Understanding ApplePay in PIN Debit

Payment Geek detail on the EMVCO Dependencies of Debit and How Cap One Solved It

This is a technical addendum to today’s post on the reported JPMorgan/BofA/Wells/PNC exploration of buying Fiserv’s Star network. That post laid out five business and political reasons the deal is unlikely to happen. This one goes underneath the business case to the technical architecture that makes the wallet portion (ie ApplePay, GPay, SamsungPay) of the problem particularly ugly for any bank that thinks owning a PIN debit network gets them out from under Durbin.

The short version: an issuer that buys Star cannot simply route its ApplePay volume through Star. The tokenization and provisioning plumbing that makes Apple Pay work belongs to Visa and Mastercard, sits inside a standards body (EMVCo) that issuers are not members of, and is architecturally structured around the card brand on the card (not the issuer that issued it). A bank that owns Star still can’t put a Star token in Apple Pay; it is a new AID in the phone.

Continue reading

Open USD – Stablecoin’s New Gold Standard for Trust, Compliance, Governance and Economics

July 1, 2026

Executive Summary

  • 140+ institutions — Visa, Mastercard, Stripe, BlackRock, Google, Coinbase, and major global banks form the largest stablecoin consortium ever assembled
  • Shares reserve economics — Partners receive yield from underlying reserves, not the issuer; flips the Circle/Tether model
  • Zero-fee minting at scale — No volume limits, no enterprise penalties
  • Pre-transaction compliance — Transfer hooks block sanctioned transactions before settlement, not after
  • Burn and clawback authority — Architectural ability to freeze/burn for OFAC compliance built into Token-2022 implementation
  • Confidential transfers with regulatory visibility — ZK-encrypted balances for corporate privacy; viewing keys for auditors
  • Neutral governance — Independent board of ecosystem partners; no single corporate controller
  • Stripe default — “The default stablecoin for businesses running on Stripe”

Yesterday, we witnessed the launch of what may become the most consequential stablecoin ever: Open USD (OUSD). With over 140 financial, technology, and crypto institutions signing on—from Visa and Mastercard to Stripe, BlackRock, and Google. This isn’t merely another stablecoin entering a crowded market. This is the emergence of a new trust network architecture that I’ve been writing about for years.

You need to be logged in to view the rest of the content. Please . Not a Member? Join Us

Agentic Apocalypse — How to Stop It

Company Spotlight: Delta Network

June 30, 2026


In my recent posts on Agentic Data Battle: Intent and Agentic – Intent and the New Data Games, I’ve emphasized that the trust challenge in agentic commerce goes far beyond authenticating the consumer and the agent. We must verify the action itself (the fourth pillar of any transaction). But no one is willing to budge. Platforms don’t want to give out intent to banks or networks (even with explicity consumer consent), they don’t want to be measured. While networks are the right neutral party, network VAS means loss of control. Today’s blog outlines the hard data on agent intent failure (28%) and best in class example of how to fix it.

Continue reading

Agentic Data Battle: Intent

Paid Content

Key Friction Point in Agent (M2M) Transactions. Example of why real agentic transactions are 2-3 yrs away. We have a new party in a transaction that everyone needs to trust: the agent. Mastercard/Google Verifiable Intent is a LONG WAY from satisfying the need. It’s a self-attestation (see the Technical Addendum at the end of the Blog).

My prior blogs have focused extensively on the trust challenge in agentic commerce: authenticating the consumer and the agent (the actor). As I discussed in EMVCo and DPCs, financial institutions must verify and authenticate the four pillars of a transaction: the User, the Instrument, the Actor (Agent), and the Action (Payment). Today, I want to dive deeper into the fourth pillar—the Action—and the emerging battle over intent data.

A New Party to the Transaction

For decades, payment transactions have involved a familiar cast: the consumer, the merchant, the issuer, and the network. Each party has well-defined roles, risk allocation, and data flows governed by established rule sets. Agentic commerce introduces a new party: the Agent.

