Key Takeaways
- Pine Labs, a major Indian payments company, announced P3P on June 11 — a protocol that lets AI agents complete UPI payments without human authentication
- The design layers HTTP 402 and Grantex delegated authorization on top of UPI's existing mandate features (Reserve Pay and OTM), so consumers approve only once upfront
- Coming just one day after the Visa × OpenAI and Mastercard AP4M announcements, it signals that agent payment rails are starting to diverge by region
Human Authentication Drops Out of UPI Payments
The P3P payment protocol works by extending the UPI's existing mandate into payments triggered by AI agents.
www.aninews.in"The consumer authorises once, upfront. After that, the agent browses, selects, negotiates, and pays. No human authentication. No interruption. No friction." That is how Pine Labs, India's merchant commerce platform, described P3P (Pine Labs Payments Protocol), the agentic payment protocol it announced on June 11, 2026, as covered by ANI. UPI (Unified Payments Interface), India's real-time payment infrastructure, has until now required user authentication such as PIN entry for every transaction. P3P removes that assumption, allowing AI-agent-initiated payments to complete without any human involvement at the point of transaction.
The division of labor is clear. P3P provides the payment and settlement rails, while Grantex, a delegated authorization layer, supplies verifiable identity, spend controls, and auditability. HTTP 402 — the standard HTTP status code for requesting payment — ties it together, enabling trusted agent-to-agent transactions.
A live use case already exists. Gullak, a digital gold savings platform, has gone live on P3P: the moment gold hits a user's target price, an AI agent automatically executes the purchase. Co-founder Manthan Shah described it as a move "from manual savings to autonomous wealth creation."
We have always built by asking what existing infrastructure already makes possible — then building the layer that was missing. In India, UPI's mandate framework was already architected for agentic commerce. P3P is that layer.Source: Amrish Rau (CEO, Pine Labs)
The announcement also cites Grand View Research's 2025 projection that the agentic commerce market will reach USD 65.47 billion by 2033, growing at a CAGR of 35.7 percent — and Pine Labs intends to put India at the center of that growth.
How P3P Works: HTTP 402 Challenges and Scoped Tokens
Reading the published developer documentation, P3P's design is remarkably concrete for launch day. At its core sits 402 Payment Required, an HTTP status code reserved for future payment use since the early days of the web but rarely used in practice.
Follow the flow. A client on the AI agent side requests a paid resource, and the server responds with a 402 demanding payment. The client generates a scoped payment token and retries the request with it in the P3P-Credential header. The server verifies the Grantex token, captures the payment, and returns the resource along with a payment receipt. No redirects, no external checkout pages — the entire sequence completes over standard HTTP.
Replay protection is built into the token design. Each payment token is issued bound to a specific resource, amount, and expiry, and cannot be replayed or redirected to another transaction. Every completed transaction returns a cryptographically verifiable receipt, which serves as evidence for audit trails and dispute resolution.
So how do you stop an agent from overspending? That is Grantex's job. Grantex positions itself as "OAuth 2.0 for AI agents," a delegated authorization protocol that assigns agents scopes such as mpp:payment:initiate (initiate payments) and mpp:payment:max_txn_paise:50000 (up to 500 rupees per transaction). Once the user approves on a consent screen, the agent receives a grant token with an allocated budget, and all subsequent payments can only execute within those bounds. Permissions can be revoked at any time.
The implementation barrier has been lowered as well. Client and server SDKs for TypeScript and Python are already published on npm and PyPI, and the mechanical parts of the protocol — handling 402 challenges, token lifecycle management, retries, receipt verification — are absorbed by the SDKs. Merchants can focus on creating mandates and implementing paid resource handlers.
The Foundation: UPI's Reserve Pay Mandates
Why did payments without human authentication become possible in tightly regulated India? The key lies in a mandate (pre-authorization) mechanism that already existed within UPI.
P3P is anchored on UPI's Single Block Multiple Debit (SBMD) and One Time Mandate (OTM) frameworks. SBMD lets a user block funds in their account once and authorize multiple debits within that envelope; in October 2025, NPCI (National Payments Corporation of India) renamed it UPI Reserve Pay. Under NPCI's circular, mandates can be set on savings accounts, RuPay credit cards, and other instruments for amounts up to 10,000 rupees with a validity of up to 90 days.
