The guessing game is over: Google has published the Agents-to-Payments (AP2) protocol, formalising how Gemini- and third-party agents can authorize purchases across merchants. Announced on the Google Cloud Blog and backed by a public GitHub organization, AP2 steps directly into the agentic commerce arena that ACP, x402, and other specifications have been shaping.
From rumor to release
Signals about AP2 have circulated for over a year--job listings, partner pilots, and hints in Gemini roadmap briefings. The 2025 launch pulls those threads together. Google positions AP2 as an open specification for "agents-to-payments" flows: agents authenticate, present attestations about their principals, negotiate policy requirements, and settle via rails coordinated by Google Wallet or partner PSPs. Unlike earlier rumors, the official release comes with architectural diagrams, reference payloads, and compliance guardrails.
What the spec covers
AP2 defines a request/response handshake between an agent platform, a merchant, and one or more facilitators. The spec emphasizes three recurring envelopes: identity, policy, and payment. Agents show who they act for using Decentralized Identifiers (DIDs) and verifiable credentials; merchants respond with structured policy requirements; facilitators broker payment method hints and capture transaction evidence.
- Discovery endpoints so agents can fetch merchant capabilities, supported payment instruments, and policy schemas.
- An authorization negotiation where merchants declare risk signals (spend caps, geography, shipping constraints) and agents provide matching credentials.
- Execution hooks that route to card tokenization, bank transfers, or instant-pay rails, all with immutable receipts and dispute metadata.
Architecture highlights
AP2 extends familiar Google primitives. Identity envelopes map cleanly to the Wallet Pass infrastructure, and policy responses lean on Google's Risk Insights APIs. Yet the spec stays transport-agnostic: agents can speak AP2 over HTTPS, bidirectional streaming, or via partner gateways. Google recommends short-lived agent credentials, DID rotation, and attestations signed by enterprise policy engines, aligning AP2 with the zero-trust philosophies already shaping corporate IAM.
One notable feature is the "Assurance Chain" Google describes: every hop--from agent to facilitator to merchant--adds cryptographically verifiable context. That chain allows downstream auditors or regulators to reconstruct why a payment cleared, even when an agent orchestrates multiple rail hops, such as starting with Google Pay tokenized cards and finishing with an RTP payout.
Open-source reference stack
The GitHub repository (github.com/google-agentic-commerce/AP2) ships with schemas, Postman collections, security threat models, and a minimal facilitator implementation. The reference code demonstrates how to issue agent credentials, manage nonce lifecycles, and exchange policy objects. Merchants can clone the repo to experiment locally or fork the Kubernetes manifests to deploy a sandbox endpoint that accepts AP2 trial intents.
Google also outlines interoperability touchpoints. The repo includes translation guides for ACP and x402 so platforms can bridge between AP2 sessions and existing agent workflows. That interoperability story suggests Google is more interested in joining an emerging standards constellation than locking merchants into a standalone network.
Implications for the ecosystem
With AP2 public, merchants and PSPs now have a concrete Google-backed path to agentic checkout. Expect rapid alignment from Android OEMs, Chrome autofill teams, and merchants already using Google Pay APIs. Competitors will likely accelerate their own protocol roadmaps: ACP implementers gain a fresh comparison point, while payment networks experimenting with trusted-agent programs must decide whether to adopt AP2 envelopes or publish competing profiles.
Regulators will pay attention too. Google's launch post dedicates entire sections to consent UX, audit logging, and compliance frameworks for PSD3, Dodd-Frank, and global privacy regimes. The Assurance Chain concept positions AP2 as audit-friendly, but enterprises rolling it out will still need layered governance to ensure agents respect local laws and organizational policy.
How builders should respond
Teams already piloting ACP or x402 can start by mapping their payloads to AP2's schemas. Pay attention to claims issuance--Google's reference implementation expects ISO-standard VCs with explicit revocation endpoints. Next, evaluate your facilitator strategy: will you let Google Wallet broker execution, or will you stand up your own policy and payment services? Finally, update observability: AP2 surfaces granular lifecycle events that finance, risk, and support teams will want in real time.
The arrival of AP2 confirms that agentic commerce is no longer theoretical. Whether you plan to plug into Google's ecosystem or simply stay compatible with its agents, now is the time to test the reference stack, align your identity stories, and decide how much autonomy you are willing to grant the next wave of AI buyers.