Cloudflare is partnering with the broader payment ecosystem to help bring agentic commerce to millions of merchants worldwide

Cloudflare, Inc. (NYSE: NET), the leading connectivity cloud company, announced today that it is working with the world’s largest payments companies to create an authentication layer for agentic commerce. This industry-wide collaboration leverages the Web Bot Auth protocol, enabling AI agents to shop at millions of merchants globally.

Cloudflare and Visa have worked together to develop and introduce the Trusted Agent Protocol, a new protocol that enables payment networks to integrate Web Bot Auth and allows merchants to securely and transparently engage with the next generation of AI-driven shopping agents. Visa is incorporating these new protocols and capabilities into its agentic payment platform, Visa Intelligent Commerce. Cloudflare is also working with Mastercard and American Express to leverage Web Bot Auth. Mastercard is incorporating Web Bot Auth into Mastercard Agent Pay, enabling merchants to identify trusted agents and deliver secure and personalized agentic commerce experiences easily. American Express will also leverage Web Bot Auth for use in its agentic commerce program. AI agents built with the Cloudflare Agents SDK will soon be able to use these protocols to shop autonomously at millions of merchants globally.

Agentic commerce is an emerging form of online shopping where AI agents act as a personal shopper on a consumer's behalf, handling the entire buying process from start to finish. It is creating extraordinary opportunities for consumers and merchants but also introduces new challenges. Merchants now need robust systems to reliably differentiate between trusted AI agents and malicious bots, while also providing a seamless experience to their customers.

Leveraging Web Bot Auth for Agentic Commerce

Web Bot Auth, proposed earlier this year, allows bots and agents to authenticate themselves, and can now be used for agentic commerce. With its use in the Trusted Agent Protocol, merchants can determine the identity and intent of agent traffic and securely accept any payment method from an agent, such as credit, debit, crypto and others. Through compatibility and interoperability with all major agentic frameworks, Web Bot Auth creates an authentication layer which will empower merchants and developers to safely deploy agentic commerce at Internet-scale.

“The future of commerce is agentic, and Cloudflare is building the trusted foundation for it,” said Stephanie Cohen, Chief Strategy Officer at Cloudflare. “We're directly enabling developers, merchants, and payments companies to innovate, and that starts by ensuring security is not an afterthought—it's built in by design. With our global network, we're uniquely positioned to enable trust protocols that allow AI agents to transact safely, unlocking the next era of digital commerce for everyone.”

“As AI agents begin to transact on behalf of consumers, a new era of commerce is emerging—one that demands trust, transparency, security, and industry collaboration,” said Jack Forestell, Chief Product and Strategy Officer, Visa. “Merchants shouldn’t have to choose between blocking bots and serving real customers—Trusted Agent Protocol helps solve that.”

“Agents have the potential to enable a much more seamless shopping experience, but this will only be possible if the agent can be trusted and if merchants have the tools they need to easily support this new era of commerce,” said Jorn Lambert, Chief Product Officer at Mastercard. “In collaboration with industry players like Cloudflare, we are simplifying agent verification for merchants and ensuring a unified approach to agentic commerce that is scalable, secure, and widely adopted.”

“American Express is excited to utilize Cloudflare’s Web Bot Auth Protocol to help merchants identify trusted agents and deliver secure agentic commerce experiences,” said Luke Gebb, EVP & Head of Global Innovation, American Express. “Trust and accountability are at the core of what we do, and this collaboration continues our commitment to ensuring safety and confidence in every digital interaction.”

The following partners have provided feedback on utilizing Web Bot Auth for agentic commerce and will continue to evolve the framework together: Adyen, Checkout.com, Circle, Fiserv, Microsoft, Nuvei, Shopify, Webflow, and Worldpay.

