TAP: Trust & Agent Protocol
Visa's Trust & Agent Protocol for cryptographic agent identity verification.
Overview
TAP (Trust & Agent Protocol) is Visaβs standard for verifying agent identity in commerce transactions. It uses PKI/Ed25519 cryptography to answer the fundamental question: βIs this agent legitimate?β
TAP operates in the Identity Layer of our three-layer protocol architecture.
Role in the Architecture
TAP is complementary to AP2 and ACP β not a replacement:
| Layer | Protocol | Question |
|---|---|---|
| Identity | TAP | Is this agent who it claims to be? |
| Authorization | AP2 | Did the user approve this spend? |
| Execution | ACP | Process the payment |
TAP cannot authorize payments or process transactions. It solely verifies agent identity.
Key Concepts
Agent Identity
Every agent receives a cryptographic identity (DID) that proves its authenticity:
- Ed25519 Key Pair β Public/private key for signing
- DID Document β Decentralized identifier with agent metadata
- Trust Score β Reputation score based on transaction history
Verification Flow
- Agent presents its DID and signed challenge
- TAP verifies the signature against the DID document
- Trust score is checked against merchant requirements
- If valid, the agent proceeds to the authorization layer
Status
TAP integration is under active development. Key areas being built:
- Agent DID registration and management
- Ed25519 signature verification pipeline
- Trust score computation engine
- Integration with AP2 authorization flow
Contact us to join the TAP early access program and help shape the integration.