Visa Trusted Agent Protocol (TAP): Identity Verification for AI Agents
The Visa Trusted Agent Protocol (TAP) is an open specification designed to verify the identity of AI agents acting on the web. Backed by Visa, it provides a cryptographic framework for agents to prove legitimacy to merchants and firewalls, effectively bypassing CAPTCHAs and bot challenges. As of 2024, the protocol is in developer preview, offering reference implementations to facilitate secure, audited agent traffic across major CDNs and WAFs.
What is the Visa Trusted Agent Protocol (TAP)?
TAP is a technical standard that establishes a verifiable trust signal for AI agents, allowing them to interact with web services without being blocked as malicious bots.
* Industry Backing: Developed by Visa to serve as a default trust signal similar to EMVCo payment standards.
* Audit Requirement: Credentials are only issued after an agent’s product passes a security and behavior review.
* Cryptographic Security: Every request is signed using unique keys to detect tampering or replay attacks.
* Verifiable Data: Verifiers learn the identity of the agent operator, the specific product, and the end-user represented.
Official technical specifications are available via the Visa Developer Platform and reference implementations are hosted on GitHub.
How does a TAP-verified request work?
The protocol follows a structured lifecycle from agent auditing to real-time request verification.
| Phase | Action | Result |
|---|---|---|
| Application | Agent operator applies for a TAP credential. | Verification process begins. |
| Audit | Accredited issuer reviews product behavior and security. | Ensures agent meets legitimacy standards. |
| Issuance | Issuer provides signing keys and verifiable credentials. | Identity is bound to cryptographic keys. |
| Request | Agent signs a web request and includes its credential. | Request is authenticated at the protocol level. |
| Verification | Server or WAF validates the signature and status. | Agent passes through without bot challenges. |
Why does TAP matter for AI agents and merchants?
TAP provides a legitimate identity layer that resolves the conflict between automated agents and security firewalls.
Benefits for Agent Operators
* Avoids the fragility of browser spoofing or mimicking human behavior.
* Reduces friction by bypassing CAPTCHAs and aggressive rate limiting.
* Establishes a network-recognized identity for interactive actions like checkouts.
Benefits for Merchants
* Identifies agents as "known quantities" through a trusted verification stack.
* Enables whitelisting in Web Application Firewalls (WAFs) without increasing fraud risk.
* Allows for the creation of differentiated, agent-specific API flows and experiences.
How does TAP compare to other standards?
TAP works alongside existing crawler and payment protocols but focuses specifically on the identity of interactive AI agents.
* Cloudflare Verified Bots: Focuses on search engine crawlers using IP-based verification; TAP uses per-request signing for interactive agents.
* Mastercard Agent Pay: A network-side companion focused on tokenized virtual cards and spending mandates.
* AP2: A protocol used to verify that a user specifically authorized a purchase made by an agent.
* RFC 9421: TAP utilizes cryptographic signing standards as defined in HTTP Message Signatures (RFC 9421).
What is the current status of TAP?
As of 2024, TAP is in developer preview with public reference implementations. Several major Content Delivery Networks (CDNs) and Web Application Firewalls (WAFs) have signaled support for the protocol.
AgentFi integrates TAP into its Know Your Agent (KYA) program. Agents that successfully complete an AgentFi audit are issued credentials that are compatible with any TAP-aware verifier across the web.