The Agentic Handshake: How ACP and “Intent Mandates” Solve the Trust Gap

What is the Agentic Handshake?

The “Handshake” is a cryptographic process where an AI agent (like ChatGPT) proves to a merchant that it has the explicit authority to spend a human’s money. This isn’t just a bot filling out a form; it’s a secure exchange of Shared Payment Tokens (SPTs). These tokens allow the agent to execute a transaction without ever seeing or storing your actual credit card numbers, drastically reducing the risk of data breaches.

The Role of “Intent Mandates”

To prevent an AI from going on an unauthorized shopping spree, ACP utilizes Intent Mandates. These are cryptographically signed instructions that define the exact boundaries of an agent’s power.

• Value Caps: The agent can only spend up to $150.

• Merchant Allowlists: The agent can only buy from verified retailers.

• Time Bounds: The authority expires in 30 minutes.

This “Triple Mandate Architecture”—consisting of the Intent Mandate (user permission), the Cart Mandate (locked price and items), and the Payment Mandate (the actual funds)—ensures that the merchant, the buyer, and the bank are all in sync before a single cent moves.

Why Merchants Must Adapt

For retailers, supporting ACP is no longer optional. Merchants who implement ACP-compatible endpoints allow agents to verify inventory and price instantly. If an agent cannot verify the “Handshake” or the “Mandate,” it will simply route the customer to a competitor whose system is “Agent-Ready.”

Key Takeaway: The Agentic Handshake is the new gold standard for digital trust. By combining ACP’s Shared Payment Tokens with strict Intent Mandates, businesses can safely tap into the multi-billion dollar autonomous shopping market while protecting both their revenue and their customers.