In other words, Pine Labs did not wait for new regulatory approval to build its protocol. It layered an agent-facing protocol on top of rails NPCI had already put in place. The consumer fixes the amount and duration ceiling themselves through the initial mandate approval, and Grantex keeps the agent within that envelope. The announcement's claim of keeping "the consumer in absolute control" refers to this double constraint.
The constraints are equally clear. The only rail P3P runs on today is UPI Reserve Pay; cards, net banking, wallets, and EMI (installments) remain on the roadmap. Given the 10,000-rupee cap, the near-term battleground is small-ticket, high-frequency automated purchasing — recurring savings like Gullak, securing flash sales, and replenishing everyday goods.
The Context: One Day After Visa and Mastercard
The timing deserves attention. On June 10, the Visa and OpenAI partnership was announced at the Visa Payments Forum in San Francisco — a design that tokenizes the card credentials AI agents use, routing payments through single-use tokens bound to a specific agent and use case. The same day, Mastercard announced Agent Pay for Machines (AP4M), a network for continuous, programmatic payments executed by machines. P3P arrived the very next day.
| Pine Labs P3P | Visa × OpenAI | Mastercard AP4M | |
|---|---|---|---|
| Announced | June 11, 2026 | June 10, 2026 | June 10, 2026 |
| Payment rail | UPI (Reserve Pay mandates) | Visa card network | Mastercard network |
| Authentication model | Upfront mandate approval plus Grantex delegated authorization | Single-use tokens bound to a specific agent and use case | Continuous, programmatic payments under pre-granted authority |
| Primary audience | Indian consumers and merchants | ChatGPT users and global merchants | Automated procurement between businesses and machines |
Right after two card networks laid out global frameworks, an Indian player presented its own rail built on public payment infrastructure. The contrast points to a reality: agent payment standards are not converging on a single track.
Pine Labs has been laying groundwork of its own. In February 2026 it partnered with OpenAI to become India's first ChatGPT payments partner, and in its Q4 FY26 shareholder letter published in May, it disclosed ongoing discussions with NPCI about "autonomous" UPI and card payments via its MCP server, as reported by Medianama. The company posted a net profit of Rs 59 crore that quarter, swinging from a year-ago loss — its agentic payments investment rests on stabilized financials.
Domestic competition is intensifying too. Razorpay teamed up with NPCI and OpenAI in October 2025 to launch UPI payments inside ChatGPT, and in March 2026 began PIN-free payments through voice agents built with Sarvam AI. Within this race, P3P reads as Pine Labs reaching for a higher level of abstraction — standardizing the protocol rather than stacking up individual partnerships.
What This Means for E-commerce Operators
Agent payment rails are splitting by market. In the US, ACP and the card networks; in India, UPI mandates — public infrastructure. Businesses selling globally will need a different "front door for agents" in each market. For India, the pieces are already falling into place: integrate the P3P server SDK, and your products and APIs become resources an agent can pay for.
Open questions remain. Medianama has pressed Pine Labs on whether users setting up a mandate are consenting only to payment execution, or also to sharing conversational data with LLM providers. Trust in agent payments depends not just on spend controls and audit trails but on transparency about data handling — and merchants who adopt the protocol will share in that accountability.
There is also a question of sequencing. Under the 10,000-rupee cap, small-ticket "execute the moment conditions are met" purchases will take off before autonomous purchases of expensive goods. Replenishment, recurring savings, time-limited sales. Mapping which of your products fit this pattern is the practical first step.
Closing Thoughts
The day after two card networks raced to announce their agent payment frameworks, India made the same thing run using nothing but existing features of its public payment infrastructure. The model — a human authorizes once upfront, and agents execute from there — is becoming real in the US and India almost simultaneously, on different rails. What P3P proved is that the foundation for agentic commerce does not necessarily require new regulation or a new network. The next focal point shifts to how NPCI formally positions this movement.
