facebook noscript

VGS is the Universal Translation Layer for Agentic Protocols

May 15, 2026

VGS is the Universal Translation Layer for Agentic Protocols

AI agents are increasingly doing the browsing, comparing, deciding, and buying on behalf of real people. And they’re doing it everywhere: on merchant websites, in ChatGPT apps, through Google Gemini, and in fully automated backend pipelines that never involve a human-facing UI.

The problem? Every one of these channels runs on a different protocol. And the protocol that governs how an agent shops at Instacart.com is completely different from the one it uses inside a ChatGPT app, which is different again from how it operates inside Google’s Merchant Center, or in a pure machine-to-machine payment flow.

For merchants, this creates an integration nightmare. For consumers, it creates a security risk. And for the broader agentic commerce ecosystem, it creates fragmentation. One where no one is quite sure how payment data flows, who holds it, and whether it’s safe.

VGS solves this. Not by picking a winner among the protocols, but by leveraging tokens and acting as the universal translation layer across all protocols.

From Customer Acquisition to Agent Acquisition Across Protocols

Here’s what merchants are actually dealing with today, depending on which channel an agent uses to shop with them:

On the merchant’s own website:

A browser-use agent autofills checkout forms the way a human would. The front-end challenge is getting merchant fraud and bot detection systems to whitelist legitimate agents without opening the door to malicious bots. The key: the payment data flowing through that autofill can be tokenized via VGS before it ever touches the merchant’s systems.

On ChatGPT (via chatgpt.com/instacart or the native ChatGPT Agent):

The applicable protocol is OpenAI’s ACP (Agent Communication Protocol), which is built natively into ChatGPT Apps and will soon be built into the ChatGPT Agent itself. Merchants integrate directly with ACP for product feeds, payment flows, or both. When a purchase completes, ChatGPT sends tokenized payment data to the merchant’s PSP or directly to the merchant via ACP, using VGS.

On Google Gemini and Google’s Merchant Center:

The applicable protocols are Google’s UCP and AP2. UCP is built natively into Gemini and Google’s infrastructure. Here again, the payment data exchanged between the agent and the merchant’s PSP flows through a tokenization layer, such as VGS.

In agent-to-agent backend flows:

This means pure machine-to-machine commerce with no consumer UI; three protocols apply. MCP (Merchant Owned Model Context Protocol), MPP (Machine Payments Protocol), and Cloudflare’s x402. These are the most nascent but arguably the most consequential protocols, enabling fully autonomous commerce at scale.

The headline insight: the relevant protocol depends entirely on the merchant’s customer acquisition channel. And no single merchant operates in just one channel.

 

How VGS can be the Common Thread Across Every Protocol

Despite protocol diversity, every agentic commerce transaction, regardless of its origin, follows the same fundamental data flow: collect, tokenize, and transmit sensitive data.

There are actually two token layers involved in every transaction:

  1. The agent’s token layer: where consumer PII is collected and authenticated, tokenized for secure management, and transmitted to the merchant.
  2. The merchant’s token layer: where the merchant collects and identifies the user’s account, tokenizes the agent’s card into a merchant-specific card token, and sends it to the PSP that is processing the transaction.

VGS operates across both layers. That’s what makes it truly interoperable. An agent’s token and a merchant’s token are not the same thing, and securely bridging them in a way any PSP can accept is precisely what VGS does.

VGS is an interoperable token layer ready for agentic commerce and ANY protocol.

 

What Merchants Actually Need and What VGS Delivers

Merchants aren’t waiting for the protocols to settle. They’re already encountering real, pressing challenges. VGS addresses each one directly.

Challenge #1: Agents share single-use payment methods with transaction limits, but merchants want cards on file and to build a customer profile.

Today’s agentic transactions often involve one-time, transaction-limited payment credentials, which makes it difficult for merchants to build customer profiles, offer loyalty programs, or enable seamless repeat purchases. VGS solves this in two ways: VGS-enabled agents can send cards directly to PCI-compliant merchants for storage, and in the future, depending on the payment method or card network, VGS will support agent-to-merchant token management. Our goal is to take machine-readable payments and make them merchant reusable.

Challenge #2: PSPs claim they can be the single gateway for all agentic transactions, but enterprise merchants need a multi-PSP approach.

