Written by Libby James
Libby James is co-founder, director and an expert in all things merchant services. Libby is the go-to specialist for business with more complex requirements or businesses that are struggling to find a provider that will accept them. Libby is regularly cited in trade, national and international media.
Artificial Intelligence Multi-Tokenisation
As artificial intelligence evolves, “agentic commerce” where autonomous agents buy, negotiate and transact on behalf of users, is rapidly moving from concept to early reality.
But while the idea sounds futuristic, one major hurdle stands in the way: how can these agents securely prove identity, authorise payments and manage transactions across multiple ecosystems?
Experts increasingly agree that multi-tokenisation, using several types of secure digital tokens for identity, payment, and authorisation, is essential to making agentic commerce both safe and scalable.
This article explains what agentic commerce is, why single-token systems aren’t enough, and how multi-tokenisation could underpin the next generation of autonomous digital payments.
What Is Agentic Commerce?
Agentic commerce describes a system in which AI agents autonomously complete commercial tasks on behalf of people or organisations.
Unlike chatbots or recommendation systems, these agents can:
- Search across marketplaces and suppliers
- Compare products and prices
- Negotiate deals or apply discount logic
- Complete checkouts and make payments
- Handle returns, subscriptions and post-sale support
In short, the agent acts as a digital “buyer” or “assistant”, but autonomy creates new technical challenges, particularly in terms of identity and payments.
Tokenisation: The Foundation of Secure Digital Commerce
Tokenisation replaces sensitive data (like card numbers or personal IDs) with unique, non-sensitive symbols called tokens.
- Payment tokenisation hides raw card data, replacing it with a “network” or “merchant” token.
- Identity tokenisation allows systems to verify a user or agent’s credentials without exposing private data.
- Delegation tokens allow users to authorise agents to act within specific limits (for example, allowing an AI to spend up to £100 per month on office supplies).
These tokens make transactions more secure, flexible, and revocable, which is why tokenisation is already embedded in card networks, mobile wallets and digital identity frameworks.
Why Multi-Tokenisation Is Essential
A single token can’t handle the full complexity of agentic commerce. That’s because an AI agent must navigate multiple domains, each with unique security, legal and operational requirements.
|
Domain |
Example |
Token Purpose |
|
Identity |
Who is this agent acting for? |
Verifiable identity token |
|
Merchant |
Which store or platform? |
Merchant-scoped token |
|
Payment Network |
Card or PSP system |
Network token |
|
Delegation |
What can the agent do? |
Authorisation / permission token |
1. Cross-domain flexibility
An agent may interact with merchants, card networks, wallets, and APIs, all requiring different credentials. Multi-tokenisation lets each domain validate its part independently.
2. Security and control
Tokens can be issued with specific scopes and lifetimes. If a payment token is compromised, it can be revoked without disabling the agent entirely.
3. Delegation with limits
Separate tokens let users safely delegate purchasing power to agents without losing control. A single global token would be too risky.
4. Interoperability and compliance
Different regions, PSPs and identity frameworks can operate in parallel. Multi-token setups allow interoperability across fragmented standards (e.g. PSD2, GDPR, PCI DSS).
How Multi-Tokenisation Works in Practice
An AI agent acting for a business might use:
- An identity token issued by the platform to prove who the agent represents.
- A delegation token defining spending limits and categories.
- A network payment token representing the business’s card credentials.
- A merchant token is used to interact with a specific retailer.
At checkout, these tokens combine to authorise a transaction, all without exposing sensitive credentials or requiring human intervention.
If the business revokes the delegation token, the agent instantly loses permission to transact.
Technical & Regulatory Considerations
Implementing multi-tokenisation requires careful design across security, compliance and interoperability:
- Lifecycle management: Tokens must be created, refreshed and revoked automatically.
- Delegated payments standards: Open frameworks such as the Agentic Commerce Protocol define how agents handle consent, payments and delegation.
- Fraud prevention: Systems must distinguish between legitimate agents and malicious bots.
- Regulation: Liability, consent, and KYC obligations must adapt to autonomous transaction models.
- Standards alignment: Without common specifications, token fragmentation could slow adoption.
Card networks like Mastercard and Visa are already exploring “agentic token” models, while Stripe and OpenAI are developing shared agentic commerce protocols to ensure interoperability between payment ecosystems.
Challenges and Risks
Despite progress, multi-tokenisation raises new questions:
- Complexity: Managing several tokens increases technical overhead.
- Trust: Who is liable if an agent makes an unauthorised purchase?
- Security: Token leakage or misuse could expose sensitive data.
- Adoption: Merchants and PSPs must upgrade systems to support agentic standards.
- Standardisation: Competing ecosystems may delay universal compatibility.
Nonetheless, multi-tokenisation remains the most realistic path toward safe, scalable agent-driven payments.
The Future of Agentic Payments
Over the next few years, we’re likely to see:
- Hybrid token systems mix payment and identity tokens.
- Ledger-anchored trust frameworks using verifiable credentials.
- Agent-to-agent micropayments for subscriptions and digital services.
- Wider adoption of delegated payment protocols by major PSPs and merchants.
If successful, multi-tokenisation could become the invisible infrastructure behind intelligent commerce, allowing AI agents to transact securely and responsibly on our behalf.
Wrapping It Up
Agentic commerce represents a major evolution in how digital transactions are performed. But it can only function with secure, flexible ways to represent identity, intent, and payment authorisation.
Multi-tokenisation, the separation of credentials into specialised, interoperable tokens, provides exactly that foundation.
By addressing security, control, and interoperability in parallel, it paves the way for AI-driven transactions that are not only efficient but also compliant, transparent, and trustworthy.
FAQs
What does “agentic commerce” mean?
Agentic commerce refers to AI-driven systems that can autonomously buy, negotiate, or transact on behalf of users or businesses.
What is tokenisation in payments?
Tokenisation replaces sensitive card or identity data with secure digital tokens to protect users during transactions.
Why is multi-tokenisation needed?
Because agents interact with multiple systems, merchants, networks, and regulators, separate tokens are required for each domain.
How does multi-tokenisation improve security?
Each token has a limited scope and can be revoked independently, reducing the impact of data breaches or fraud.
What role do payment providers play?
Card networks and PSPs are developing token standards and delegated payment protocols to support agentic transactions.
Are there regulatory challenges?
Yes, defining liability, consent, and compliance for AI-driven payments remains complex under current laws like PSD2 and GDPR.
Can multi-tokenisation work with existing systems?
Yes, it can layer on top of current tokenised payment frameworks, allowing gradual adoption by merchants and PSPs.
Will consumers control their agents’ spending?
Absolutely, through delegated tokens that define limits, permissions, and expiry, ensuring users retain oversight.
