Mastercard Proves What You Told Your AI Agent

When your AI agent buys something you didn't authorize, who pays? Right now: whoever loses the dispute. Mastercard just open-sourced the answer — a cryptographic intent record. Before the agent transacts, you attach a proof to the session: IntentRecord.create — user 123, instruction "book the cheapest flight under 400 dollars", scope airlines, amount ceiling 400. Sign it. That record travels with every transaction. If there's a dispute — merchant, bank, or consumer — anyone can verify what the user actually authorized versus what the agent did. No more "the AI went rogue" gray area. The burden of proof is cryptographic, not anecdotal. This is open-sourced at verifiableintent.dev, built with FIDO, EMVCo, and Google. Fiserv, IBM, and Checkout.com have already committed. If you're building agentic commerce, integrate this before disputes get expensive. Link in bio.