Resource center
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Topic
Region
Perspectives

Chargebacks in agentic commerce: How merchants can stay ahead

With AI agents reshaping the purchase flow, the tools and strategies that bring trust, traceability, and clarity to chargeback defence.

Link to the author's page
Isabel Scavetta
December 4, 2025
Link to the author's page
Chargebacks in agentic commerce: How merchants can stay ahead

Online retail is entering a new phase. Shoppers are increasingly turning to AI platforms to help them search, compare, and decide what to buy – with nearly half of consumers saying they will use AI agents for their Christmas shopping, as found in our agentic commerce report. This shift signals the rise of agentic commerce, where AI assists with discovery and decision-making before a human commits to a purchase.

But we are not yet in a world where autonomous AI agents complete the entire journey. The moment a shopper wants to buy, they are pushed back into a traditional checkout. That breaks the experience, increases the risk of basket abandonment, and creates new gaps in evidence and accountability that matter when a dispute or chargeback is raised.

The next frontier is enabling payments inside these AI environments. A smooth in-chat checkout, one that keeps consumers in the same flow, will define the future of agentic commerce. To make that possible, businesses and platforms need native checkout experiences supported by strong controls and well-defined processes that give shoppers safety, trust, and clear decision points. 

So what does this mean for dispute management? And how can you protect performance in a world where agents are doing the checking out?

Why traditional chargeback rules fall short

Chargebacks were built for a world where the buyer clicked “pay.” That click marked a clear moment of authorization, easy to trace and easy to defend. Agentic commerce today doesn’t remove the user from the purchase flow entirely, but it shifts much of the decision-making upstream, long before the user confirms the final purchase. In most early implementations, including experiences built on the Agentic Commerce Protocol (ACP), the user still confirms the final purchase. What changes is how much of the journey happens before that moment.

AI agents now handle the discovery, selection, and checkout preparation steps before the user ever sees a payment screen. In flows like OpenAI’s Instant Checkout or Visa Intelligent Commerce, the agent completes much of the work invisibly, filling forms and assembling carts that the shopper never interacts with directly. The user confirms, but the agent executes.

Over time, more advanced delegation models may emerge, where a user authorizes an agent to make purchases under specific conditions. Early versions of these conditional, pre-approved purchases are already being explored across the ecosystem, though standards are still being defined.

This shift breaks the assumptions built into today’s chargeback frameworks. Instead of a user completing each step on a merchant’s site, agents orchestrate large parts of the journey, introducing new challenges for verification, risk, and dispute resolution. 

That creates ambiguity, and risk:

  • Did the user authorize the agent? Proving the user gave the agent specific authority for that particular purchase is essential. This requires capturing a clear record of the user’s instructions, limits, and approval signals before the agent executes the transaction. 
  • Did the agent correctly interpret the instructions? Disputes arise from instances where the agent may have hallucinated, misrepresented, or acted counter to the consumer’s intent. You'll need evidence showing the agent operated within the scope of the user’s mandate, including how items, quantities, or preferences were derived. 
  • Could the credentials have been compromised? Fraud teams must now distinguish between legitimate “helper” agents and hostile automation, which may operate as cover or Trojan agents containing malicious payloads. Strong verification of both the agent and the intent it presents becomes critical to ruling out spoofed or manipulated instructions, especially as protocols like Visa’s Trusted Agent Protocol (TAP), and Google’s Agent Payments Protocol (AP2) begin formalizing how order intent is captured, signed, and passed through the checkout flow.

Meanwhile, dispute volumes are climbing. Global cases are forecast to grow 24% between 2025 and 2028 – largely due to card-not-present transactions. And as AI agents become a new checkout interface, it’s likely that pressure will intensify. 

To defend revenue, your business will need to adapt. That means moving beyond signals like IP addresses, and capturing richer, verifiable evidence of delegation. 

As part of this shift, Checkout.com is adopting ACP, backed by OpenAI, to create a more traceable and reliable foundation for agent-led transactions. ACP provides a structured way for agents, users, and your business to collaborate safely, with clear records of intent and authorization. It enables AI agents to discover, select, and purchase products on behalf of consumers inside platforms like ChatGPT, supported by strong identity, verification, and trust controls.

