· agentic-commerce · payments · merchants
The Autonomy–Liability Squeeze: What Visa Intelligent Commerce Leaves on the Merchant’s Plate
Agent-ready credentials are real progress — but when an autonomous agent checks out and the cardholder disputes it, someone still eats the chargeback. Here’s why that someone is too often the merchant, and how Orchard28 rebalances the scale.
David Broderick Founder & Head of AgentsLet’s start with credit where it’s due: Visa Intelligent Commerce is a serious, welcome move. The network that runs a meaningful share of the world’s card payments has said, in effect, AI agents will transact, so let’s give them proper credentials — tokenised, agent-ready cards, consent signals from the cardholder, spending controls at the network layer. We build on Visa rails, we’re glad the biggest player is leaning in, and nothing below should be read as anything other than a friendly argument about architecture.
Because there is an argument to have. As we read the model, it leaves a structural tension sitting exactly where the ecosystem can least afford it: on the merchant’s side of the counter.
The squeeze, in one paragraph
The whole point of an agent is autonomy — it should be able to complete the purchase without dragging the human back to the checkout. But in an agent-presents-credential model, what arrives at the merchant is, in card terms, a card-not-present transaction initiated by software. The evidence that a human actually wanted this purchase — the consent ceremony, the mandate, the spending rule — lives upstream, between the cardholder, the agent platform and the network. The merchant never sees it. Yet when the cardholder later disputes the charge — “my agent went rogue”, “I never meant that hotel”, or plain old buyer’s remorse wearing an agent costume — card-not-present chargeback mechanics do what they have always done: they land, by default, on the merchant.
That’s the squeeze. The more autonomy the agent has, the further the transaction moves from a provable moment of human intent — and the more of that ambiguity the merchant is asked to underwrite.
Why this matters more than it looks
Run the incentives forward. Every other party in the chain gains from agent traffic: the cardholder gets convenience, the agent platform gets its fee, the network gets volume. The merchant gets the sale — and the tail risk of every dispute where intent can’t be proven. Merchants are not sentimental about tail risk. They already run bot-detection precisely to keep automated buyers out, and a rational merchant facing “agent orders with ambiguous dispute outcomes” doesn’t lobby for better rules — they block the traffic. If agentic commerce arrives at the checkout looking like liability with extra steps, sellers will treat it the way they treat scalper bots today, and the whole category stalls at the door.
Consent signals help — genuinely. But a signal that intent existed at mandate time is not the same as dispute-proof evidence at settlement time, and until the liability rules are rewritten around it, the merchant is being asked to accept tomorrow’s protections at today’s chargeback rates.
How Orchard28 rebalances the scale
We designed our transaction architecture around a blunt question: what would make a merchant actively want agent traffic? Four answers:
- We are the merchant of record — the risk stops with us. The seller transacts with Orchard28, not with an anonymous piece of software. Like a ride-hailing platform standing between driver and rider, we absorb the retail-facing risk: if there’s a dispute, it’s our problem to resolve upstream with our customer, not the seller’s.
- CPoI makes intent card-present, not inferred. Every run — assisted or autonomous — is committed by the cardholder personally, with their own PIN, through CPoI (paywithCPoI.com). That converts the payment into a fully authorised, card-present transaction: the strongest intent evidence the card networks recognise, with fraud liability shifting to the issuer — not resting on the seller, and not on us hoping a consent signal holds up.
- Autonomy never outruns the authorisation. Our agents’ autonomy exists only inside an envelope the cardholder PIN-committed up front: this item, this cap, this window. The condition gate means there is no such thing as an Orchard28 purchase that wasn’t explicitly pre-authorised — so “my agent went rogue” isn’t a dispute category, because a rogue purchase fails the gate and never happens.
- Every settlement is clean by construction. The seller sees a single-use virtual card, scoped to them, funded to the exact approved amount, backed by a full audit trail — what was searched, what was chosen, and the PIN commitment behind the money. Guaranteed, dispute-resistant settlement, purchase after purchase.
Notice what this does to the trade-off in the headline: it dissolves it. The industry keeps treating autonomy and liability as a dial — more of one, more of the other. That’s only true if you try to reconstruct intent after an autonomous purchase. Commit the intent before autonomy begins — PIN-sealed, capped, time-boxed — and the agent can move at full machine speed while the evidence of human authorisation stays perfect. Autonomy for the agent, certainty for the merchant. Both, not either.
The merchant’s one-question test
Visa Intelligent Commerce will evolve; the network has every incentive to get this right, and we expect the rules to improve. But merchants deciding today which agent traffic to welcome don’t need to read the framework documents. They need one question answered:
When the cardholder disputes an agent’s purchase, who eats the chargeback?
If the honest answer is “probably you, pending future rule changes” — that’s the squeeze. With Orchard28, the answer is: not you. A card-present, PIN-committed, issuer-liable transaction from a merchant of record that stands behind every run. That’s what it takes for sellers to open the door to agents instead of bolting it — and it’s on the table today.