D1 Agentic | Thales Payments Docs

⬡

✦ New · April 2026

D1 Agentic

Enable issuers to participate in agentic commerce across Visa VIC TAP and Mastercard Agent Pay — through a single D1 integration, with issuer-owned risk rules and a complete mandate audit trail.

Overview

D1 Agentic is a new module for the D1 Tokenization product. It extends D1's existing DPAN provisioning capabilities to support AI agents as a new class of token requestors, with programmable scope constraints and mandate storage.

Issuers already on D1 Tokenization activate D1 Agentic with a single configuration step — no new scheme integration, no new security infrastructure.

✦

Add-on to D1 Tokenization

D1 Agentic requires D1 Tokenization (GA). Existing D1 Tokenization connectors to VTS (Visa), MDES (Mastercard), and Amex TSP are reused. No new scheme enrollment is required.

What D1 Agentic adds

Agent identity validation — verifies agents against Visa Agent Directory or Mastercard Agent Registry before any DPAN is provisioned
Agentic token provisioning — calls VTS or MDES with programmable scope parameters (amount, MCC, geo, expiry) per Visa VIC TAP and MC Agent Pay specs
Mandate storage — creates a cryptographic record linking consumer intent, agent identity, and credentials at provisioning time
VDA autonomous decision — 12 agentic rules evaluated without real-time core banking callout
Dispute evidence — signed, machine-readable evidence package for chargeback defense
12 new notification events — full agentic token and mandate lifecycle

What D1 Agentic does not do

Does not generate DPANs — VTS and MDES still generate them via existing D1 connectors
Does not participate in payment authorization — standard card network rails handle this
Is not a consumer-facing wallet or AI agent itself
Does not replace existing D1 Tokenization flows for xPay wallets or Click to Pay

What's real and what's a product design?

⚠

Transparency — important to read

This section clarifies what exists today in D1 versus what D1 Agentic proposes to build. This is a product design based on real specifications.

Component	Status	Notes
D1 Tokenization (base product)	✓ GA — Real	VTS, MDES, Amex TSP connectors. Decision Engine. Consumer + Card entities. Documented at docs.payments.thalescloud.io
Visa VIC TAP	✓ GA — Real	Launched October 2025. Agent Directory, browsing signature, scoped DPAN parameters. Spec provided by Visa.
Mastercard Agent Pay	✓ GA — Real	Launched Q4 2025. Agent Registry, Web Bot Auth (RFC 9421), agentic token framework.
FIDO2 PaymentPasskey	✓ Real standard	EMVCo + FIDO Alliance specification. D1 already supports step-up authentication.
D1 Agentic module (new endpoints)	◎ Product Design	The new API endpoints, Agent entity, Mandate entity, and agentic events are a product design — what Thales should build on top of D1 Tokenization to close the gap.
"Scoped token" terminology	◎ Not official	Not used in Visa or MC official documentation. Visa uses "agent-bound token". MC uses "agentic token". This documentation uses "agentic token" per MC terminology.
Mandate storage	◎ Product Design	Concept derived from AP2 (Google Agent Payments Protocol) and Boboev's "tokenize the mandate" insight. D1 does not currently store mandates.
VDA for agentic provisioning	✓ Real mechanism	VDA (Visa Delegated Authentication) is a real mechanism in D1/VTS. Applying it to agentic flows is the product design.

✓

The architecture is correct

The gap analysis is real: D1 Tokenization today doesn't support agents as token requestors. VTS and MDES do support additional parameters at provisioning. The design is technically sound and buildable on top of what exists.

Quickstart

Provision your first agentic token in 4 steps. Complete issuer onboarding must be done first.

Enable D1 Agentic for a card product

Configure agenticEnabled: true and agenticScopeLimits for your BIN range via the D1 Admin Portal or with your Thales delivery contact.

Add an agent to your approved list

HTTP

POST /issuers/{ISSUER_ID}/approved-agents

{
  "agentId": "AGENT-ID-001"
}

Consumer authenticates with FIDO2 PaymentPasskey

The consumer authorizes the agent via FIDO2 PaymentPasskey. Your issuer app generates the FIDO2 assertion (assurance level ≥ configured minimum).

Agent provisions the agentic token

The agent calls D1 Agentic with the assertion and scope constraints. D1 validates, decides, and provisions via VTS/MDES.

