By Will Tygart
• Long-form Position
• Practitioner-grade
For most of the history of the internet, commerce had a fixed shape: a human found a product, a human put it in a cart, a human entered payment details, a human clicked buy. The entire infrastructure of digital commerce — payment processors, shopping carts, merchant platforms, ad networks, fraud detection — was built around that human in the loop.
Agentic commerce removes the human from most of those steps. An AI agent acting on your behalf finds the product, evaluates it against your criteria, initiates checkout, authorizes payment, and completes the transaction. The human sets the intent and the constraints. The agent executes. And the protocols being built right now are what make that execution possible at scale across the open web.
This isn’t a future prediction. It’s the infrastructure layer being built in production today, with real merchants, real transactions, and real competitive stakes for every business that sells anything online.
The Protocol Stack: Four Layers, Multiple Players
Agentic commerce isn’t one protocol — it’s a stack of protocols, each handling a specific layer of the transaction. Understanding the stack is the prerequisite for understanding what any business actually needs to do about it.
The commerce layer handles the shopping journey itself: how an agent discovers products, queries catalogs, compares options, and initiates checkout. Two protocols are competing here. OpenAI’s Agentic Commerce Protocol (ACP), co-developed with Stripe and open-sourced under Apache 2.0, powers checkout inside ChatGPT and connects to merchants through Stripe’s payment infrastructure. Google’s Universal Commerce Protocol (UCP), launched at NRF in January 2026 with Shopify, Walmart, Target, and more than twenty partners, handles the full commerce lifecycle from discovery through post-purchase across any AI surface, not just Google’s own.
The payments layer handles authorization, trust, and money movement — the part of the transaction where something actually changes hands. Google’s Agent Payments Protocol (AP2) is the most prominent here, introducing “mandates” — digitally signed statements that define exactly what an agent is authorized to do and spend. Visa has its Trusted Agent Protocol. Mastercard has Agent Pay. Coinbase introduced x402, which revives the long-dormant HTTP 402 “Payment Required” status code to enable microtransactions between machines without accounts or API keys.
The infrastructure layer is the operating system underneath everything else: Anthropic’s Model Context Protocol (MCP) for connecting AI models to external tools and data sources, and Google’s Agent2Agent (A2A) protocol for coordination between agents. These are less visible to merchants but essential for making the commerce and payments layers work together.
The trust layer sits across all of it: fraud detection, consent management, identity verification for non-human actors. This is the least standardized layer and the one where the most work remains.
ACP vs. UCP: Different Bets on the Same Shift
The practical choice most merchants face isn’t which single protocol to adopt — it’s understanding what each one connects to and what supporting both costs.
ACP is optimized for merchant integrations with ChatGPT, while UCP takes a more surface-agnostic approach, aiming to standardize how platforms, agents, and merchants execute commerce flows across the ecosystem. The scope difference is meaningful: ACP standardizes the checkout conversation. UCP standardizes the entire shopping journey.
The tradeoff each represents is also different. ACP trades openness for control, while UCP trades control for index breadth and protocol-level standardization. ACP gives merchants a more curated, high-touch integration with a specific AI surface. UCP gives merchants broader reach at the cost of less hand-holding through the integration.
For most merchants, the realistic answer is both — because each connects to a different AI shopping surface where different buyers will transact. Most retailers will need to support at least two of these protocols, since each connects to different AI shopping surfaces. ChatGPT uses ACP for transactions. Google AI Mode and Gemini use UCP. The protocols aren’t competing for the same merchants so much as competing to be the standard their respective AI ecosystems use.
The Amazon Anomaly
Every major retailer in the agentic commerce ecosystem is moving toward open protocols — except the largest one. Amazon has taken the opposite position: updating its robots.txt to block AI agent crawlers, tightening its legal terms against agent-initiated purchasing, and pursuing litigation against unauthorized agent interactions with its platform.
The strategic logic is straightforward. Amazon’s competitive advantage is built on controlling the discovery moment — the point at which a buyer decides what to consider buying. Open protocols where AI agents compare products across every online store turn Amazon into just another merchant behind an API, stripping away the algorithmic leverage that makes its platform valuable to both buyers and sellers. The walled garden is a defensive move, not a philosophical one.
For merchants who are primarily Amazon-dependent, the agentic commerce transition is less immediately relevant — Amazon’s own AI shopping assistant, Rufus, operates inside the walled garden and isn’t subject to open protocol dynamics. For merchants who sell direct or through multi-channel platforms, the protocols represent a potential path to discovery that doesn’t flow through Amazon’s toll booth.
The Payment Authorization Problem
The hardest unsolved problem in agentic commerce isn’t discovery or checkout — it’s authorization. How does a merchant know that an AI agent actually has permission to spend the buyer’s money? How does a buyer trust that an agent won’t exceed its authorized scope? How does a payment processor handle chargebacks when the “buyer” is software?
AP2’s mandate system is the most developed answer to this. AP2 introduces the concept of mandates, digitally signed statements that define what an agent is allowed to do, such as create a cart, complete a purchase, or manage a subscription. These mandates are portable, verifiable, and revocable, allowing multiple stakeholders to coordinate safely. A mandate is essentially a scoped permission — the agent can spend up to this amount, in this category, on behalf of this identity, and here’s the cryptographic proof.
