Machine to Machine Transactions: How to Resolve Trust and Governance Gaps. 

Posted on by

FIDO, VC, AP2, Tokenization, Credential Issuance, Biometrics, …etc

Executive Summary

The transition to agentic, machine-to-machine (M2M) commerce creates a profound governance gap that existing technology-first standards cannot fill. Today, human-in-the-loop (HIL) transactions, whether at a point-of-sale or in eCommerce, are secured not by technology alone, but by the robust, contract-based governance and risk-allocation models of networks like Visa and Mastercard. As stated previously, V/MA are the identity infrastructure for the internet and identity is the core “shaping force” for all new payment schemes.

Agentic systems, such as Google’s Agentic Payments Protocol (AP2), introduce a fundamental break from HIL. While cryptographically sound, these protocols can prove an action occurred but cannot prove human authorization or assign financial risk in a commercially viable way. Technical standards from FIDO to W3C Verifiable Credentials and Europe’s eIDAS are insufficient on their own. They represent only one leg of a required three-legged stool, lacking the other two: enforceable governance and viable economics.

The governance gap in agentic commerce will not be filled by a “better” technology. It will be filled by plugging new technologies into existing governance frameworks. M2M must first adapt to current contractual and governance models before it can look toward creating its own. Ultimately, an agentic commerce network must either 

  1. Collaborate with existing participants and frameworks (ie card based). Not as a mere protocol, but as a holistic network that bundles technology, economics, and governance.
  2. Become completely separate and independent (ie Stablecoin and Identity Wallets like eIDAS, or UPI/UIDAS).

Given that M2M will have a greater need for governance (and VAS), my investment hypothesis is that V/MA will greatly expand their role and services in agentic, as the power of banking is unlocked within their network.

The End of Implicit Trust

In the current commercial landscape, both Point-of-Sale (POS) and eCommerce transactions are built upon the implicit authorization of a human consumer. A card tap or an online “Buy Now” click is far more than a simple technical action; it is a legally defined instruction, interpreted by all downstream parties as a consumer’s binding intent to pay.

The trust in this system is not derived from the action itself. The action is trivial. The trust is based on the shared understanding of that action’s consequences, an understanding enforced by decades of network rules, consumer protections, and dispute resolution processes. Consumers trust the “Buy Now” button because they know, implicitly, that if the merchant defrauds them, a governance system, either from merchant protection, or as a fallback to their bank and the card network, exists to “own the risk” and make them whole. This governance model actively manages and assigns risk: the consumer’s payment is guaranteed by their Issuer, while the risk of merchant non-delivery is owned by the merchant (thru the Acquirer/PSP).

The Shift: Agentic Commerce and the M2M Break

Agentic commerce, where autonomous software agents execute transactions on behalf of a user, represents a fundamental break from the HIL model. An AI agent re-ordering home supplies or booking a service is not a human. Its actions, by definition, may lack the implicit legal intent of a human action (ex buy x when price drops below $50). Here the actors, the approved actions, and the items to be purchased were defined separately from the purchase action.

This immediately raises critical questions: In machine-based transactions, how do we know what a consumer truly authorized? How do we authenticate the agent that received this authorization? And who owns the risk if things go wrong? Google’s chain of cryptographic mandates is trustworthy, but to action this “proof” all parties must agree on this source of authority AND each party that makes assertions within it. 

The HIL model conveniently bundles authentication (it is me holding my phone), authorization (I want this specific item at this specific price), and intent (I agree to pay this store for x item) into a single tap or click. The M2M model forcefully decouples these. A user may give a general mandate to an agent (e.S., “keep my pantry stocked”). The agent then performs specific actions (e.g., “buy 1 gallon of milk from Merchant X for $5.99”). The core problem is that no commercial framework exists to link that general mandate to the specific action in a financially and legally binding way. This is the “Gordian knot of governance issues9 that agentic commerce presents.

Governor Candidate #1 –  Visa & Mastercard “Identity Infrastructure”

My assertion that Visa and Mastercard (V/MA) function as the internet’s de facto identity infrastructure is not a technical claim; it is a governance claim. Their “BIGGEST competitive moat” is not technology, but governance. This governance is exercised through the provisioning of credentials, security standards, operating agreements, and the rules governing the use of those credentials.

