EMVCo and DPCs

Posted on by
Reply

This should be a 20 page blog… but I don’t have time this week. Big picture thoughts

The April 28, 2026 announcement of Google’s donation of the Agent Payments Protocol (AP2) to the FIDO Alliance signals Google’s desire to move payments from the legacy Device Primary Account Number (DPAN) model to the Digital Payment Credential (DPC) mandate framework. For identity and payment experts, this shift represents more than a technical update; it is an effort to commoditize the proprietary trust moats built by card networks and Apple through a standardized, platform-agnostic infrastructure.

Continue reading

AP2 Donation to FIDO 

Posted on by
Reply

Yesterday Google donated AP2 to the FIDO Alliance , let me share my thoughts on what this means.  

  1. Effort to drive cross-industry standardization and extend Google’s established success within the FIDO ecosystem (log in with Google) while addressing the structural limitations of FIDO.

  2. A “tipping point” transition from “Identity as a Service” to “Identity as an Infrastructure,” where the mobile handset functions as the primary root of trust for autonomous commerce. Google is telling FIDO that they must incorporate elements of W3C VCs to have a future.

  3. Google’s first big public move toward device bound credentials (Titan M2, Anroid Credential Manager, Android Ready Alliance, …etc).

You need to be logged in to view the rest of the content. Please . Not a Member? Join Us

Federated Models Need Measurement

Posted on by
Reply

A follow on blog to my Intent data post yesterday. Where intent is needed for authorization, measurement is needed by every “specialist” participating in an agentic interaction. As background I was founder/CEO of Commerce Signals, focused on measurement and card transaction data. Measurement is a powerful business. In fact, I would say Google started out as a measurement company with the PageRank algorithm. By keeping track of what users clicked on which link for which search word, they created the directory of the internet. Let’s dig a little deeper into why measurement is key in agentic, and for all federated models.

Google is not building a monolithic “central brain” to disintermediate the ecosystem. Instead, as discussed in my UCP Blog (also see Ask Macy’s Case Study), they are fostering a world of specialist collaborative models that interact across three specific technical layers:

Continue reading

Agentic – Intent and the New “Data Games’

Posted on by
Reply

While the industry recognizes that agentic commerce is reshaping payments, the more immediate technical friction lies in how it re-engineers data sharing. We are moving past the “top-of-funnel” coordination of inventory and pricing seen in protocols like UCP/MCP, entering the more contentious territory of AP2/ACP to coordinate trust and payment.

The Collaboration Paradox

As I’ve noted in Strategic Innovation Era, we are seeing a “Retailer First” surge. Successes like Walmart’s Sparky and Amazon’s Rufus prove that retailers are intent on controlling their own data and checkout environments.

However, external collaboration is mandatory for scale. I remain a proponent of Google’s approach: rather than a monolithic LLM, they are building a world of specialist model partnerships. But collaboration requires data exchange—the primary point of friction in this stage of strategic innovation.

Continue reading

American Express Breaks the Agentic Commerce Deadlock: Why Today Matters

Posted on by
Reply

Why is this big news? Once one network says “we cover agent errors,” the others can’t say no.

The Problem We’ve Been Waiting for a Network to Solve

For the past eighteen months, I’ve written extensively about agentic commerce as a test of *incentive alignment*, not technology. The tech works. What doesn’t work is getting all parties—networks, issuers, merchants, platforms, and payment processors—to align around who owns the agent, who owns the data, and who bears the risk.

Today, American Express did something important: it solved that problem for its own closed loop (and its customer base). What does this mean? I hope it means US Issuers will lean in on the V/MA solutions that can allow them to operate at near parity (V/MA have the rules, tech and governance). But changing a network is really hard.

