Author: YQ
Compiled by: Jiahuan, ChainCatcher
The internet’s business model is advertising. For thirty years, this has been the default rule: show content to humans, harvest attention, and convert clicks into revenue. Search engines, social networks, news websites, and video platforms all follow the same logic. Users are not customers. Users are the product.
Agents have broken this model. Agents that call APIs do not have attention to harvest. They do not view banner ads. They do not click on sponsored links. They do not make impulse purchases based on influencer recommendations. They evaluate services based on utility and pay for value—or walk away. The entire advertising economy is built on the assumption that there is a human on the other side of the screen. When users become machines, that assumption collapses.
This is not speculation. Gartner predicts that by 2028, $15 trillion in B2B procurement will be conducted via AI agents. ChatGPT has 900 million weekly active users (data as of February 2026). When these users delegate purchasing decisions to agents, the agents will need a payment method. Two companies are laying the groundwork for this: Coinbase’s x402 and Stripe’s MPP. Both have activated the same HTTP status code that has been dormant in the HTTP specification since 1996. Beyond that, they agree on nothing else.
Wake up the payment protocol that has been dormant for thirty years
In 1996, Roy Fielding embedded a placeholder in HTTP/1.1: status code 402, “Payment Required.” The vision at the time was to embed micropayments—extremely small financial transactions—into the very fabric of the web. Pay five cents to read an article. One cent to load an image. Make money as native to HTTP as links.
Three things killed it. Credit card fees of $0.25 to $0.35 per transaction made payments of five cents absurd. Payment prompts caused decision fatigue. Browser wallets did not exist at the time. Microsoft’s MSN micropayments failed. DigiCash failed. The internet turned instead to advertising, and HTTP 402 slept for thirty years.
It’s not the technology that has changed. Stablecoins and Layer 2 networks have made transactions under one cent possible. What has changed is the user. When users are human, advertising works. When users are machines, advertising becomes structurally impossible. The machine economy needs a payment layer. HTTP 402 is clearly the perfect place to build it. Coinbase launched x402 in May 2025. Stripe launched MPP in March 2026. The race has begun.
But everyone is asking which protocol will win. That’s the wrong question. Payment rails are merely infrastructure. Visa processes $14 trillion in transactions annually. Mastercard and Santander completed Europe’s first AI Agent payment on March 2, 2026. When 4 billion existing debit and credit cards can be used for agent transactions, the protocol for moving funds is just the entry ticket. The real moat is the decision orchestration layer: in this system, Agents decide what to buy, from whom to buy, and how to verify trust.
Trillion-dollar blue ocean
Over the past twelve months, five analytical firms have released forecasts for the Agents business. They differ on specific figures, but are remarkably aligned on the direction of development.
There is two orders of magnitude difference between Morgan Stanley’s lower bound ($190 billion) and Gartner’s B2B data ($15 trillion). This gap does not stem from confusion, but from differing scopes of measurement. Morgan Stanley calculates U.S. consumer e-commerce, while Gartner calculates global B2B procurement. Even the most conservative bottom-line estimate represents a market size larger than Stripe’s total processing volume for all of 2023 ($1 trillion).
Why enterprise-grade applications must come first
Bain & Company surveyed 2,016 American consumers in early 2026. For anyone expecting an explosive growth curve, these numbers are undoubtedly a reality check.
The key data is: only 7% of people trust third-party AI platforms to shop for them, while trust in retailer chatbots stands at 25%. This gap lies in the distance of trust—people trust stores they’ve already shopped at more than a generic AI agent. The first wave of agent-based commerce will emerge through brand retail AI, not through standalone agent protocols.
For x402 and MPP, the underlying implication is the same: both protocols require enterprise adoption before consumer widespread use. Consumers do not choose payment rails; merchants do. And merchants choose rails based on fraud rates, settlement speed, and chargeback liability—not the elegance of the protocol.
Composable payment protocol ecosystem
The fastest way to misunderstand proxy payments is to line up announcements from each protocol and ask, “Which one is best?” These protocols operate at different layers of the same technology stack. Comparing them is like comparing TCP to Shopify.
x402 resides at the lowest layer. It adds payment semantics to HTTP itself. Any server can return a 402 status code, and any client can respond with a signed transaction. No SDK, no session, no state required. MPP sits on top of this layer. It uses the same 402 status code but wraps it in a session protocol that aggregates micropayments, supports fiat currency, and integrates with Stripe’s compliance architecture.