While V/MA may not be literally described as “identity infrastructure” in all documentation, they hold the “only commercially enforceable agreement between you and a retail purchase”.. This system of agreements actively manages every entity in the transaction, from the consumer’s Issuer to the merchant’s Acquirer. They function as the identity infrastructure by providing a contractual governance framework that allows untrusted parties (a consumer in New York, a merchant in Berlin) to exchange value with guaranteed outcomes. This is the very definition of a trust networks. Which leads to my other assertion the Power of Banking is Externalized Through Networks (ie Payments).

V/MA have become the “trust layer” of the internet by transforming “anonymous nodes” (e.g., unknown merchants) into “known, defined, and guaranteed service providers”,  This is achieved through the “operating model,” a “linkage of contractual agreements” (Consumer-to-Issuer, Issuer-to-Network, Network-to-Acquirer, Acquirer-to-Merchant).  The millions of businesses, thousands of banks and billions of consumers demonstrate the network effect that will prove challenging for new M2M systems to replicate. For agentic commerce to be viable TODAY, players must inherit trust from an existing, highly-governed domain. This is precisely why any new protocol, like AP2, must “adapt to accommodate existing governance and controls (ex cards).”

The Agentic Governance Gap

Google’s Agentic Payments Protocol (AP2) serves as a perfect case study of the M2M governance gap. The “cryptographic chain of proof in mandates are sound.” The technology works; it can provably link a specific action to a specific mandate. The gap lies in what this “sound” chain doesn’t prove. It cannot answer the fundamental commercial questions:

  1. Identity of Actors? How was a given agent or participant authorized? Bank level KYC and KYB are much different than opening a gmail account. 
  2. Authorization: How do we know what the consumer truly authorized?
  3. Risk: “Who can take financial risk based upon this chain?” “Who will take risk based upon the assertions of any participant?”
  4. Disputes: “How will disputes be resolved?”

AP2 is a protocol existing in a vacuum. It is missing the “rule sets (e.g., 3DS, DAF, TAF) which govern the credential and transaction”. These rule sets are the V/MA governance layer. Without them, AP2 provides a log of what happened, but no operating rules to govern WHO OWNS THE RISK.  In this vacuum, the risk defaults to the ends of the chain. In a crypto or stablecoin transaction via AP2, if an automated agent makes a mistake the consumer has the loss because “There is no bank to complain to”. This 100% consumer-risk model is commercially non-viable at scale.

“Software thru Contract”: The Forgotten Precedent for M2M Governance

The SOA Metaphor: A Contract for Every Interaction

During my short stint at Gartner Group in 1997, my colleague Roy Schulte defined the concept of Service-Oriented Architecture (SOA), its predecessor was “software thru contract”.  I’m not talking “smart contract” but the dumb paper kind.   SOA kept the service, but lost the contract or the governance model for M2M interactions.

This provides a direct precedent. In agentic commerce, the AI agent is a “service consumer.” The merchant is a “service provider.” Their interaction, to be commercially viable, must be governed by an enforceable contract that defines rules, risk, actions, quality of service, and cost. AP2 provides the communication protocol, but it does not provide the contract.

Visa and MA operate in this contractual model today. V/MA don’t move money, they actually just exchange defined messages with trusted parties within an agreement. 

The Three-Legged Stool

New M2M systems cannot be supported by technology alone. They require a “three-legged stool” of technology, economics, and governance. The failure of “technically excellent” standards to gain commercial traction is almost always a failure in the other two legs.

FIDO: The Fallacy of Confusing Action with Authorization

A critical distinction exists between a device authorizing an action and a person authorizing a transaction. FIDO credentials (passkeys) use asymmetric encryption and are inherently phishing-resistant. They provide a high degree of certainty that the permission came from a device containing the appropriate cryptographic key. While FIDO guarantees the device possesses the key, biometric authentication (“something you are” or “proof of inherence”) is necessary for high-assurance, person-tied authorization because it confirms the physical person is present and actively consenting to the action. The FIDO standard is the “gold standard of MFA”, but it is fundamentally a device authentication standard. It answers the question, is this credential valid?