Continue reading

FIncen/OFAC 303 Page Rule Squashes Stablecoin eCom Ambitions

Posted on by
Reply

Exec Summary

  • New 303 Page FINCEN/OFAC Rule, aligns to the clear language of the Genius act, but IMHO will create major friction for use of USD stablecoins in eCommerce

  • Rules for tracking parties and monitoring secondary activity create a compliance regime that burdens every party with the need to understand the provenance of a coin. Can you imagine accepting $2000 for a new TV, shipping it out, then having your stablecoins burned?

  • So not only do we have KYC but we have SAR reporting requirements as PPSIs must also comply with SAR and the “Travel Rule” (31 CFR 1010.410(f)), which involves collecting and transmitting information about the originators and beneficiaries of funds transmittal.

  • Banks and Stablecoin Issuers that jumpted into Solana’s Token-2022 model saw this coming and are well placed to move forward

  • This creates substantial advantages for banks in sweeping coins into covered accounts and freshly minting new coins when required. 

  • Great news for Big Banks and V/MA. card gain signficant advantage over stablecoins with the proposed rule

  • I see this as tailwind for stablecoins in settlement, but a big headwind for stablecoin in eCommerce (with a few exceptions). 

  • My views on Stablecoin winners and losers remain unchanged except for an update to winners for x402.

  • No wonder Jamie Dimon remains confident that the banks will win, it will take years for stablecoin startups to build the regulatory muscle required to manage 303 pages of FinCEN mandates. By the time they do, the banks will already be running their own stablecoin subsidiaries under the very same rules.

The Rule

The U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN) and OFAC issued a 303-page proposed rule implementing the GENIUS Act, reclassifying permitted payment stablecoin issuers (PPSIs) as financial institutions under the Bank Secrecy Act. Requirements include bank-grade KYC, suspicious activity reporting, transaction blocking/freezing capabilities, and appointment of a U.S.-based compliance officer. Enforcement begins January 2027. A 60-day comment period opens now.

The NPRM (Notice of Proposed Rulemaking) introduces 31 CFR Part 1033, which specifically outlines the obligations of PPSIs. The density of this document reflects the complexity of applying traditional banking rules to a distributed ledger environment.

You need to be logged in to view the rest of the content. Please . Not a Member? Join Us

Wero 2026: Sovereignty at a Commercial Premium

Posted on by
Reply

Just left a UBS webinar from the head of product for Wero and thought it would be a good time to update my July 2025 assessment of Wero as a “solution in search of a problem,”. The biggest change in Wero is the core infrastructure has transitioned from a voluntary service to a mandated utility. However, as the European Payments Initiative (EPI) attempts to scale, the project faces a fundamental conflict between political objectives and commercial unit economics.

You need to be logged in to view the rest of the content. Please . Not a Member? Join Us

Visa CLI and X402 CONVERGENCE

Posted on by
1

Last week I wrote about MPP and x402 solving the internet’s original sin: the inability of machines to pay machines without a human in the loop. This week, Visa made that argument a lot easier to make.

Visa Crypto Labs quietly launched Visa CLI, a command line tool that gives AI agents a wallet. One npm install. One setup command. And your agent can pay for anything on the internet, charged to a real Visa card, without an API key, without a pre-funded crypto wallet, without human intervention.

I got beta access this week and tested it. Here’s what I learned, and why I think the CLI is the most important signal yet that the incumbent payment networks are serious about the agentic commerce era.

Continue reading

The Evolution of Checkout: Invisible, Instant, and Everything In Between

Posted on by
Reply

My friend Simon Taylor at Fintech Brainfood published a provocative piece this week: The Checkout is Dead, Part 2. His thesis is elegant — the future of agentic commerce is invisible. No cart. No confirmation screen. No “Pay Now” button. Just an event in the world, and money moves.

IMHO He’s right about the general direction. But he’s wrong about the scope and timeline. Not everything fits in instant, and its really important to look not only at OpenAI’s instant checkout FAILURE at Walmart, but also their internal success (ie Sparky driving 35% sales increase with internal checkout).

You need to be logged in to view the rest of the content. Please . Not a Member? Join Us