You need to be logged in to view the rest of the content. Please . Not a Member? Join Us

Merchant Litigation Settlement – Good News for V/MA

For anyone who has followed payments industry equities or competitive dynamics over the past two decades, yesterday’s ruling from Judge Brian Cogan felt like a long-exhaled breath. After 21 years of litigation, multiple failed settlement attempts, and a high-profile 2024 rejection, the Visa/Mastercard merchant interchange lawsuit finally has a path forward. Judge Cogan granted preliminary approval of the amended settlement on June 9, 2026 — and on balance, this is good news for the networks, for merchants, and for the broader ecosystem.

You need to be logged in to view the rest of the content. Please . Not a Member? Join Us

Stablecoin Strategy – Visa and Mastercard Are Taking Very Different Roads

The two dominant card networks are both committed to stablecoins. Both see digital assets as a meaningful component of their long-term growth story. Both have articulated clear strategies to their investors. But the roads they are taking could not be more different and the implications for how value-added services grow, who captures the upside, and how fast innovation moves are significant.

Mastercard is buying the infrastructure. Visa is building a network and enabling shared investment.

You need to be logged in to view the rest of the content. Please . Not a Member? Join Us

Is Know Your Agent (KYA) Really Necessary?

Is “Know Your Agent” (KYA) Really Necessary? The tale of an Orphan Signal

Short Blog | June 2026

A new category of startup has emerged around “Know Your Agent” (KYA) — the idea that merchants and payment platforms need a framework to verify the identity, authority, and auditability of AI agents acting on behalf of consumers. PYMNTS has covered the space extensively, and KnowYourAgent.xyz is already pitching merchants on “identity, policy controls, and evidence for every AI-agent transaction at checkout.” The framing is intuitive: if a bot is buying something, shouldn’t you know who sent it?

I want to push back — not on the problem, but on whether KYA, as a standalone service category, is the right solution.

Continue reading

EMVCo and DPCs

This should be a 20 page blog… but I don’t have time this week. Big picture thoughts

The April 28, 2026 announcement of Google’s donation of the Agent Payments Protocol (AP2) to the FIDO Alliance signals Google’s desire to move payments from the legacy Device Primary Account Number (DPAN) model to the Digital Payment Credential (DPC) mandate framework. For identity and payment experts, this shift represents more than a technical update; it is an effort to commoditize the proprietary trust moats built by card networks and Apple through a standardized, platform-agnostic infrastructure.

© Starpoint LLP, 2026. No part of this site, blog.starpointllp.com, may be reproduced or retransmitted, in whole or in part, in any manner without the permission of the copyright owner. Also, see our Legal/Disclaimer(this is a highly opinionated and partially informed blog). Enterprise readers, please consider an Enterprise Subscription(not required for Starpoint Clients).

Continue reading

AP2 Donation to FIDO 

Yesterday Google donated AP2 to the FIDO Alliance , let me share my thoughts on what this means.  

  1. Effort to drive cross-industry standardization and extend Google’s established success within the FIDO ecosystem (log in with Google) while addressing the structural limitations of FIDO.
  2. A “tipping point” transition from “Identity as a Service” to “Identity as an Infrastructure,” where the mobile handset functions as the primary root of trust for autonomous commerce. Google is telling FIDO that they must incorporate elements of W3C VCs to have a future.
  3. Google’s first big public move toward device bound credentials (Titan M2, Anroid Credential Manager, Android Ready Alliance, …etc).

You need to be logged in to view the rest of the content. Please . Not a Member? Join Us

Agentic – Intent and the New “Data Games’

While the industry recognizes that agentic commerce is reshaping payments, the more immediate technical friction lies in how it re-engineers data sharing. We are moving past the “top-of-funnel” coordination of inventory and pricing seen in protocols like UCP/MCP, entering the more contentious territory of AP2/ACP to coordinate trust and payment.

The Collaboration Paradox

As I’ve noted in Strategic Innovation Era, we are seeing a “Retailer First” surge. Successes like Walmart’s Sparky and Amazon’s Rufus prove that retailers are intent on controlling their own data and checkout environments.

However, external collaboration is mandatory for scale. I remain a proponent of Google’s approach: rather than a monolithic LLM, they are building a world of specialist model partnerships. But collaboration requires data exchange—the primary point of friction in this stage of strategic innovation.

Continue reading