Tokenization Shields Merchants, Issuers as AI Agents Start to Shop

Watch more: The Digital Shift: Thales’ Francois Chaffard

As artificial intelligence (AI) agents edge from novelty to shopping companion, merchants are revisiting an old question in a new form: Who — or what — gets trusted to pay? Agentic commerce promises frictionless buying, but it also creates new openings for fraud and disputes. Tokenization, which swaps real card credentials for limited-use digital stand-ins, could be the layer that makes autonomous transactions safer. 

In a recent conversation with PYMNTS, Francois Chaffard, vice president of digital at Thales, argued that tokenization is evolving into “the foundation of seamless autonomous and authenticated digital experiences.”

Agentic commerce is “extremely high on the agenda,” he said, because the ecosystem must answer three questions: “Did the user authorize the purchase? Is the agent buying exactly what you ask him to buy? And in case something goes wrong, is the liability clearly designed, and can we designate one responsible if the transaction is failing?”

Tokenization, he said, is already doing more of that work than many people realize. “I like to call it a silent revolution because it has already transformed the way we paid,” Chaffard said.

The change is massive, but largely invisible. Add a card to a wallet and “you don’t feel that you are adding a token,” he said. Shop online and “you don’t know that behind the scenes your card details are not stored, but instead a token is being created.” Tokenization’s biggest success may be that it improved security without demanding new consumer behavior, which is exactly the kind of “invisible” shift that could help agentic commerce scale.

“Tokenization has become a new rail that connects the very same parties in real time,” he said. That connection matters because it creates a real-time backbone for trust across merchants, acquirers, issuers and cardholders.

Tokenization, Authorization Form Backbone for Payments

That same backbone is reshaping the everyday payment journey. Chaffard pointed to Apple Pay as the benchmark for best-in-class experience: “You open your wallet, you just do a fingerprint or a face ID, and then your payment is approved,” he said, and “behind the scenes tokenization is operating.” Network services such as Click to Pay aim to extend that flow so that “you can have the very same experience for every merchant and every consumer.” If agentic commerce is going to feel effortless, the payments layer beneath it has to be both consistent and secure, without forcing the consumer to constantly reauthenticate or reenter sensitive data.

But in a digital-first world, tokenization’s success depends on the strength of authentication around it. When a card is enrolled into a wallet, there’s an identity-and-verification step. “Payment fraud goes to the weakest link,” Chaffard said, taking the example of fraudsters exploiting weak provisioning authentication with stolen credentials and SMS one-time passwords.

Chaffard said Thales is working to harden both token creation and token use. The company has built an engine inside its D1 platform that “combines in real time different signals,” including device fingerprints and issuer fraud inputs, “to make sure that when we create a token, we are safe.”

But, he added, “You need not only to bring security when you create token, but also when you use this token.” That’s where he sees payment passkeys as a key ingredient — “silent purchase behind the scenes” combining strong authentication with tokenization. 

Scaling that shift is where Thales acts in the ecosystem. The company’s D1 platform “really exposes simple APIs to interface with legacy infrastructure,” Chaffard said, so customers can launch tokenization services without having to “master the complexity and the technology challenges.” He said Thales expects to close the year with “300 million digital active cards” on D1, giving issuers the ability to build digital consumer journeys while staying “in full control of all the tokens” associated with their cards. 

Timetables and Agentic Commerce Protocols

The industry’s timetable is tightening. Mastercard has committed to fully tokenizing its network by 2030, a bold ambition that Thales is “fully supportive” of. The challenge, Chaffard says is really to make it happen in five years.

His checklist starts with reach: Thales is hard at work to help industries “massify tokenization,” including in untapped geographies and in complex markets where domestic schemes must be equipped alongside global networks. Then come new capabilities — “and that’s Click to Pay,” he said — followed by “the cherry on the cake,” which is Payment Passkeys using biometric authentication.

Agentic commerce may be the ultimate test of whether those pieces truly fit together. Chaffard pointed to Google’s AP2 initiative, which uses cryptography and “three mandates” to formalize user intent, constraints and payment authority. The “payment mandate,” he said, is “clearly fit for tokenization,” because it keeps credentials from “appear[ing] everywhere,” and a token “can be assigned to specific agent with the end user consent.” Add payment passkeys on top for the end user approval to create a mandate “fully recognized by the issuer” without major disruption. 

For Chaffard, that’s the throughline: Tokenization is no longer a background security feature. It is the foundational shift that can make digital payments — and autonomous commerce — both safer and simpler.

“That’s why this is not just a rail,” he said. “It’s a backbone for the digital payment ecosystem to work.” 

The post Tokenization Shields Merchants, Issuers as AI Agents Start to Shop appeared first on PYMNTS.com.