It does not answer the question, “Does this person approve this specific $1,000 payment?” The FIDO Alliance itself recognizes this gap. This is why “FIDO Transaction Confirmation” was developed as a separate concept. This higher-assurance function is designed to gather “explicit user consent for a specific action” by cryptographically binding the user’s authentication to the specific transaction details (e.g., “pay $1000 to company X” Similar to the mandate defined within Google’s AP2).  This proves that even the best authentication standard requires a governance overlay (Transaction Confirmation) to become a true authorization framework suitable for high-risk transactions.

To fill this FIDO2 authorization gap the industry is adopting W3C’s Verifiable Credentials (VCs) and extending the protocol to provide strong authentication and authorization

W3C Verifiable Credentials: A Standard Without a State

The W3C Verifiable Credentials (VC) specification is the “best most forward looking standard” for a data model. It provides a cryptographically secure and “machine-verifiable” way to express credentials (like a driver’s license) and establishes a “triangle of trust” between an Issuer, Holder, and Verifier.

But this standard “requires supporting law… and governance.” Verifying the credential (the technology) is “only half the equation”. The far more important commercial question is: “is the organization issuing it… legitimate, governed, and trusted?”. A cryptographically- sound VC from an unknown, untrusted issuer is commercially worthless. Like AP2, W3C VCs are a technically-sound protocol existing in a governance vacuum. The standard does not provide the governance framework (who is a trusted issuer?) or the supporting law (what is the liability for a fraudulent issuance?). A VC is just a data packet; it only becomes a trusted identity when issued within a robust governance framework.

eIDAS: The Government-Domain Trap

Europe’s eIDAS (see blog) and the associated identity wallet are the prime exhibit of this “three-legged stool” problem. The system is “technically excellent,” but as a commercial venture, it is hamstrung because it “misses economics and governance.” As a result, it “is primarily constrained to use in government services only (domain).”

Research confirms my perspective. The original eIDAS 1.0 was limited precisely because of its “focus on public services” and “rigid approach to data… attributes,” which “hindered its implementation” in the private sector. The new eIDAS 2.0 (EUDI Wallet) repeats this error. It is a technical standard that lacks a commercialization strategy (Just like SEPA). The core challenge is “fostering a healthy identity market and avoiding sole reliance on public funding”  and creating “incentives” for users, issuers, and relying parties.

eIDAS is a perfect trust network for the government domain (where legal mandates can take hold).. However, this trust is not distributable to the commercial domain (as banking trust is via V/MA) because there is no economic model (like interchange) to fund it or commercial governance (like V/MA’s operating rules) to manage private-sector risk, nor compelling law that requires banks to act on it.

Identity Needs a Network

There are only two successful, at-scale models for a trust network. Both are complete, three-legged stools.

  1. Model 1: Private Contract (Visa/Mastercard): This model is governed by Network Operating Rules. Risk is managed by contractual liability assigned to each participant. Economics are driven by interchange and other fees, creating incentives for all parties to participate.
  2. Model 2: Mandates + Public Law (India’s UPI/UIDAI): This model is governed by supporting law. Participation is required by law for relevant entities. Disputes are governed by law. The economics are driven by government mandate and a different (often utility-based) funding model.

New protocols like AP2, W3C VCs, and eIDAS are not complete models. They are just the technology leg, missing the governance and economics.

Conclusion: Adapting to the Contract

The governance gap in agentic commerce will not be filled by a “better” technology. It will be filled by plugging new technologies into existing governance frameworks. M2M must first adapt to current contractual and governance models before it can look toward creating its own.

For card payments, AP2 will only work when it “align[s] to each individual network… in the approval of each actor to assume a given role.” It must submit to the governance of Visa and Mastercard. W3C VCs will only become commercially useful when they are issued by trusted entities within an existing trust domain, such as a bank or a government, under that domain’s rules.

The path forward for identity, and by extension agentic commerce, is not a new protocol. Identity “needs a network for economics, governance and cross domain trusted interaction.” This is why Visa and Mastercard, as a functional model for bundling these three components, remain the de facto identity infrastructure of the internet. They are not a payments-tech business; they are, and have always been, a governance-as-a-service business.

Please Login to Comment.