No enterprise merchant routes everything through one PSP. They have relationships with multiple processors, redundancy requirements, and optimization strategies that depend on routing flexibility. A PSP-native tokenization solution means locked-in tokens that don’t travel. VGS tokens, whether PCI tokens or network tokens, are universally interoperable. One VGS token works with PSP #1, PSP #2, and PSP #3.

VGS also solves the duplication problem: PSP-specific tokens create duplicated compliance effort, cost, and risk surface. One VGS token eliminates all of that. And critically, VGS is product-neutral. As a result, VGS doesn’t entangle in a merchant’s product catalog or SKUs the way platform-native solutions do.

Challenge #3: Merchants want to experiment with both receiving and initiating agentic commerce.

The agentic commerce opportunity isn’t one-directional. Merchants don’t just want to accept orders from agents; they want to initiate agentic experiences too. VGS enables this in both directions. On the receiving side, VGS allows merchants to verify and look up agents across every protocol, so they always know who they’re transacting with. On the initiating side, VGS is the leading token provider for all network token types, giving merchants a single foundation for any agentic commerce experiment they want to run.

 

Why Merchants Need a Universal Translation Layer

The instinct when confronted with protocol fragmentation is to pick a side, to bet on ACP, UCP, or x402, and build deeply for one ecosystem. That instinct is wrong.

Protocols will continue to proliferate. OpenAI, Google, Anthropic, Cloudflare, and others all have strong incentives to build and advance their own agent communication standards, which means the protocol landscape in 2027 will be more complex than it is today, not less. The merchants who win in agentic commerce will be the ones whose payment infrastructure works regardless of which protocol is calling.

The underlying challenge is token interoperability. When an agent initiates a transaction, the payment credential it carries must be readable, secure, and compliant, regardless of where it originated or is going. A token vaulted in one ecosystem must be usable in another, without exposing raw card data in transit or requiring merchants to maintain separate integrations for every protocol they want to support.

VGS solves this by sitting at the translation layer: normalizing how payment tokens are collected, stored, and routed across any agent protocol, so merchants get a single, consistent integration point regardless of who’s calling.

In a world where commerce is going agentic across every channel at once, that kind of interoperability isn’t a nice-to-have. It’s the foundation on which everything else is built.

VGS Logo VGS Logo

VGS as the Universal Protocol Translator

When an agent initiates a purchase, the payment credential it carries reflects the ecosystem it came from, which may have nothing in common with the system processing the transaction on the other end. VGS is bridging that gap without exposing raw card data or compromising compliance posture, the core challenge of agentic payments.

VGS, as a universal translation layer, solves this by decoupling the token from the protocol. Payment data is vaulted once, then routed in the format the receiving system expects, regardless of whether the agent originated from ChatGPT, Gemini, a browser-based workflow, or an MCP pipeline. The merchant maintains a single integration. The raw credential never travels.

In a world where commerce is going agentic across every channel at once, interoperability isn’t a nice-to-have. It’s the foundation.

Ready to accept payments from any agent on any protocol?

VGS sits at the translation layer, so your payment infrastructure works regardless of where the transaction originates. No redundant integrations, no exposed credentials.

Contact Us
howard-bio-blog

Howard Xiao

Sr. Director, Partnerships

Linkedin Icon

You Might Also Be Interested In...

What is Command-Line Commerce: The Future of Buying, Selling, and Building in a Terminal-First World
Agentic
What is Command-Line Commerce: The Future of Buying, Selling, and Building in a Terminal-First World

Command-line commerce is redefining payments. As AI agents transact autonomously, payments must become programmable, identity-driven, API-native, and built for trust beyond the traditional checkout experience.

May 8, 2026
Better Together: How Dyneti and VGS Partner to Bring Optimal Value to Customers
News
Better Together: How Dyneti and VGS Partner to Bring Optimal Value to Customers

VGS and Dyneti have partnered to bring seamless card capture and PCI-compliant tokenization together in one stack, delivering optimal checkout experiences for your customers.

April 30, 2026
AI and PCI Compliance: What Every Company Needs to Know in 2026
Payments
AI and PCI Compliance: What Every Company Needs to Know in 2026

Artificial intelligence is rapidly becoming part of payment systems, fraud detection, customer support, and internal tooling. At the same time, PCI DSS 4.0.1 is now fully in effect, which raises an urgent question for security and compliance teams.

How does AI fit into PCI compliance?

April 23, 2026