Mastercard AI-Agent Payments Live in Singapore & Malaysia | RECATOOLS

Mastercard Switches On AI-Agent Payments in Singapore and Malaysia

Photo by TheDigitalWay on Pixabay

ASEAN TECH · 6 Jun 2026 —

Key Takeaways

Mastercard has switched on authenticated AI-initiated payments in Singapore and Malaysia — its first two ASEAN markets — moving agentic commerce from pilot to production.
The rollout runs on Mastercard Agent Pay, the framework first announced on 29 April 2025, using Agentic Tokens that bind a tokenised card credential to a single agent, a single merchant scope, and a single consent policy.
Trust is enforced by Verifiable Intent, an open standard co-developed with Google that records exactly what a cardholder authorised an AI agent to do.
UOB supplied the cross-border banking network used in testing, and Mastercard plans an AI Centre of Excellence in Singapore later this year.
The framework leans on FIDO Alliance, EMVCo, IETF and W3C standards, with early backing from Adyen, Checkout.com, Fiserv, Worldpay and IBM.

The Facts

On the back of formal pilots that began in February 2026, Mastercard has confirmed that authenticated agentic transactions are now live across ASEAN markets including Singapore and Malaysia. In practice, that means a verified AI agent — a shopping assistant, a travel planner, a procurement bot — can complete a purchase on a cardholder's behalf without the human re-entering card details at checkout.

The capability is delivered through Mastercard Agent Pay, the payments framework Mastercard first unveiled on 29 April 2025. At its centre are Agentic Tokens, an extension of the long-running Mastercard Digital Enablement Service (MDES). Rather than handing an agent a raw card number, the network issues a token that is cryptographically bound to three things at once: the specific agent acting, the specific merchant scope it is allowed to spend within, and the specific consent policy the cardholder set.

The ASEAN go-live was announced alongside a planned AI Centre of Excellence in Singapore. Safdar Khan, Mastercard's Division President for Southeast Asia, framed the move as powering "ASEAN's AI ambitions in the future of payments." Singapore's UOB was named as a launch partner, with Jacquelyn Tan, the bank's Head of Group Personal Financial Services, confirming UOB provided the cross-border banking network used in testing.

How It Works

The hard problem in agentic commerce is not letting software spend money — it is proving, after the fact, that the spending matched what a human actually authorised. Mastercard's answer is a two-layer design.

The first layer is the token. Agentic Tokens extend tokenisation (the same mechanism behind contactless and device wallets) so that a credential is useless outside its bound agent, merchant scope and consent policy. A travel bot authorised to book flights up to a set limit cannot quietly buy electronics.

The second layer is Verifiable Intent, co-developed with Google and aligned with Google's Agent Payments Protocol (AP2) and Universal Commerce Protocol (UCP). It links identity, intent and action into a single, privacy-preserving record: who authorised the agent, the exact instruction they gave, and the agent-to-merchant interaction that produced the purchase. Combined with Payment Passkeys and end-to-end auditability, every AI-initiated transaction carries a tamper-resistant record of consent. Crucially, Verifiable Intent is built on neutral standards from the FIDO Alliance, EMVCo, the IETF and the W3C rather than a proprietary Mastercard stack — and processors including Adyen, Checkout.com, Fiserv, Worldpay and IBM have signalled support.

The ASEAN Angle

This is not a global launch with a regional press release stapled on — Singapore and Malaysia are the first live markets, and the supporting institutions (UOB, the planned Singapore Centre of Excellence) are regional. That ordering matters. ASEAN has high smartphone penetration, mature real-time payment rails, and a young, mobile-first consumer base that adopts new checkout flows quickly — exactly the conditions where AI agents transacting autonomously could scale fastest.

For Singapore and Malaysian businesses, the near-term takeaway is practical: agentic checkout is now something to design for, not just read about. Merchants that price or settle across the two currencies will still need to reconcile SGD and MYR amounts an agent commits to — our Currency Converter is a quick way to sanity-check cross-border totals while finance teams build agent-aware controls. The open question for regulators in both markets is liability: when an authorised agent makes a bad purchase, Verifiable Intent answers "what was authorised" — but not yet "who is accountable."

Daniel Koh's VerdictAgentic commerce

Agent Pay's ASEAN go-live is more consequential than the modest two-market footprint suggests. By binding tokens to a narrow agent-merchant-consent scope and pairing them with a Google-co-developed, standards-based intent record, Mastercard is trying to make "my AI bought this" auditable by default — the single biggest blocker to consumers trusting autonomous spend. The reliance on FIDO, EMVCo, IETF and W3C standards is the smart part: it makes Verifiable Intent something rivals and processors can adopt rather than route around.

Our recommendation for ASEAN businesses: treat this as a six-to-twelve-month design horizon, not a novelty. Map which customer journeys an agent could plausibly complete, decide where you want a human confirmation step, and pressure-test your fraud and chargeback logic against transactions where the "shopper" is software. The networks have moved first; the controls are now your problem to get right.

Tags: #ASEAN #Fintech #Singapore #AI-Agents #Payments #Agentic-AI #Malaysia #Mastercard

Daniel Koh

Finance & Digital Economy Analyst

Daniel Koh covers fintech, digital payments, banking technology, and ASEAN digital-economy regulation for RECATOOLS.

View author profile → · Editorial policy

About this byline Daniel Koh is a RECATOOLS editorial persona for finance and digital-economy analysis. Articles are produced and reviewed under RECATOOLS editorial supervision.

Key Takeaways

The Facts

How It Works

The ASEAN Angle

Related articles

Vietnam Calls for a Connected ASEAN Fintech Ecosystem at the AFF 2026 — but the Standards Are the Hard Part

Even Apple Reportedly Rents Its AI: What WWDC 2026's Day One Signals for ASEAN Businesses

Singapore Bets on Being AI's Neutral Ground — Just as US Chip Rules Put the Middle Under Scrutiny