HTTPCopy

POST /v1/consumers/{CONSUMER_ID}/cards/{CARD_ID}/agentic-tokens

{
  "agentId": "AGENT-ID-001",
  "fido2Assertion": {
    "credentialId":   "fido2-cred-{id}",
    "assertionType":  "PAYMENT_PASSKEY",
    "assuranceLevel": 3
  },
  "mandateIntent": "Buy a laptop for home office",
  "scopeConstraints": {
    "maxAmount":      500,
    "currency":       "USD",
    "validUntil":     "2026-04-05T22:00:00Z",
    "allowedMCC":     ["5045", "5734"],
    "geoRestriction": "USA"
  }
}

Response 201

{
  "status":           "PROVISIONED",
  "digitalCardId":    "DC-A8F3C92E1B04",
  "tokenReferenceId": "DTKN-AG-C3F918A2BB",
  "mandateId":        "MNDT-C7E1A4B8",
  "scheme":           "VISA",
  "totalLatencyMs":   437
}

Architecture

D1 Agentic sits between the AI agent and VTS/MDES. It adds agent validation, scoped provisioning, and mandate creation to the existing D1 Tokenization flow.

🤖 AI Agent → ⬡ D1 Agentic API POST /agentic-tokens · FIDO2 + scope

⬡ Agent Validation → Visa Agent Directory / MC Agent Registry verify signature · ~90ms

⬡ Decision Engine (VDA) → 12 rules evaluated · ~65ms · no issuer callout

⬡ D1 Agentic → VTS / MDES provision DPAN with agenticParameters · ~180ms

⬡ D1 Agentic → Create mandate · return {digitalCardId, mandateId} · ~35ms

⬡ D1 Agentic → 🏦 Issuer Backend AGENTIC_TOKEN_PROVISIONED (async)

End-to-end latency (P95 target)

Agent validation

~90ms

Eligibility check

~40ms

Decision Engine

~65ms

VTS / MDES

~180ms

Mandate creation

~35ms

Total P95

~450ms

Agents New

An Agent is a new entity in D1 Agentic — a software entity (AI assistant, commerce bot) acting on behalf of a consumer. Distinct from the Consumer and Card entities in D1 Tokenization.

ℹ

Two trust levels

SCHEME_VERIFIED — Agent registered in Visa Agent Directory or MC Agent Registry. D1 retrieves public key from the scheme. Recommended.
ISSUER_VERIFIED — Agent registered directly by the issuer in D1. For proprietary or internal agents.

Agent entity

agentId

string

Unique agent identifier. Assigned by the scheme or defined by the issuer.

agentName

string

Human-readable agent name.

scheme

enum

VISA_VIC_TAP | MC_AGENT_PAY | CUSTOM

trustLevel

enum

SCHEME_VERIFIED | ISSUER_VERIFIED

status

enum

ACTIVE | SUSPENDED | REVOKED

publicKeyId

string

Identifier of the agent public key used for signature verification.

registeredAt

ISO8601

When the agent was first registered in D1 Agentic.

Mandates New

A Mandate is created automatically when an agentic token is provisioned. It cryptographically links the consumer's intent, FIDO2 authentication, agent identity, and payment credentials into a single immutable record.

✓

Dispute defense

Mandates are the primary tool against agentic commerce chargebacks. Use GET /mandates/{mandateId}/evidence to export a D1-signed evidence package for Visa or MC dispute resolution.

Mandate entity

mandateId

string

Format: MNDT-{8 hex uppercase}

consumerId

string

D1 consumer identifier (CONSUMER_ID).

agentId

string

Agent identifier at time of provisioning.

digitalCardId

string

Scheme-assigned DPAN identifier.

intentDescription

string

Consumer's stated intent. Stored verbatim.

scopeConstraints

object

The scope applied at provisioning. Immutable.

fido2AssuranceLevel

integer

1 | 2 | 3. Level of the FIDO2 assertion used.

status

enum

ACTIVE | CONSUMED | EXPIRED | REVOKED

auditTrail

AuditEvent[]

Append-only event log. Never overwritten.

payments

Payment[]

Payments executed within this mandate's scope.

Agentic Tokens New

An agentic token is a standard EMV DPAN provisioned via VTS or MDES with additional agenticParameters that constrain how and when the token can be used.

⚠

Terminology note

The term "scoped token" is not used in official Visa or Mastercard documentation. Visa uses "agent-bound token" and Mastercard uses "agentic token". D1 Agentic follows Mastercard's terminology.