New protocols for agent-led transactions

To help your business securely enable, and defend, agent-led transactions, two industry protocols have emerged: TAP and AP2. Together, they create a trust layer for agentic commerce. They clarify who is acting, what they’ve been authorized to do, and how that authority was granted.

Visa’s Trusted Agent Protocol (TAP)

TAP helps you verify the legitimacy of an AI agent acting on behalf of a customer. Think of it as a digital passport for agents that enables transparency, trust, and control at the edge of automation. 

Key benefits:

  • Verification: Agents can pass consumer identifiers (e.g., token ID or loyalty account), linking their actions to a known user.
  • Trust signals: TAP uses cryptographically signed, time-bound, non-replayable credentials, enabling confidence without new infrastructure. 
  • Fraud prevention: By confirming both agent and intent, TAP filters out hostile automation without adding friction. 

Google’s Agent Payments Protocol (AP2)

Where TAP verifies who the agent is, AP2 defines what they’re allowed to do. It’s a payment-method-agnostic framework that gives agents the means to transact securely, with full traceability back to the user’s original instructions.

AP2 uses cryptographically signed mandates to establish delegation: 

  • Intent mandates capture initial instructions (e.g., “Find me a hotel under $300”), including limits and preferences.
  • Cart mandates confirm transaction details before payment, locking in items, pricing, and terms.
  • Nonrepudiable audit trail tracks the full journey from intent to checkout.

For businesses, these protocols offer the traceability and transparency needed to defend agent-led transactions.

Why this matters now

The performance of dispute resolution is shifting from a simple “yes or no” on transaction authorization to a fuller evaluation of the delegation context. That means capturing agent identifiers and signatures, logging mandate creation and approval events, and tracking execution signals, including session tokens and orchestration traces. 

Early adoption of TAP and AP2 gives your business the visibility and traceability they need to handle agent-led disputes with confidence. These protocols move the industry beyond signals – like IP geolocation and browser fingerprints – replacing them with verifiable records of intent, identity, and execution. For merchants, that means faster resolution, stronger defenses, and better protection against a fast-changing threat landscape.

Four areas merchants must act on now

Agentic commerce introduces new risks that can’t be managed with traditional chargeback and fraud strategies. To stay ahead, you'll need to shift from reactive defenses to proactive systems that strengthen evidence, automate prevention, improve customer clarity, and shape industry standards before chargeback rates climb. 

1. Secure the new standard of evidence before disputes rise 

AI-initiated transactions undermine traditional evidence sources, such as IP geolocation and device data. Your business needs to build new, agent-centric evidence foundations now.

  • Adapt data collection for traceability: Capture and store key signals including order context (items, pricing, fulfillment timelines), execution data (timestamps, session tokens, API headers, Agent IDs if exposed), and account-level patterns (customer ID, login consistency, purchase history). 
  • Adopt emerging protocols early: Integrate protocols such as AP2 and TAP to identify trusted agents, verify intent, and separate legitimate automation from malicious traffic). 
  • Update internal workflows: Train dispute teams and revise evidence processes so they can use delegation data effectively. Future disputes may hinge on when the user granted authority and how the agent acted, not just whether a transaction was authorized.

2. Automate prevention and build post-purchase intelligence  

Agentic commerce increases both the volume and complexity of transactions, making manual fraud and chargeback workflows unsustainable.

  • Automate risk management: Replace manual chargeback processes with automated tools that handle evidence collection, representment creation, and submission at scale.
  • Strengthen early-stage controls: The best way to tackle fraudulent chargebacks is to stop bad actors earlier in the payment journey – at onboarding, authentication, or risk-screening – rather than relying on interventions at the chargeback stage, when it’s often too late and doesn’t address the root issue.
  • Shift toward post-purchase intelligence: Since agents do not behave like humans or rely on human devices, pre-payment fraud signals weaken. You'll need post-purchase monitoring to identify risky transactions likely to become disputes and intervene early.
  • Use advanced fraud tools: Deploy AI-powered monitoring systems to detect unusual behavior in real time. These tools can prevent a significant share of chargebacks before they occur.

3. Establish clear customer guardrails to reduce friendly fraud 

As agents increasingly act on behalf of customers, confusion and mis-remembered purchases will become a major driver of friendly fraud. Your business must reinforce clarity and control. 

