with invisible commerce. Led by agents with identities."
The parking app he cited as his turning point is the right image. You parked. An event occurred. A payment happened. Nobody clicked anything. The world itself was the trigger.
That is the vision. Now here is what actually happens when you try to build toward it.
How I Built Agentic Payment Infrastructure: What Grantex Does
The architecture is simple. Deliberately so.
A natural language instruction hits an AI agent. The agent parses intent, merchant type, spend limit, purpose. It calls a payments API I built called Grantex. That API spins up a single-use virtual card with spending controls baked in at the network level. The agent uses those credentials to complete a purchase. A webhook fires. The transaction appears in a dashboard with a full audit trail.
The card did not exist before the task. After the transaction, it ceases to exist.
What makes this interesting is not the card itself. Virtual cards are not new. What is new is the control surface. The card is locked to a specific merchant category. Capped at a specific amount. Valid for a single use. The constraint is not instructional. You cannot prompt-inject your way around it. It is enforced at the payment network level. The card is physically incapable of being used outside its defined parameters.
On top of this I built an MCP server. A lightweight protocol layer that means any AI agent, regardless of what framework built it, can call these payment tools natively. One line of configuration and any agent has access to a machine-native payment credential. No custom integration. No SDK to install. No developer hours burned on payment plumbing.
When you type a task in natural language, the agent reasons through it, calls the API, receives card credentials, executes the purchase, and returns a receipt. The whole sequence takes seconds. The card that completed the purchase did not exist when you started typing.
The whole system is intentionally simple and intentionally flexible. Simple enough to integrate in an afternoon. Flexible enough to express almost any spending policy you can describe in plain language.
From a pure engineering perspective, this works. The demo is compelling. The infrastructure is real.
But demos are not products. And somewhere between watching everything work correctly and trying to articulate who should actually use it, the questions started.
The Agentic Payment Consent Problem Nobody Is Solving
Every payment system ever built rests on one assumption: a human is present at the moment of authorization.
You tap your card. You click confirm. You enter your PIN. The consent and the transaction are simultaneous. That simultaneity is the entire legal and fraud framework payments are built on. It is why chargebacks exist. It is why cards have liability protections. It is why merchants get penalized for unauthorized charges.
Agentic commerce breaks this assumption entirely.
When I tell my agent "reorder toner when stock falls below 10 units," where exactly is the consent? Is it when I set the reorder rule? Is it when the rule triggers? Is it when the card is created? Is it when the merchant charges it?
My honest answer: I do not know. And neither does anyone else building in this space.
Taylor identified this clearly in "The Checkout is Dead pt2":
"When your agent spends while you sleep, who audits the trail? When an agent is compromised, who is liable? When your agent buys something faulty from a merchant, how are returns handled?"
He is right that these questions exist. What the industry has not done is map them to different categories of agentic commerce. Not all of them are equally hard. And treating them as one problem is why we keep building demos that work and products that struggle.
The Four Levels of Agentic Payment Authorization
Here is what I have come to think after building this. There is not one agentic payment problem. There is a spectrum of four meaningfully different consent models, and the industry is treating them as if they are the same thing.
Level 1: Policy Authorization
You set explicit rules upfront. Merchant category X, amount under Y, trigger condition Z. The agent executes within those rules. This is delegated authority. An established legal concept used in B2B procurement and direct debit mandates for decades. This is buildable today. This is what Grantex does.
Level 2: Behavioral Authorization
The action implies consent. You park the car. You plug in the EV charger. The physical act is the authorization. This is legally murky. The consent happened at app signup, buried in terms of service. It works until it does not. Until a charge fires when it should not, and nobody can agree who is responsible. Taylor's parking app lives here. It is a compelling vision. The liability question is genuinely unsolved.
Level 3: Delegated Anticipation
The agent manages a class of recurring need on your behalf. It renews subscriptions, reorders supplies, tops up API credits. You consented to the category, not the specific transaction. This is closer to how subscription billing works, but without the clear merchant relationship that makes subscription disputes manageable.
Level 4: Ambient Commerce
The agent anticipates needs you have not expressed and acts on them. This requires new legal frameworks that do not exist yet. Anyone building toward this today is building infrastructure for a regulatory environment they are assuming will exist. That is a bet, not a plan.
Most of what I have seen described as agentic commerce conflates all four levels. That conflation produces demos that work and products that do not.
Taylor's invisible commerce vision lives mostly at Levels 2 and 4. The infrastructure that actually exists today, including what I built, lives at Level 1. That gap is larger than the industry is acknowledging.
The Walmart Conversion Data That Should Sober Everyone Up
Taylor flagged a number in "The Checkout is Dead pt2" that deserves more attention than it received.
Walmart reported a 66% conversion drop when purchases moved inside ChatGPT versus their own website. OpenAI subsequently phased out Instant Checkout entirely.
This suggests that at least for consumer commerce, the checkout is not dead. It is doing important work that we do not fully understand yet. The friction of confirming a purchase, seeing the total, reviewing the items, clicking confirm, is not pure waste. Some of it is the moment where humans catch mistakes, reconsider impulse decisions, and exercise the judgment that makes them comfortable spending money.