Securing Agent-to-Merchant Connectivity

Cloudflare and payment companies will leverage Web Bot Auth to support the adoption of agentic commerce, allowing merchants to grant access to legitimate AI agents, while stopping fraudulent traffic at the front door. Merchants will be able to:

• Understand customers’ intent: Agents can communicate and verify their intent in order to gather product details or purchase an item or service.
• Maintain personal relationships with customers: Merchants can determine if a customer has an existing account or shopping history, even if an agent is initiating a purchase on the customer’s behalf.
• Process payments from agents: Agents can use various payment methods, including credit, debit, crypto, or others, to complete a purchase.

Cloudflare has also contributed to open protocols such as the Agent Payments Protocol, introduced the Cloudflare NET Dollar, and is establishing the x402 Foundation with Coinbase—all of which will help to accelerate agentic commerce across the Internet.

To learn more, please check out the resources below:

• Learn more about signed agents
• Visa Developer Center: Trusted Agent Protocol
• Visa GitHub: Repo
• Cloudflare: The Platform for Building Agents

About Cloudflare

Cloudflare, Inc. (NYSE: NET) is the leading connectivity cloud company on a mission to help build a better Internet. It empowers organizations to make their employees, applications and networks faster and more secure everywhere, while reducing complexity and cost. Cloudflare’s connectivity cloud delivers the most full-featured, unified platform of cloud-native products and developer tools, so any organization can gain the control they need to work, develop, and accelerate their business.

Powered by one of the world’s largest and most interconnected networks, Cloudflare blocks billions of threats online for its customers every day. It is trusted by millions of organizations—from the largest brands to entrepreneurs and small businesses to nonprofits, humanitarian groups, and governments across the globe.

Learn more about Cloudflare’s connectivity cloud at cloudflare.com/connectivity-cloud. Learn more about the latest Internet trends and insights at https://radar.cloudflare.com.

Follow us: Blog | X | LinkedIn | Facebook | Instagram

Forward-Looking Statements

This press release contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended, which statements involve substantial risks and uncertainties. In some cases, you can identify forward-looking statements because they contain words such as “may,” “will,” “should,” “expect,” “explore,” “plan,” “anticipate,” “could,” “intend,” “target,” “project,” “contemplate,” “believe,” “estimate,” “predict,” “potential,” or “continue,” or the negative of these words, or other similar terms or expressions that concern Cloudflare’s expectations, strategy, plans, or intentions. However, not all forward-looking statements contain these identifying words. Forward-looking statements expressed or implied in this press release include, but are not limited to, statements regarding the capabilities and effectiveness of Cloudflare’s products and technology, the benefits to Cloudflare’s customers from using Cloudflare’s products and technology, Cloudflare’s collaboration with payments companies and the potential resulting benefits to Cloudflare customers, the potential opportunity for Cloudflare to attract additional customers and to expand sales to existing customers through Cloudflare’s collaboration with payments companies, the rise of agentic commerce and the potential benefits to Cloudflare from this development, Cloudflare’s technological development, future operations, growth, initiatives, or strategies, and comments made by Cloudflare’s Chief Strategy Officer and others. Actual results could differ materially from those stated or implied in forward-looking statements due to a number of factors, including but not limited to, risks detailed in Cloudflare’s filings with the Securities and Exchange Commission (SEC), including Cloudflare’s Quarterly Report on Form 10-Q filed on July 31, 2025, as well as other filings that Cloudflare may make from time to time with the SEC.

The forward-looking statements made in this press release relate only to events as of the date on which the statements are made. Cloudflare undertakes no obligation to update any forward-looking statements made in this press release to reflect events or circumstances after the date of this press release or to reflect new information or the occurrence of unanticipated events, except as required by law. Cloudflare may not actually achieve the plans, intentions, or expectations disclosed in Cloudflare’s forward-looking statements, and you should not place undue reliance on Cloudflare’s forward-looking statements.

© 2025 Cloudflare, Inc. All rights reserved. Cloudflare, the Cloudflare logo, and other Cloudflare marks are trademarks and/or registered trademarks of Cloudflare, Inc. in the U.S. and other jurisdictions. All other marks and names referenced herein may be trademarks of their respective owners.

View source version on businesswire.com: https://www.businesswire.com/news/home/20251014144421/en/