Above both of these is the orchestration layer. Google’s AP2 defines how agents discover each other, exchange authorizations, and delegate permissions. The ACP, jointly built by Stripe and OpenAI, handles product discovery, cart management, and checkout. Visa and Mastercard build the credential layer on top of all of this.
Most analyses overlook one insight: these are composable layers, not mutually exclusive choices. In theory, a single transaction could be authorized via AP2, product-selected via ACP, session-managed via MPP, and settled via x402. No one has yet built a complete stack. This composability is a design assumption, not a production reality. But its architectural logic is sound: Google’s a2a-x402 extension (already open-sourced on GitHub) has already bridged AP2 and x402.
The question now is, which layer can capture the most value as other layers become homogenized.
The fees determine the outcome.
Every discussion about proxy payments eventually turns into a discussion about fees. Here are the actual data comparisons of four approaches not yet disclosed by others.
x402 protocol: Minimalist, open-source, and pure cryptocurrency approach
The x402 protocol can be explained using five middleware steps. The client requests a resource. The server responds with an HTTP 402 containing a payment header. The client signs a stablecoin transfer and retries the request with the payment signature. The service provider verifies settlement on-chain. The server returns an HTTP 200.
On-chain data as of March 2026: average daily transaction volume of approximately 131,000 transactions, average daily transaction value of approximately $28,000, and an average payment amount of $0.20. According to CoinDesk’s forensic analysis (March 11, 2026), roughly half of these are developer tests and integration probes. The annualized total transaction volume is approximately $10 million. Excluding tests, the annualized real commercial transaction volume is approximately $5 million. For a protocol backed by Coinbase, Cloudflare, Visa, and Google, this is still seed-stage data. The protocol itself is functioning well—market adoption simply hasn’t arrived yet.
What makes x402 powerful in its architecture is precisely what it lacks: zero protocol fees, zero account creation, zero vendor lock-in. The specification is licensed under Apache 2.0. Any server in any language can be deployed in a single afternoon. The x402 Foundation currently counts Coinbase, Cloudflare, Google, and Visa as members, with AWS, Circle, Anthropic, and Vercel as additional partners. Its cost of experimentation is essentially zero.
The v2 specification addresses the obvious limitations of the original protocol. The plugin architecture enables service providers to support multiple blockchains. Reusable sessions reduce on-chain overhead for each request. Multi-chain support has been expanded from the Base network to include Ethereum Mainnet, Arbitrum, and Solana.
Its weakness is structural. x402 supports only cryptocurrencies, with no fiat currency channels. If an agent needs to pay for a SaaS API using a corporate credit card, they cannot use x402. Meanwhile, the Coinbase platform behind it is also currently undergoing a transformation.
Stripe MPP Protocol: Anchoring Compliance and Fiat Payments
x402 has no fiat on-ramp. It cannot aggregate micropayments. It lacks built-in fraud detection, tax calculation, and refund logic. These trade-offs are acceptable for an independent developer selling API access at $0.01 per call. But for a business agent making 10,000 API calls per hour to a SOC 2-compliant SaaS provider, these shortcomings are fatal.
MPP was specifically created to fill these gaps. The process still begins with the 402 status code, but instead of a single-signature stablecoin transaction, the client negotiates a session, authorizes a spending limit, and makes repeated calls without settling each request individually.
MPP is built on Tempo, a dedicated blockchain launched on March 18, 2026. Its specifications include over 100,000 TPS, 0.6-second finality, and a tokenless design (no gas token, no native cryptocurrency). Validation nodes are operated by partners approved by Stripe. This trade-off is clear: Tempo sacrifices decentralization in exchange for throughput, cost predictability, and regulatory compliance. Stripe is transparent about this.
The list of partners at launch clearly signals its intent to enter the enterprise market. The initial offering of over 50 services includes OpenAI, Anthropic, Google Gemini, Dune Analytics, and Browserbase. Design partners include Visa, Mastercard, Deutsche Bank, Shopify, and Revolut. This extends Stripe’s existing merchant network to agency businesses, equally equipped with fraud detection (Stripe Radar), tax calculation, and dispute resolution mechanisms.
MPP supports USDC, credit cards, debit cards, buy-now-pay-later, and digital wallets within a single protocol. Agents paying with USDC on the Base network and those paying with Visa cards access the same endpoint and receive identical receipts. The majority of corporate purchases are still made via credit or debit cards. A payment protocol that mandates only cryptocurrency would not be approved by the vast majority of CFOs.
