The Next Frontier: Artificial Intelligence Managing Your Purchases
The financial services industry is at an inflection point. As large language models and machine learning systems become increasingly sophisticated, companies are exploring how artificial intelligence can assist consumers with everyday tasks—including shopping and payments. American Express is positioning itself at the forefront of this transformation by developing technology that allows AI agents to make purchases on behalf of users while maintaining strict security controls and accountability measures.
Unlike traditional payment processors that simply move money between accounts, American Express operates as both a card issuer and payment network. This unique position gives the company distinct advantages in shaping how AI-powered commerce will function. The company recently unveiled its Agentic Commerce Experiences (ACE) developer kit, a framework designed to address some of the thorniest challenges in allowing intelligent machines to handle financial transactions safely.
Understanding the Trust Problem in AI Commerce
The concept of AI agents conducting transactions on human behalf raises legitimate concerns. Consumers worry about unauthorized purchases, merchants fear non-payment, and financial institutions dread chargebacks and fraud. These aren’t hypothetical risks—they represent real barriers to mainstream adoption of agentic commerce technology.
Luke Gebb, American Express’s executive vice president and global head of innovation, emphasizes that trust and security form the foundation of the company’s approach. “This is really the first time that an issuer is coming to the table,” he stated, highlighting how most discussions about AI commerce have excluded the perspectives of card issuers.
The ACE kit tackles trust through multiple mechanisms. Rather than operating as a completely transparent system, American Express has chosen to maintain a closed-loop architecture where the company controls both the card-issuing function and the network layer. While this approach offers certain security advantages, it also introduces opacity that some industry observers view cautiously.
Intent Contracts: The Foundation of Authorized AI Spending
At the heart of the ACE system lies the concept of intent contracts. Before an AI agent can make any purchase, a user must first define exactly what they want the agent to accomplish. This might sound simple—”find me red shoes”—but the implementation involves sophisticated machine learning systems that must interpret human intent accurately.
Once a user defines their shopping goal, the system generates two critical elements: an Intent ID and a Proof of Intent Token. These serve as cryptographic proof of authorization, crucial for resolving disputes or chargebacks. The Proof of Intent Token essentially creates an immutable record that the human owner authorized the transaction within specific parameters.
This approach leverages principles similar to those used by researchers at organizations like OpenAI and Anthropic who study how AI systems can verify they’re following human instructions. Rather than relying on ChatGPT or general-purpose language models, Amex’s solution creates specialized tokens tied to specific transactions and user constraints.
How Boundaries Protect Consumer Wallets
The payment credential system within ACE incorporates built-in spending boundaries. When an AI agent locates an item matching the user’s request, it doesn’t immediately charge the card. Instead, the agent requests a single-use token that contains the exact constraints the user specified.
For instance, if a user instructs an agent to purchase red shoes with a maximum budget of $500, the generated token won’t authorize any charge exceeding that threshold. This represents a fundamental shift from how payment systems traditionally work. Rather than validating transactions after the fact, the system prevents invalid transactions from occurring in the first place.
The Transparency Challenge Remains
Despite these innovations, questions persist about how thoroughly American Express validates that the items in a user’s shopping cart align with their original intent. The company acknowledges comparing carts against stated objectives but hasn’t fully disclosed the validation methodology.
Industry experts specializing in identity verification and payment systems note that while protocols like ACE excel at handling proofs and fund movement mechanics, they often leave upstream validation—the human authorization layer—underdeveloped. Without crystal-clear cryptographic verification linking an agent to explicit human authority, the system remains vulnerable to repudiation disputes and fraud.
This gap represents a critical challenge as machine learning capabilities advance. Even as systems become more sophisticated at understanding nuance, the need for verifiable proof of human consent becomes more important, not less.
American Express’s Competitive Advantage
Most major payment processors—Visa and Mastercard—don’t issue cards themselves. They operate as networks connecting banks with merchants. American Express operates differently, maintaining control over the entire transaction ecosystem. This gives the company flexibility that traditional networks lack when implementing new security protocols.
The company is also engaging with broader industry standards. American Express participates in initiatives like Google’s Agent Pay Protocol, which aims to establish interoperability standards across different platforms. However, the ACE kit represents the company’s proprietary approach to handling payment validation at the network layer—something most existing protocols don’t address comprehensively.
What the ACE Developer Kit Includes
The complete ACE system provides developers with several integrated capabilities. Agent registration allows AI systems to establish verified identities. Account enablement links user accounts to their agents and grants necessary permissions. Intent intelligence creates those crucial intent contracts defining transaction parameters. Payment credentials generate single-use tokens with embedded constraints. Finally, cart context and validation mechanisms ensure purchased items match user instructions.
This comprehensive approach reflects American Express’s perspective that successful agentic commerce requires understanding both what systems will permit agents to do and who bears responsibility when problems occur.
Looking Forward
As artificial intelligence continues advancing, the ability to safely delegate financial decisions to AI agents will become increasingly valuable. American Express’s work suggests that solutions will require collaboration between payment networks, merchants, and developers—with clear accountability structures and verifiable authorization layers.
The questions about transparency and validation that surround the ACE kit today will likely shape industry standards tomorrow. As machine learning systems become more capable of understanding complex instructions, ensuring humans remain in control of financial decisions becomes paradoxically more critical.
Frequently Asked Questions
How do intent contracts work in American Express's agentic commerce system?
Intent contracts are user-defined instructions that specify exactly what an AI agent should purchase and under what constraints. When a user creates an intent contract, the system generates an Intent ID and Proof of Intent Token—cryptographic proof that the human authorized the transaction. This token serves as evidence in case of disputes and ensures the agent only acts within the user's defined parameters, such as maximum spending limits or specific product requirements.
What are single-use tokens and how do they protect consumers?
Single-use tokens are payment credentials generated for specific transactions that contain embedded spending boundaries and constraints. When an AI agent finds a matching product, it requests a token rather than direct card access. This token won't authorize charges exceeding the user's limits—for example, a $500 budget constraint prevents any purchase over that amount. Each token is unique to one transaction, preventing misuse across multiple purchases.
Why is American Express uniquely positioned to build AI commerce solutions?
Unlike Visa and Mastercard, which operate as networks connecting banks and merchants, American Express functions as both a card issuer and payment network. This integrated structure gives Amex complete control over the transaction ecosystem and allows the company to implement security protocols at the network layer—something most payment processors cannot do independently. This vertical integration enables more comprehensive validation and control mechanisms for AI-driven transactions.
