Understanding UCP Technical Specifications: How AI Agents Purchase Products

Google's Universal Commerce Protocol (UCP) has been announced, creating a massive coalition with over 20 participants including Shopify, Walmart, and Stripe. In our previous article, we covered the UCP overview and its impact on e-commerce businesses. This time, we'll take a deeper dive into the technical mechanisms.

When someone says "AI agents can purchase products," what exactly happens under the hood? How is security maintained? In this article, we'll unpack the internal architecture based on UCP's official specifications and technical blog.

UCP Overview: Three Core Components

Let's start with a bird's-eye view of UCP's constituent elements.

UCP consists of three major components.

Checkout Capability Manages the state of the entire purchase flow. It controls the sequence from when an AI agent creates a cart, sets shipping and payment methods, to when the order is finalized. It clearly identifies "where in the purchase process we are" and automatically hands off to users when human intervention is required.

Payment Architecture Handles money flow securely. This mechanism allows AI agents to complete payments without ever touching raw credit card information. Using a model called "Trust Triangle," the merchant, AI platform, and payment provider appropriately share responsibilities.

AP2 Integration Proves user intent through cryptographic technology. It records in a verifiable form whether "this purchase is what the user truly wanted," enabling human-not-present transactions like "auto-purchase when conditions are met" in the future.

Let's examine each component in detail.

Checkout State Transitions: Five Statuses

In UCP, checkout sessions transition through five states. This is a crucial concept indicating "where we are" as an AI agent progresses through the purchase process.

incomplete: Required information is missing. Shipping address not entered, payment method not selected—the information needed to complete the purchase isn't complete. The AI agent checks the messages array to understand what's missing and adds the information.

requires_escalation: Information that cannot be resolved via API is needed. For example, age verification, 3D Secure authentication, or terms acceptance. In this case, a continue_url is provided, and the AI agent directs the user to the merchant's webpage.

ready_for_complete: All required information is complete, and the purchase can be completed programmatically. The AI agent calls the "Complete Checkout" API to finalize the order.

complete_in_progress: Order processing is in progress on the merchant side. Payment processing and inventory checks are being performed.

completed: The order has been successfully finalized. This state is immutable, and a confirmation email is sent to the user.

The brilliance of this state transition design is that it clearly separates scenarios requiring human intervention. AI agents attempt to resolve incomplete issues themselves, and when it becomes requires_escalation, they gracefully hand off to the user.

Payment Mechanism: Trust Triangle

UCP's payment architecture is based on a model called the "Trust Triangle". There are three parties involved:

• Business: The retailer selling products
• Platform: Providers of AI agents like Google or Microsoft
• Payment Credential Provider: Services providing payment authentication like Google Pay, Apple Pay, or Stripe

The key design principle is that the Platform never touches raw card information (PAN). The Platform only handles tokenized, opaque credentials. This significantly reduces the PCI DSS compliance burden on the AI agent side.

The payment flow proceeds in three steps:

Step 1: Negotiation The merchant analyzes the cart contents and notifies the Platform of available payment methods. Information like "Google Pay and Stripe are available for this cart."

Step 2: Acquisition The Platform calls the payment provider's API to obtain tokenized credentials. User biometric authentication or PIN entry happens at this stage.

Step 3: Completion The Platform sends the obtained token and handler_id to the merchant. The merchant uses the handler_id to perform appropriate decryption and execute the actual charge.

AP2 Mandates: Enabling Conditional Automatic Purchases

What makes UCP even more powerful is its integration with Agent Payments Protocol (AP2). AP2 uses cryptographically signed authorization proofs called "Verifiable Digital Credentials (VDC)" to prove user consent for AI agent actions.

AP2 defines three types of mandates:

Intent Mandate Records the user's initial request. Instructions like "find white running shoes" are stored with cryptographic signatures.

Cart Mandate Authorization for specific cart contents and prices. It proves that the user agreed to "buy this product at this price." Because it includes a checkout_hash, it can verify that cart contents haven't been tampered with.

Payment Mandate Notifies the payment network that "an AI agent is involved in this transaction." This serves as information for banks and card companies to perform risk assessment.

This mechanism enables Human Not Present transactions.

For example, suppose a user instructs "buy this jacket if it drops 15% in price":

1. User signs an Intent Mandate (including price conditions, budget cap, deadline)
2. AI agent monitors the price
3. When conditions are met, a Cart Mandate is automatically generated
4. Payment is executed automatically

"Conditional automatic purchases" that were unthinkable in traditional e-commerce are safely realized through cryptographic technology.

Practical Example: Buying Running Shoes with an AI Assistant

We've now covered the three components. Let's see what the actual experience looks like when these work together through a concrete scenario.

Scenario: User asks Gemini to "find white running shoes"

User: "Find me white running shoes. Budget is around $100."

    ↓ AI agent searches multiple UCP-enabled shops

Gemini: "I found 3 options:
         ① Nike Air Zoom ($98)
         ② Adidas Ultraboost ($102)
         ③ Asics Gel-Nimbus ($93)
         Which one looks good?"

User: "I like the Nike. I want to buy it."