Its weaknesses are also real. Tempo is a new chain with no ecosystem other than Stripe. In its initial release, it accepts cryptocurrency only in the United States. The protocol creates heavy reliance on Stripe’s infrastructure. Additionally, MPP’s session model introduces state, meaning it is subject to failure modes that x402’s stateless design avoids: session expiration, partial settlement disputes, and authorization token management.
x402 vs. MPP
Beyond the protocol level, the platform strategy becomes clear: both companies are building end-to-end agency commerce ecosystems, with the protocol serving merely as the payment layer in this larger game.
The most crucial move in this showdown was Stripe’s final action: Stripe supports x402 on the Base network. By offering this permissionless protocol alongside its own enterprise-grade solution, it hedges its bets. Coinbase, however, did not respond in kind. There is no fiat payment pathway within Coinbase’s architecture—if an agent needs to pay with a credit card, Coinbase has no solution to offer.
The distribution advantage of Stripe cannot be overstated. Through integration with ChatGPT, MPP reached 900 million weekly active users (as of February 2026), including 50 million paying subscribers. When an AI agent built on the OpenAI platform needs to make a purchase, Stripe is the default pathway. In contrast, Coinbase’s distribution relies on developer adoption: the Base ecosystem, member companies of the x402 Foundation, and crypto-native builders who prefer permissionless infrastructure.
However, Stripe’s own promotion in the agency commerce space encountered setbacks. When ACP was launched, it integrated with Shopify, but initially only about a dozen merchants activated the service. Users could browse products through the agency interface, but at checkout, they were redirected to the retailer’s website to complete the transaction (The Information, March 2026). The agency handles browsing; humans handle payment. This is not agency commerce—it’s merely a product recommendation engine with added friction.
Coinbase’s advantage lies in its neutrality. Stripe, as a payment processor, has a business incentive to keep transactions within its platform. Coinbase, however, built x402 as an open protocol and handed governance to the foundation. Yet Coinbase’s platform narrative is complex: its Commerce product will be discontinued on March 31, Coinbase Business is custodial and limited to the U.S. and Singapore, and all settlements automatically convert to USDC. The open protocol is pure, but the platform behind it is in transition.
Traditional giants strike back: Visa and Mastercard's breakthrough
While Coinbase and Stripe are building from the bottom up, Visa and Mastercard are positioning themselves from the top down. Both major card networks announced agency payment features in early 2026, revealing what happens when traditional giants with billions of existing user credentials enter an emerging market.
When Visa’s Intelligent Commerce platform launched, it partnered with more than 100 companies, including Samsung, Perplexity, and Microsoft. Its core innovation is tokenized agent credentials: encapsulating the Visa card number within a token specific to the agent, along with spending limits, merchant restrictions, and real-time monitoring. Visa processes $14 trillion annually. It has no need to invent a new payment rail.
Mastercard’s Agent Pay has adopted a similar approach. Agent tokens provide delegated spending authority. Integration with Fiserv has brought in thousands of existing merchant acquirers. Santander Bank completed the EU’s first agent payment on March 2, 2026. Mastercard is betting that its existing regulatory and compliance infrastructure is the hardest part to overcome, and extending it to agent payments is merely an incremental engineering effort.
Google's AP2 protocol sits above all of these as the governance layer. AP2 has over 60 founding partners, including Adyen, American Express, Ant Group, Coinbase, Etsy, Intuit, JCB, Mastercard, PayPal, Revolut, Salesforce, UnionPay, and Worldpay, and it defines how agents discover services, exchange authorizations, and delegate permissions. AP2 deliberately maintains payment method agnosticism. An AP2 authorization can approve a payment via x402, MPP, Visa, or Mastercard.
What's happening on-chain?
Data without context is just a slogan. Here is the background.
Do not confuse low transaction volume with lack of potential. Stripe processed zero real commercial transaction volume in its first year. AWS had negative unit economics for its first five years. These 75 million x402 transactions are not revenue. They are 75 million proofs that developers believed the protocol was worth integrating before anyone paid them. The vacuum between building and buying is the norm for infrastructure adoption.
Navigating through the gray areas of regulation
Each protocol in this stack operates in a regulatory gray area, and this gray area will not remain gray forever. The EU’s MiCA regulation (Markets in Crypto-Assets, effective June 2024) imposes licensing requirements on stablecoin issuers and crypto asset service providers. x402’s service provider model—where third parties settle stablecoin payments on behalf of merchants—fully aligns with MiCA’s definition of a crypto asset service provider. To date, no x402 service providers have obtained a MiCA license. This represents a ticking time bomb for its adoption in Europe.