This matters for the full agent-to-agent commerce scenario — where both buyer and seller are autonomous agents, no human is involved in real time, and traditional consumer protection frameworks don’t map cleanly to the transaction. That’s the frontier where the standards work is most active and the solutions are least settled.
What This Means for Content and SEO Strategy
The shift to agentic commerce doesn’t just change how transactions happen. It changes how discovery happens — which changes what content and SEO strategy is actually for.
In the search engine model, a buyer types a query, gets a ranked list of results, clicks through, and eventually converts. The optimization target is rank position. In the agentic commerce model, a buyer tells an agent what they want, the agent queries structured data sources and evaluates options programmatically, and surfaces a recommendation. The optimization target shifts from rank position to selection rate — how often an agent chooses your product when it’s evaluating options that include yours.
Selection rate is determined by data quality (how completely and accurately your product catalog is exposed through the protocol), trust signals (reviews, ratings, return policies — the inputs agents use to evaluate reliability), and price competitiveness at the moment of agent evaluation. AEO and GEO optimization — structuring content so AI systems can extract and cite it accurately — becomes more important, not less, in an agentic commerce environment. The agent needs to understand your product in enough depth to recommend it with confidence.
For service businesses and content publishers who aren’t selling physical goods, the implications are different but parallel. When AI agents are answering questions and making recommendations on behalf of users, the question of which businesses and sources get cited is the agentic equivalent of search rank. The content infrastructure that makes you citable — entity clarity, structured data, authoritative sourcing — is the same infrastructure that makes you recommendable in an agent-mediated discovery environment.
The Readiness Ladder
Agentic commerce readiness isn’t binary — it’s a ladder, and most businesses are somewhere in the middle rather than at the top or bottom.
The first rung is structured data hygiene: product catalogs that are complete, accurate, and machine-readable. If your product data is messy, inconsistent, or locked behind interfaces that agents can’t parse, no protocol integration will help. Clean structured data is the prerequisite for everything else.
The second rung is protocol awareness: understanding which protocols matter for your specific channels and customer base. A Shopify merchant gets ACP integration automatically through the platform. A business selling through Google Shopping needs UCP readiness. A B2B operation should be watching AP2 and mandate-based authorization more closely than consumer checkout protocols.
The third rung is active integration: implementing the relevant protocol specs, publishing the required endpoints, and testing agent interactions in a controlled environment before they happen in production. This is where most businesses aren’t yet — not because the protocols are inaccessible, but because the urgency hasn’t been felt directly.
The fourth rung is optimization: monitoring selection rate and proxy conversion metrics, iterating on catalog data quality and trust signals, and adapting content strategy for agent-mediated discovery rather than human-mediated search. This is where competitive differentiation will be built once the infrastructure layer matures.
The window for first-mover advantage in protocol adoption is open now, and it won’t stay open indefinitely. The businesses that establish protocol presence before agentic commerce becomes the default mode of online discovery will have an advantage that compounds as agent behavior increasingly determines where transactions happen.
Frequently Asked Questions About Agentic Commerce
Do small businesses need to worry about agentic commerce protocols now?
If you’re on Shopify, you may already be enrolled — Shopify has handled ACP integration at the platform level for eligible merchants. If you’re not on a platform that’s done it for you, the honest answer is: start with structured data hygiene now, monitor protocol adoption over the next six months, and plan for integration in the second half of 2026. The urgency is real but the timeline isn’t emergency-level for most small businesses yet.
What’s the difference between ACP, UCP, and MCP?
ACP and UCP are commerce protocols — they define how agents shop and transact on behalf of buyers. MCP is an infrastructure protocol — it defines how AI models connect to external tools and data sources, including commerce APIs. MCP is the plumbing; ACP and UCP are the applications running on the plumbing. Most merchants will interact primarily with ACP and UCP. Developers building agent applications interact more directly with MCP.
Will there be one winning protocol or multiple?
Multiple, almost certainly. The historical pattern of internet standards is that protocols fragment by ecosystem and then slowly consolidate as interoperability pressure mounts. ACP and UCP serve different AI surfaces and are backed by different platform ecosystems. Both will persist as long as ChatGPT and Google AI Mode both matter, which is likely to be a long time. The consolidation pressure comes from merchants who don’t want to maintain five separate integrations — that merchant pressure will drive interoperability work, not the platforms voluntarily ceding ground.
How does this affect businesses that don’t sell products online?
Service businesses and content publishers are affected through the discovery layer, not the transaction layer. When AI agents answer questions and make recommendations, the businesses and sources that get surfaced are determined by the same kind of structured data and entity clarity that determines protocol-level discoverability for product merchants. The content infrastructure that makes you citable by AI systems is the service-business equivalent of protocol integration for product merchants.
What should I actually do this week?
Audit your structured product or service data for completeness and machine readability. Check whether your commerce platform has already integrated any of the major protocols on your behalf. Read the ACP and UCP documentation to understand what implementation requires. And look at your current AEO and GEO optimization — the content signals that determine AI citability are the same signals that will determine agent recommendability as agentic commerce matures.
