A landmark demonstration sees an autonomous AI agent complete a live transaction on Santander’s production rails, signalling a new era in agent-initiated payments with enhanced control and security measures.
On 2 March 2026 Banco Santander and Mastercard demonstrated a milestone in payments technology when an autonomous AI agent completed a live end-to-end transaction on Santander’s production rails, an operation the companies say was conducted within pre-authorised...
Continue Reading This Article
Enjoy this article as well as all of our content, including reports, news, tips and more.
By registering or signing into your SRM Today account, you agree to SRM Today's Terms of Use and consent to the processing of your personal information as described in our Privacy Policy.
limits and without human intervention. According to Mastercard, the exercise ran through Santander’s regular payments infrastructure to test how agent-initiated instructions behave under true operational conditions while aiming to preserve security, privacy and consumer protections.
The capability rests on a new stack of controls that ties an agent’s intent to cryptographically protected credentials. Mastercard describes its Agent Pay framework and so-called Agentic Tokens as extensions of existing tokenisation tools that encapsulate precise spending parameters , the permitted merchants, amounts and time windows , so a network can refuse attempts that fall outside those bounds before funds ever move. Mastercard unveiled the Agent Pay programme last year as part of a wider push to enable “agentic” commerce, and the March 2 exercise is being presented as a live validation of that concept. The company said the agent did not access raw financial data.
This demonstration is not isolated. DBS in Singapore has run pilots under Visa Intelligent Commerce to validate AI-ready card credentials and payment signals, and Mastercard says it also completed an authenticated, live agentic booking in Singapore with DBS and UOB, where tokenised credentials and passkeys were used to verify the consumer. Visa has been expanding its Intelligent Commerce initiative across Asia Pacific and preparing broader pilot activity to ready the ecosystem for agent-initiated transactions. Industry statements emphasise that these programmes aim to streamline routine payments while enforcing consent-driven controls.
The technical and regulatory architecture matters because agentic systems change who or what is making decisions on behalf of a consumer. Firms argue that combining large-scale transaction data and machine learning with hard-coded network-level enforcement creates a “trust layer” that lets models act within narrow mandates. Mastercard notes its fraud and security models are trained on hundreds of billions of transactions annually to detect anomalies; Visa and other players are pursuing complementary approaches. At the same time, some industry observers caution that these systems shift the locus of liability and will require clear dispute-resolution trails and robust authentication to prevent misuse.
Market forecasts highlight the commercial stakes. Morgan Stanley estimates US e-commerce spending initiated by AI agents could reach $190bn–$385bn by 2030, while McKinsey suggests global agentic volumes might climb to $3tn–$5tn in the same period. Those projections underpin why card networks, banks and fintechs are racing to define standards for intent encoding, tokenisation and end-to-end verification now, rather than after autonomous agents become widespread.
Beyond payments rails and tokens, parallel innovations are seeking to strengthen authentication: examples include biometric experiments such as palm recognition being trialled by partners including Visa and Tencent in Singapore, and the use of passkey-style credentials to tie agent actions to verified consumers. Proponents say combining stronger identity signals with programmable tokens could reduce frictions while keeping control with the user; critics underline the privacy and operational risks if novel biometrics or automated decisioning are widely adopted without clear governance.
The Santander–Mastercard execution signals how incumbent payment networks and large banks are positioning themselves for that shift: building the technical primitives to let software agents act on behalf of people, while stressing controls intended to limit scope and exposure. Whether those controls will withstand real-world scaling, regulatory scrutiny and consumer scepticism remains to be seen as pilots expand across regions and vendors move from proofs of concept to commercial roll-outs.
Source: Noah Wire Services