Scope constraints

maxAmount

number

Maximum authorized amount. Cannot exceed agenticScopeLimits.maxAmount on the card product.

currency

string

ISO 4217 currency code (e.g. USD, EUR).

allowedMCC

string[]

Permitted Merchant Category Codes. null = all (subject to issuer policy).

geoRestriction

string

ISO 3166-1 alpha-3 country code. null = no geo restriction.

validUntil

ISO8601

Token expiry. Cannot exceed agenticScopeLimits.maxDurationHours.

singleUse

boolean

If true, token is automatically revoked after first authorized payment.

Agentic notification events New

D1 Agentic adds 12 new event types to the D1 notification system. All are delivered asynchronously to the issuer's registered webhook endpoint.

AGENTIC_TOKEN_PROVISIONED

DPAN successfully provisioned for an AI agent with scope constraints applied.

AGENTIC_TOKEN_SUSPENDED

Token suspended by consumer request or issuer action.

AGENTIC_TOKEN_RESUMED

Previously suspended agentic token re-activated.

AGENTIC_TOKEN_REVOKED

Token permanently revoked. DPAN deletion triggered in VTS/MDES.

AGENTIC_TOKEN_EXPIRED

Token passed its validUntil timestamp.

AGENTIC_TOKEN_CONSUMED

Payment authorized using the agentic token. Mandate audit trail updated.

AGENTIC_MANDATE_CREATED

New mandate record created alongside token provisioning.

AGENTIC_MANDATE_CONSUMED

All scope consumed or singleUse triggered. Mandate closed.

AGENTIC_MANDATE_REVOKED

Mandate revoked by consumer or issuer.

AGENTIC_MANDATE_DISPUTED

Dispute opened against mandate. Evidence package auto-generated.

AGENT_STATUS_CHANGED

Agent suspended or revoked at issuer or scheme level.

SCOPE_VIOLATION_ATTEMPT

Payment attempted outside scope constraints. Automatically rejected by D1.

Error codes

HTTP	errorCode	Description	Action
422	`AGENT_NOT_REGISTERED`	Agent not in scheme directory	Check agentId or register agent
422	`AGENT_SUSPENDED`	Agent currently suspended	Wait for agent re-activation
422	`INVALID_AGENT_SIGNATURE`	Signature verification failed	Regenerate browsing signature
422	`AGENT_NOT_APPROVED_BY_ISSUER`	Agent not in issuer approved list	Add agent via `POST /approved-agents`
422	`CARD_NOT_ELIGIBLE`	BIN not configured for agentic	Enable agentic on card product
422	`SCOPE_EXCEEDS_LIMIT`	Scope beyond issuer policy	Reduce `maxAmount` or `validUntil`
422	`FIDO2_ASSURANCE_INSUFFICIENT`	Assurance level too low	Re-authenticate at higher level
403	`DECISION_ENGINE_DECLINE`	VDA rule evaluation declined	Do not retry — review Decision Engine rules
202	`STEP_UP_REQUIRED`	Additional auth needed	Initiate step-up authentication flow
503	`SCHEME_UNAVAILABLE`	VTS or MDES unreachable	Retry with exponential backoff

Glossary

Term	Definition
Agent	AI software entity that initiates payment transactions on behalf of a consumer
Agentic token	DPAN provisioned for use by an AI agent with scope constraints (MC terminology)
CONSUMER_ID	D1 consumer identifier. Set by the issuer, unique within D1.
DPAN	Digital PAN — the EMV token (tokenized card number) generated by VTS or MDES
FIDO2 PaymentPasskey	Cryptographic auth credential bound to a payment context (assurance levels 1–3)
ISSUER_ID	D1 issuer identifier. Set at D1 onboarding. Unique per issuer or processor.
Mandate	Immutable record linking consumer intent, agent identity, and payment credentials
MC Agent Pay	Mastercard Agent Pay acceptance framework (GA Q4 2025)
MDES	Mastercard Digital Enablement Service — Mastercard's DPAN vault
panReferenceId	Stable reference to a PAN in D1 — raw PAN is never present in D1 Agentic
VDA	Visa Delegated Authentication — D1 decides without issuer core banking callout
VIC TAP	Visa Intelligent Commerce Trusted Agent Protocol (GA October 2025)
VTS	Visa Token Service — Visa's DPAN vault

D1 Agentic Documentation · v1.0.0 · April 2026 · Thales Payments · CONFIDENTIAL