- Key insights: Prashant Sharma, JPMorgan Payments' executive director of biometrics and identity solutions, spoke with American Banker about agentic commerce and how liability is shifting as a result of large language models.
- What's at stake: The introduction of an additional party in transactions is complicating well-defined, decades-old liability models that the industry will need to solve before agentic commerce transactions can become mainstream.
- Forward look: Sharma expects autonomous agentic transactions to first appear on merchant's own websites, using their own agents.
"There was a reason why we were actually pretty quiet, because we wanted to make sure that we have a very clear idea in terms of what's real, what's not real and how any of these announcements — whether it's protocols or anything else — are going to have an impact on the merchants" and consumers, Prashant Sharma,
"They're at the top of their class," Richard Crone, CEO of Crone Consulting, told American Banker. "They really represent the biggest opportunities in agentic commerce for all the banking industry."
The bank has partnered with
But in order to scale agentic commerce, industry will need to answer questions surrounding liability, namely how liability changes when an additional party — the agent — is inserted into a well-defined, decades-old liability model.
Sharma spoke with American Banker about
American Banker: Aside from your partnership with Mirakl, JPMorganChase has been relatively quiet around agentic commerce. How do you view your role in the industry?
Prashant Sharma: If you think about
That doesn't mean that we have not been working with any of these companies. We work very closely with the agent platforms, OpenAI or Google or Meta and everybody, and then on the other side, with the payment networks as well, and consumers.
Agentic commerce is something that is going to continue to evolve, because what everybody calls agentic commerce today is not really agentic commerce. This is, at this particular point, another channel where the consumer is making a purchase. We actually call it AI-embedded commerce. There are a lot of things that the partners in this ecosystem need to solve before we get to truly agentic transactions.
What are the largest pain points that need to be addressed before we really start to see agentic transactions?
The very first thing is trust. Think about 25 years ago when e-commerce was coming up, everybody was very skeptical about putting their credit card number on the website. It took time for people to be comfortable. I don't think anybody is saying that it's going to take 25 years for agentic commerce to get to where we are with e-commerce, but that trust both from the consumer as well as merchant perspective is paramount.
If I, as a consumer, put my car details and give the instruction to the agent and two days later, the agent goes and makes a purchase, what happens if the product that the agent bought was wrong? Am I as a consumer going to be liable? Is the merchant going to be liable? Will the bank just give me the money back?
It's not just about the consumer. The merchant has to trust it. The issuers have to trust it as well, because at the end of the day, we as consumers, the moment anything goes wrong with the purchase, the very first call that happens is to their bank.nWe also need to make sure that we, as a bank, feel comfortable that these transactions are secure and that agents are not hallucinating. That trust has to be there in the entire ecosystem.
Second thing I would say is the entire infrastructure, because the experience that we see today, it's still with users in the middle of the transaction versus if I had just given an instruction to my agent.
If I tell my agent, 'Go find me a plane ticket from New York to London for five days. I want to stay at a five-star hotel near Tower Bridge, and get me a rental car.' And three days later, the agent goes and just does that transaction, is the infrastructure for the airlines, the rental car companies, the hotels all there?
On top of that, the level of detail that exists for the agent to make that transaction is huge, because conversational commerce is very different from keyword-based search. There is just so much data that users are providing as a part of conversational commerce. If the merchant catalog does not have that level of detail, these products are not going to be shown.
Then there are other issues. Most of the large merchants have some kind of loyalty platform. We all love our points. If I'm doing a transaction with the merchant, I want to make sure that my points are getting accumulated. I want to make sure that I'm able to redeem my points and I'm identified as a premier shopper.
Also, at least when initially the protocols were announced, we as users could only buy one product at a time. That's just not scalable. If I want to buy five products from a particular merchant, I have to do five different transactions. That doesn't just impact consumer experience, it impacts the merchant, because now the merchant has to do five different shipments.
The current liability model has been around for decades and is now being challenged with the introduction of agents. How do you think the liability model should work with a fourth party in the mix?
I don't think that we have an answer at this particular point. But again, these are the discussions that we are having between the payments side and the consumer banking side. Ideally, the entity who made a mistake should be liable.
Currently, the way liability shift works if you think about
If the merchant does not, say, invoke 3D Secure for the transaction, the merchant is going to be liable in that particular scenario. That's how the liability model works today.
For agentic transactions, if I as a consumer say, 'Go find me the cheapest iPhone in silver,' and for whatever reason, the agent goes and buys me a blue color phone, who's going to be liable in this case? In this particular case, based on intent, the merchant would take liability.
However, that's not going to be the case all the time. If you think about the breadth of that intent data, 'I want you to find me a blue t-shirt in size medium under $100 that can be shipped to my house in the next two days. It needs to be made up of sustainable material' and so on. And let's say that that t-shirt that the agent bought met every criteria other than it's not made up of sustainable materials. Where does it stop? And who's the entity that determines which entity made the mistake?
What happens if the agent hallucinates and instead of buying that one phone, it went and bought me five phones. The merchant still presented the right product. Ideally, in that particular scenario, the agent should take liability. But if you think about the current payment ecosystem, having another entity being a part of that liability model, it's just not going to work. So much has to change from that infrastructure perspective
It's easiest to say that if the agent makes a mistake, the agent takes liability. But some parties say that the user is the one who trusted or instructed their agent to make this transaction. So if an agent makes a mistake, the user should take the liability.
The example that they give is, you are my friend and I gave you my card and said, 'Go to Apple store and buy me this phone.' But you made a mistake and bought a different item than what I actually asked for. It's not the merchant's fault, it's not the issuer's fault, it's the user's fault.
This is absolutely something that needs to be solved before we start seeing agent transactions at scale.