  • Be transparent and explicit: Make clear to customers when an AI system initiates a transaction, and ensure they understand what they have authorized.
  • Offer meaningful user control: Provide opt-in and opt-out settings for agent behavior and allow customers to adjust preferences easily.
  • Simplify issue resolution: Include cancellation links in confirmation emails, so customers can correct unintended purchases without filing chargebacks. 
  • Update post-purchase communications to reference agent-led flows, giving customers clear context about how their purchase was initiated and reducing confusion-driven disputes.
  • Ensure billing clarity: Use a recognizable descriptor on bank statements to minimize confusion-driven disputes. 
  • Strengthen customer service: Provide rapid responses and proactive updates, especially for delivery or fulfillment issues, to prevent avoidable chargebacks. 

4. Engage in industry advocacy to shape emerging standards 

Agentic commerce is evolving quickly, and liability rules, data-sharing expectations, and evidence frameworks are still being defined. Your business must help shape these standards rather than wait for them.

  • Advocate for essential data sharing: Engage with AI platforms to ensure you receive the minimum necessary user data – such as behavioral signals – that underpin effective fraud decisions.
  • Partner for shared intelligence: Work with AI-driven fraud networks that aggregate signals across businesses. Shared intelligence restores context lost in agent-led flows and spreads risk management across the ecosystem.
  • Adopt a dynamic posture: Accept that strategies must evolve continuously. Static fraud and chargeback systems will fall behind as AI agents become more capable and more autonomous. 

Looking ahead: A new chargeback ecosystem

Agentic commerce is forcing the payments industry to rethink chargebacks from first principles. Built for human-initiated transactions, today’s systems assume a single moment of authorization. But when AI agents act on a user’s behalf, that model breaks. What’s needed now is a framework grounded in traceability and delegation.

Protocols like TAP and AP2 are leading that shift. They provide businesses with richer, verifiable data – including mandate logs, orchestration traces, and agent identifiers – to resolve disputes more accurately. Instead of relying on outdated signals like browser fingerprints, merchants can prove what was authorized, by whom, and under what conditions.

This shift also changes the rules on liability. With clear evidence of delegation, responsibility may shift upstream, away from the merchant and toward the platforms or agents that misinterpret instructions. That’s a meaningful protection in a world where friendly fraud is rising, and hostile automation is harder to detect.

Ultimately, this is about clarity: for businesses, consumers, and networks. Businesses that invest early in this new dispute infrastructure can reduce risk, move faster, defend revenue more effectively, and build lasting consumer trust in a world where agents are doing the checking out.

Download PDF

Stay up-to-date

Get Checkout.com news in your inbox.

Back to top button

Most recent articles

An introduction to local payment methods
Blog
Dec 4, 2025

An introduction to local payment methods

Read article
Push payments vs pull payments: What's the difference?
Blog
Dec 3, 2025

Push payments vs pull payments: What's the difference?

Read article
Clearing vs. settlement: What's the difference?
Blog
Dec 2, 2025

Clearing vs. settlement: What's the difference?

Read article
How and why to improve the B2B payment experience
Blog
Dec 1, 2025

How and why to improve the B2B payment experience

Read article
What is a merchant of record?
Blog
Dec 1, 2025

What is a merchant of record?

Read article
A merchant's guide to JCB Payments
Blog
Nov 25, 2025

A merchant's guide to JCB Payments

Read article
Where travel insurance takes flight: Faye accelerates growth with Checkout.com
Blog
Nov 24, 2025

Where travel insurance takes flight: Faye accelerates growth with Checkout.com

Read article
Conversion tips for Black Friday in North America
Blog
Nov 21, 2025

Conversion tips for Black Friday in North America

Read article
Lessons from fintech trailblazers: Innovation, grit, and US growth
Blog
Nov 20, 2025

Lessons from fintech trailblazers: Innovation, grit, and US growth

Read article
How to get the best out of Apple Pay for revenue growth
Blog
Nov 19, 2025

How to get the best out of Apple Pay for revenue growth

Read article
What is a Device Account Number?
Blog
Nov 18, 2025

What is a Device Account Number?

Read article
How to master payments in the Nordics
Blog
Nov 18, 2025

How to master payments in the Nordics

Read article
Return to home
December 4, 2025 11:00
December 4, 2025 11:00