MPP faces distinctly different regulatory layers. The European PSD2/PSD3 framework regulates payment initiation services. An agent acting on behalf of a user authorizes a payment session and executes the payment initiation. Whether an MPP’s session model requires a PSD3 license depends on whether the agent is classified as a payment service provider or a technical intermediary. Stripe holds a PSD2 license across Europe, whereas independent MPP implementations do not.
In the United States, the Consumer Financial Protection Bureau has not yet issued specific guidelines on AI-mediated consumer transactions, but existing consumer protection rules (Regulation E for electronic fund transfers and TILA for credit) apply equally regardless of whether payments are initiated by humans or by agents. The Mastercard and Santander Bank EU payment (March 2, 2026) was settled under Santander’s existing banking license and did not establish a new regulatory precedent. It demonstrates that existing frameworks can fully accommodate agent-initiated payments when properly structured within appropriate institutional boundaries.
The regulatory insight for builders is that permissionless protocols will need “licensed wrappers” in regulated markets. The open service provider model of x402 works in the U.S. today, but it cannot function in the EU without compliance with the MiCA regulation. MPP’s reliance on Stripe is a weakness in the crypto-native community, but it’s an advantage in regulated markets, as Stripe’s existing licenses provide compliance assurance. The protocols that win across jurisdictions will be those that solve regulatory challenges—not those with the best developer experience.
What happens next?
x402 will become the permissionless底层 for the internet’s long-tail market: independent APIs, open data sources, micropayment-accessible content, and any use case where requiring an account before payment introduces unacceptable friction. MPP will become the session layer for high-frequency, heavily compliant enterprise workloads: SaaS APIs, cloud services, financial data, and anything requiring approval from a Fortune 500 procurement team.
They coexist because they serve different trust boundaries. An anonymous proxy scraping market data from a public API does not need Stripe Radar. But a healthcare proxy processing insurance claims needs not only Stripe Radar, but also HIPAA compliance, audit trails, and refund logic. Building both functionalities into a single protocol would be too heavy for the first case and too light for the second. A two-layer design is the correct architecture.
The banking network provides a third layer: scalable compliance and governance. Visa’s tokenized credentials and Mastercard’s proxy tokens will handle cases requiring the extension of existing human financial relationships to their proxies. For the vast majority of consumers, their first authorized proxy payment will be made through their existing Visa or Mastercard, not through a stablecoin wallet. It’s simple arithmetic: 4 billion bank cards versus 50 million stablecoin wallets.
The End of the Monetization of Traffic Era
For thirty years, the internet’s business model has been: showing ads to humans, harvesting attention, and converting clicks into revenue. Google’s $300 billion in annual ad revenue, Meta’s $135 billion, Amazon’s $50 billion—all of it relies on a living person sitting on the other side of the screen.
Agents do not click on ads. They have no attention to harvest. They do not make impulse purchases, do not respond to brand affinity, and do not watch pre-roll videos before accessing API endpoints. They evaluate, then pay or leave. Advertising models are structurally incompatible with machine users. This is not a prediction. This is an arithmetic fact.
Gartner states that by 2028, $15 trillion in B2B procurement will be conducted via AI agents. Even accounting for just 10%, that amounts to $1.5 trillion requiring payment rails, settlement, and dispute resolution mechanisms. Bain & Company forecasts that by 2030, the U.S. agent-driven commerce market will reach $300 billion to $500 billion. The AI agent market itself is projected to grow from $7.84 billion to $52.62 billion at a compound annual growth rate of 46.3% (according to Markets & Markets). This baseline is large enough to allow x402, MPP, Visa, and Mastercard each to carve out their own space.
But this number should make every developer in this field feel uneasy: only 7% of consumers trust third-party AI platforms to shop for them (according to a 2026 Bain survey of 2,016 U.S. respondents). The payment protocols are ready. The infrastructure is ready. But people aren’t.
Thirty years ago, due to the high cost of micropayments, the internet reluctantly adopted the advertising model. Today, the technological barriers to micropayments are nearly nonexistent, but trust has become the most expensive luxury. Whoever can bridge this gap will dominate the next generation of internet commerce. Because payment technology is ultimately just a means—the real moat is whether users are willing to pay.