    ↓【Checkout Capability】Session created, state: incomplete

Gemini: "Should I use your registered home address for shipping?"

User: "Yes, that's fine."

    ↓【Checkout Capability】Shipping added, state: incomplete → requires_escalation
    ↓ (3D Secure authentication required)

Gemini: "Payment authentication is needed. Please authenticate via this link."

    ↓ User goes to continue_url for authentication
    ↓ Biometric authentication completes card verification

    ↓【Payment Architecture】Token obtained via Trust Triangle
    ↓【Checkout Capability】state: ready_for_complete → completed

Gemini: "Your order is complete! Confirmation email sent.
         Expected delivery: January 16th"

In this scenario, Checkout Capability manages the purchase flow state and automatically hands off to the user when authentication is needed. Through the Payment Architecture's Trust Triangle, the AI agent (Gemini) completes the payment without ever touching raw card information.

Advanced Scenario: Conditional Automatic Purchase

With AP2, even the following experience becomes possible:

User: "If that Adidas shoe drops below $100,
       buy it automatically. Deadline is end of this month."

    ↓【AP2】Intent Mandate signed (condition: ≤$100, deadline: 1/31)

Gemini: "Got it. I'll monitor the price and auto-purchase
         when conditions are met. I'll notify you when purchased."

    ↓ AI agent monitors price periodically
    ↓ January 20th, price drops to $97

    ↓【AP2】Cart Mandate auto-generated
    ↓【Checkout・Payment】Auto-purchase executed

Gemini: "Notice: Adidas Ultraboost dropped to $97,
         so I've automatically purchased it. Please check your confirmation email."

This "conditional automatic purchase" only becomes possible when all three components work together. The Intent Mandate cryptographically proves the user's intent, Checkout Capability manages state, and Trust Triangle securely processes payment. This is a shopping experience that was impossible with traditional e-commerce sites.

How Merchants Implement UCP

To implement UCP in your own e-commerce site, you need to prepare three endpoint groups to respond to AI agent requests.

① Discovery Endpoint GET /.well-known/ucp — The endpoint that AI agents access first to check if this merchant supports UCP and what payment methods are available.

② Checkout API REST API for managing checkout sessions.

• POST /checkout-sessions — Create session
• GET /checkout-sessions/{id} — Get status
• PUT /checkout-sessions/{id} — Add/update information
• POST /checkout-sessions/{id}/complete — Finalize purchase

③ Payment Handlers The mechanism that integrates with payment providers like Google Pay, Stripe, and PayPal to receive tokens and execute actual payment processing.

AI agents send requests in the following flow:

1. Discovery → First check support status via /.well-known/ucp
2. Create Session → Create a session with cart information
3. Add Information → Sequentially add shipping address, payment method
4. Complete Purchase → When all information is ready, finalize with complete

Let's look at the implementation details for each endpoint.

Step 1: Implement Discovery Endpoint Place a JSON profile at /.well-known/ucp. Declare supported features (Capabilities), payment methods (Handlers), and signing keys.

Step 2: Implement Checkout API Implement the four checkout API endpoints. Control checkout state transitions through validation for missing information, error notification via the messages array, and continue_url generation logic.

Step 3: Implement Payment Handlers Implement token processing logic for each payment provider. Processing is required for each supported payment method (Google Pay, Stripe, PayPal, etc.).

However, Shopify merchants don't need to implement any of this. Since Shopify is a co-developer of UCP, the platform handles the integration. The above implementation work is only necessary for businesses running their own e-commerce sites or using other platforms.

Options for Shopify and commercetools Users

Here's a summary of UCP support status among major commerce platforms:

Shopify: As a co-developer of UCP, merchants are automatically UCP-compatible. No additional development work required.

commercetools: Announced their agentic commerce strategy at NRF 2026. JD Sports has emerged as the first adopter. Given the nature of headless commerce, UCP integration is expected at the API layer.

Custom Implementation: Official specifications and sample implementations (Python/FastAPI, Node.js/Hono) are available on GitHub.

Currently, Shopify users are positioned to benefit from UCP earliest.

Summary

Looking at UCP's technical specifications reveals that behind the seemingly simple concept of "AI shopping" lies complex design involving security, user authorization, and state management.

Key points for e-commerce businesses:

1. Understanding state transitions: Checkout progresses through 5 states, automatically handing off when human intervention is needed
2. Payment security: Trust Triangle ensures AI agents never touch raw card information
3. Conditional automatic purchases: AP2 mandates will enable instructions like "buy when the price drops" in the future

UCP is still in early rollout in the US. While the timeline for Japan market expansion hasn't been announced, based on Google's expansion patterns for other services, a lag of several months to a year is expected.

For technical preparation, starting with structuring product data (in AI-recognizable formats) and confirming your payment system's token support status would be practical.

References

• UCP Specification Overview - Official UCP Specification
• Under the Hood: Universal Commerce Protocol (UCP) - Google Technical Blog
• Building the Universal Commerce Protocol - Shopify Engineering
• UCP GitHub Repository - Official specs and samples
• Announcing Agent Payments Protocol (AP2) - AP2 Announcement
• UCP and AP2 - UCP and AP2 Integration Specifications