Key Takeaways
- The payment rails for agentic commerce are coming together fast, but the post-transaction layer that handles disputes is being left behind
- Fair arbitration requires a consent and permission architecture, a record of who authorized what purchase, within what scope, and under what constraints, built into the transaction itself
- Merchants and fraud or risk teams should treat consent frameworks and evidence capture as a must-have investment on par with payment readiness, and build it now
Payments Came Together, Yet Disputes Were Left Blank
Without a consent and permission architecture built into the transaction record, disputes in agentic commerce will become almost impossible to arbitrate fairly, warns Donald Kossmann.
www.electronicpaymentsinternational.comAn opinion piece published in Electronic Payments International puts its finger on a point missing from the agentic commerce conversation. The author is Donald Kossmann, CTO of the chargeback management firm Chargebacks911. The industry report he read covered payment orchestration, cross-border infrastructure, merchant of record models, and stablecoin rails, yet across all of it the one thing entirely absent was dispute management, what happens when a transaction is later challenged.
The report described in detail how an AI agent initiates a transaction, selects a payment credential, routes through an acquirer, and settles cross-border. It never described who decides what happens when that transaction becomes the subject of a chargeback. The entrance to payments is being built out while the exit is left blank. McKinsey projects agentic commerce could generate $3tn to $5tn in global revenue by 2030, and if that blank is left unaddressed as the model scales, the consequences will be hard to ignore.
Why the Gap Is Critical Right Now
In a human-initiated transaction, the evidence of intent is inherent in the act itself. A consumer opens a browser, navigates to a product, enters payment details, and confirms the purchase. Each of those steps generates a signal, and when a dispute arises, that trail is what lets merchants, processors, and card schemes assess whether the transaction was authorized. The process is imperfect, but the framework for judgment exists.
In an agentic transaction, the shape of that trail changes completely. The consumer may have granted the agent permission days or weeks before the purchase. The agent selected a product, compared alternatives, applied a stored credential, and completed the transaction, all without a human present at the moment of execution. The question of what was authorized can no longer be answered by what the consumer did at checkout. It is answered by what permissions were in place beforehand and whether the agent acted within them.
The difficulty of that question overlaps with a reality the industry already concedes: liability remains unresolved. The US CFPB's January 2026 advisory placed agent-initiated card transactions squarely within the existing dispute and chargeback regime, while narrowing the consumer's right of recourse only where the agent mandate is appropriately scoped. In Europe, the AI Liability Directive frames a rebuttable presumption of fault that sits on the deploying party unless mandate, audit-trail, and consent evidence can be produced. The rules are starting to move, but they spin in place if the transaction record does not hold the evidence those rules assume.
The Missing Layer Is the Evidence That Backs the Aftermath
Payment orchestration, fraud detection, tokenization, and settlement rails are rightly described as the foundations of agentic commerce. Kossmann's point is that every one of them addresses only what happens before and during a transaction, never what happens after. When a consumer does not recognize a charge. When an agent exceeds its authorized scope. When a merchant's fraud system declines a legitimate purchase because it cannot tell an AI agent from a malicious bot. There is no layer designed to handle these.
The dispute layer is where intent is verified after the fact, and in agentic commerce it has to capture something the existing infrastructure was never built to record: the consent framework that preceded the transaction. What was the agent authorized to buy? Within what price range? Under what constraints? Was the executed transaction consistent with those parameters? Without that record, no party to a dispute can prove its case. The merchant cannot demonstrate authorization, the consumer cannot demonstrate that the agent exceeded its remit, and the processor has nothing to assess. The outcome is an automatic chargeback, a blocked transaction, or a dispute that takes far longer and costs far more than it should.
Kossmann calls this the evidence architecture and positions it as just as foundational as payment orchestration or fraud detection: a record of what an agent was authorized to do, the limits in place, and a timestamped log of each action taken. That record is the precondition for recovering revenue otherwise lost to false declines and unwinnable chargebacks. He notes he has built this into his firm's Unified Dispute Management System and ResolveLab, so the framing carries a degree of vendor self-interest, but the underlying problem he raises is universal.
Industry Effort Tilts Toward the Entrance, Not the Exit
The supporting data is lining up. A survey by the fraud firm Ravelin of 1,504 fraud and payments professionals across 10 countries, at merchants with over $50 million in annual revenue, found 44% had already integrated agentic commerce protocols and another 32% planned to within six months. Yet only 29% said they felt very prepared for the associated fraud and security issues. Adoption has clearly outrun risk planning.
The total volume of fraud is also expected to swell. Multiple studies project global ecommerce fraud losses to roughly double from around $40 billion in 2024 to over $100 billion by 2029, and Adyen's 2026 fraud report notes the shift from high-value external attacks toward low-value, high-frequency abuse inside trusted environments. The report found first-party fraud is now the most commonly reported type (44%), exactly the kind of dispute that proliferates when proving intent becomes ambiguous in agent transactions.
The payment networks are racing to secure the entrance. In April 2026, American Express launched its Agentic Commerce Experiences (ACE) developer kit with an industry-first protection that covers eligible transactions when a registered agent makes an authorized but unintended purchase. Visa Intelligent Commerce, Mastercard Agent Pay, and Google's AP2 (Agent Payments Protocol) are likewise embedding agent identifiers and signed mandates (Intent and Cart Mandates) into the transaction record so disputes can be attributed correctly. Even so, most of this weight sits on initiation and authentication, while the post-transaction evidence layer Kossmann describes remains thin.
What Merchants and Risk Teams Should Start Doing Now
Translated into practice, the implications are clear.
Treat consent frameworks and evidence trails as an investment on par with payment readiness. If you accept purchases from AI agents, build the mechanism to record what the agent was authorized to buy, within what price range and constraints, alongside a timestamped log of each action, into the initial design rather than bolting it on after checkout. Hunting for evidence after a dispute arises is too late; the evidence must exist the moment the transaction completes.
On the fraud side, check whether you can identify and isolate agent-originated transactions from ordinary ones. As Adyen shows, losses are shifting toward low-value, high-frequency abuse, and an autonomous agent can repeat the same kind of transaction before fraud is detected. Declining a legitimate purchase because you cannot distinguish an AI agent from a malicious bot translates directly into lost sales. Choosing payment partners and acquirers that support mandates and signed tokens (Mastercard's Agentic Tokens, AP2's Cart Mandate, and the like) becomes the practical fork in the road here.
Updating your recourse and returns policies for agent transactions is equally essential. When a consumer claims an agent exceeded its remit, a merchant that can immediately produce the scope of the mandate can avoid an unwinnable chargeback. Network-led protections like Amex's are starting to appear, but before deciding whether to rely on them, the question is whether you have the capability to construct the evidence yourself, which is what ultimately tips arbitration in your favor.
Conclusion
The heart of Kossmann's argument comes down to a single point: if we are going to treat agentic commerce as a genuinely new channel, the dispute and evidence layer deserves the same attention we are giving the payment initiation layer. With the entrance to payments taking shape, what remains blank is the post-transaction evidence architecture.
If we are entering an era in which agents select merchants partly on transaction reliability and dispute performance, then consent frameworks and evidence capture stop being mere risk defense and become a condition for being chosen. Does your payment readiness checklist include the dispute and evidence layer? For any merchant looking ahead to the scaling of agentic commerce, that is not a question to defer.