Remove that friction entirely and you do not get a frictionless experience. You get anxiety. You get disputes. You get people turning the agent off.
This does not mean agentic payments do not work. It means they work differently than we assumed. The use cases where they work are narrower and more specific than the broad vision suggests.
They work when the scope is unambiguous. Reorder a specific SKU from a specific supplier when a specific threshold is crossed. Renew a domain 30 days before expiry. Top up credits when usage hits 90%.
They struggle when the scope requires judgment. Find me the best flight. Buy me the right coffee beans. Handle my parking.
The difference is not technical. It is epistemic. How much does the agent know? How much does it need to know? How much do you trust what it knows?
What I Actually Built vs. What I Thought I Was Building
I thought I was building autonomous purchasing infrastructure. What I actually built is a very good policy execution engine with a payment credential attached.
Those are related but meaningfully different things.
A policy execution engine is valuable. Enormous B2B procurement workflows happen today via manual approval chains that could be automated with explicit policy rules and a payment credential that enforces them architecturally. The infrastructure exists. The legal framework exists. It is called delegated authority and it has been used in supply chain finance for decades. The missing piece was a developer-friendly API layer that made it accessible without a six-month enterprise integration project. A simple API. A constrained credential. An MCP server that any agent can call. That is the gap Grantex closes.
But "the agent figures out what you need and buys it" is a different product entirely. And the consent problem at the heart of it is not a technical problem that a better API solves. It is a behavioral, legal, and regulatory problem that the industry has not finished defining yet.
Where Invisible Commerce Goes From Here
Taylor ends "The Checkout is Dead pt2" with a clear call:
"We should not be trying to make better checkouts. We should be replacing them with invisible commerce. Led by agents with identities."
I agree with the destination. The path there requires something the industry has not built yet. A consent framework that maps to different authorization levels with legal clarity about liability at each one.
Right now we have payment infrastructure. Virtual cards. MCP servers. Protocol layers. What we do not have is a standardized way for a user to say "I authorize this agent to spend money on my behalf under these conditions, and here is what I am holding the payment network liable for if something goes wrong."
That is not a technology problem. It is a contracts, regulation, and behavioral design problem. And until it is solved, invisible commerce will keep producing demos that work and edge cases that do not.
The machine payments protocol Taylor mentions, MPP, is a step in the right direction. Agents calling HTTP endpoints, paying for resources programmatically, no checkout required. The first viral use case was agents buying sandwiches at a hackathon. That is a great sign of things to come. It is also Level 2 authorization in a controlled environment where nobody has been hurt yet.
The real test is what happens when the agent buys the wrong sandwich. Or the right sandwich at the wrong time. Or fifty sandwiches because the event trigger misfired.
Those are not hypotheticals. They are the product roadmap.
The Contrarian Take on Agentic Payments
Here is what I actually believe after building this.
The most valuable near-term agentic payment use case is not consumer commerce. It is B2B procurement automation where the consent model is already established, the scope is already defined, and the only missing piece is execution infrastructure that removes humans from routine decisions they have already made in policy form.
Every company that has set a reorder point in their inventory system has pre-authorized a purchase. Every company with a vendor-approved supplier list has pre-authorized the merchant. Every company with a budget line has pre-authorized the amount. None of them have the infrastructure to let an agent execute against those pre-authorizations automatically.
That infrastructure gap is worth solving. It maps to established legal frameworks. It removes genuine friction from processes that are already well-defined. And it does not require answering the hard question of what behavioral consent means in law, because the consent already happened, explicitly, in a procurement policy document.
The checkout is not dead. But for a specific, well-defined class of B2B transactions, it never needed to exist in the first place.
I built the infrastructure for those transactions. And I think that is more valuable right now than whatever we are calling agentic consumer commerce this week.
What the Agentic Payments Industry Needs Next
As Taylor notes, the payments industry is moving fast on protocols. ACP, UCP, AP2, x402, MPP. There are more agentic commerce standards than transactions right now. The joke keeps getting funnier.
What is missing is not another protocol. It is a clear-eyed map of which consent model applies to which use case, what legal framework governs each, and what happens when something goes wrong.
I built the payment credential layer. Someone needs to build the consent framework that makes it trustworthy at scale.
Taylor's invisible commerce vision is right. The parking app is the right image of where this goes. But between here and there is a consent problem that the industry is papering over with demos and protocols.
Until it is solved, the demo works. The product is real. The use case is narrower than the vision.
And I would rather say that out loud than pretend otherwise.
Sean McAuliffe is a payments professional with 10 years in fintech and financial services. He built Grantex, an agentic payments infrastructure product. You can reach him at sean@forefrontproduct.com
If you found this useful, share it with someone building in the agentic commerce space. And if you disagree with any of it, I would genuinely like to hear why.
References:
Simon Taylor, "Agents will use cards first. Then stablecoins," Fintech Brainfood, March 7, 2026. https://www.fintechbrainfood.com/p/agents-cards-then-stablecoins
Simon Taylor, "The Checkout is Dead pt2: Invisible Commerce," Fintech Brainfood, April 5, 2026. https://www.fintechbrainfood.com/p/the-checkout-is-dead-pt2
