AI agents in 2026 can reason, plan, and execute multi-step missions on their own—until they need to pay. A single agent task can trigger hundreds of sub-cent API calls, and conventional card networks charging $0.10 to $0.30 per transaction make that economically impossible. Purpose-built AI agent payment systems close this gap with autonomous wallets, signed mandates, stablecoin rails, and tamper-proof metering designed for machine-speed commerce. With Visa, Mastercard, and Google launching dedicated agent payment programs, and McKinsey projecting agentic commerce will reach $3 to $5 trillion globally by 2030, the infrastructure stack now matters more than the pitch deck.
Key Takeaways
- Market scale: The AI-in-payments market is projected to grow from $7B to $93B by 2032, with McKinsey estimating $3 to $5 trillion in agentic commerce by 2030 — including up to $1 trillion in U.S. B2C retail alone.
- Protocol convergence: x402 processed 75 million transactions in the last 30 days; Google AP2 launched with 60+ partner organizations including PayPal, Mastercard, American Express, Coinbase, and Salesforce; AP2 was donated to the FIDO Alliance in April 2026.
- Five-layer architecture: Production-grade agent payment systems require discovery, identity, wallet, authorization, and rail/settlement working together — with cryptographically signed, append-only logs at 15,000+ events per second satisfying enterprise audit requirements.
- Sub-cent economics: ZK batch settlement (Groth16/BN254 on EVM) verifies hundreds of agent mandates in a single on-chain transaction — proof once, pay many — making per-call settlement economically viable below $0.01.
- Compliance posture: Enterprise deployments need SOC 2 Type II, PCI DSS, GDPR Article 5(1)(f), EU AI Act traceability, and KYA (Know Your Agent) layered on top of existing KYC/AML — all supported by FluxA's production deployments serving 84,000+ agents and 200,000+ monthly payment requests.
Why Traditional Payment Systems Cannot Serve AI Agents
AI agent payment systems are infrastructure layers built for autonomous, high-frequency, machine-initiated transactions, replacing the human-checkout assumptions baked into Stripe, PayPal, and conventional card processors. Three structural mismatches make legacy systems unusable at agent scale.
The Sub-Cent Economics Problem
Card networks charge 1.5% to 3.5% per transaction plus a $0.10 to $0.30 minimum. When a research agent calls weather, news, and analytics APIs hundreds of times daily at $0.02 per call, fees exceed the payment value itself. Stablecoin rails on Base settle at roughly $0.001 per transaction, making micropayments mathematically viable for the first time.
The Human-Checkout Assumption
Stripe and PayPal assume a human signs up, passes KYC, enters a card, and confirms each purchase. An AI agent encountering a new paid service mid-task cannot create an account, complete identity verification, or wait for a finance team to provision access. Card-on-file solutions and API keys both fail the same way: they assume a pre-existing human relationship the agent does not have.
The Authentication Mismatch
Static API keys grant blanket permissions with no scope visible to downstream services. Agent commerce requires cryptographically verifiable, scope-bounded, revocable credentials — what the industry now calls mandates: signed authorizations specifying budget, time window, merchant scope, and permitted actions, readable by every transaction participant.
| Traditional payments | Agent-native payments | |
|---|---|---|
| Initiator | Human at checkout | Autonomous AI agent |
| Authentication | KYC, password, 2FA | Cryptographic identity + signed mandate |
| Authorization | Per-purchase confirmation | One signed intent per mission |
| Per-transaction cost | $0.10–$0.30 + 1.5–3.5% | As low as $0.001 (USDC on Base) |
| Settlement latency | 1–3 days (ACH) | Sub-2s stablecoin; 200ms (x402) |
| Throughput | Hundreds/sec per merchant | 15,000+ metered events/sec |
| Best for | High-value, low-frequency | High-frequency, sub-cent calls |
The Five-Layer Architecture of AI Agent Payment Infrastructure
Most introductions to agent payments jump straight to the rail — which protocol, which chain, which stablecoin. The rail is one layer. Production-grade infrastructure needs five.
Layer 0: Discovery
Before any transaction can happen, the agent must find a payable service. The emerging convention is a machine-readable manifest at a known path — typically /skill.md — describing capabilities, pricing, supported protocols, and authentication. A site returning HTML to humans and 401 to machines is invisible to agents.
Layer 1: Identity
The receiving system must know who the agent is, who owns it, and what it can spend. A machine-readable credential — not a username, not an API key — is what makes this possible. A FluxA-issued Agent ID gives each agent agent_id, token, and refreshable JWT credentials that travel across services. Combined with Know Your Agent (KYA), identity becomes composite: people who deployed the agent, devices it runs on, wallet addresses it controls, merchants it has transacted with, and reputation accumulated.
Layer 2: Wallet
An agent needs a wallet it can draw from autonomously — but not one with unrestricted access. A raw private key is all-or-nothing. What's needed is a co-wallet: the user retains custody of underlying assets, and the agent draws only against a scoped, mandate-bounded balance. FluxA's AI Wallet implements exactly this, with per-agent monthly limits and host-scoped policies enforced before any transaction reaches the rail.
Layer 3: Authorization
This is the layer most implementations get wrong. Spending limits coded into application logic can be bypassed — by the agent, by a compromised prompt, by a bug in model reasoning. Authorization must live at infrastructure level: per-transaction caps, monthly ceilings, host-scoped policies, and time-bound validity windows enforced before a transaction ever reaches the rail. Google AP2 standardizes this primitive across the industry; FluxA's Intent-Pay implements it as a one-signature mandate covering an entire agent mission.
Layer 4: Rail and Settlement
Once identity, funds, and authorization are in place, the rail clears the transaction and settlement reconciles it. Two protocols define the current landscape: x402 for HTTP-native stablecoin payments, and AEP2 for high-frequency embedded agent commerce. Settlement reconciliation lives in the append-only metering log, described next.
Real-Time Metering and Settlement at Machine Speed
Effective AI monetization requires tracking every request at the moment of creation, not through batch reconciliation hours later. Three properties separate agent-grade metering from legacy billing systems.
Event-Level Capture at 15,000 Events Per Second
Leading platforms ingest usage events through webhook pipelines capable of 15,000 events per second, capturing per-token pricing, per-API-call billing, per-GPU-cycle tracking, and cost-plus-margin automation. The unit of measurement is the individual call, not the monthly invoice — the granularity that enables outcome-based and value-based pricing.
Cryptographic Logs and Sub-Second Settlement
Every usage record is cryptographically signed at creation and pushed to an append-only ledger. Retroactive billing changes become mathematically impossible, and disputed charges resolve against signed evidence rather than vendor-reported totals. FluxA records every agent call as a signed, hash-linked Task DAG — tying execution back to the original mandate.
Settlement speed matters because agent workflows do not pause. The x402 protocol achieves roughly 200ms confirmation on Base, compared to 2–3 day ACH that would stall an autonomous workflow indefinitely. For higher-frequency commerce, AEP2's deferred model returns the resource to the agent in milliseconds and batches the actual on-chain settlement minutes later via a single ZK proof.
Why Sub-Cent Economics Need Batched Settlement
Per-transaction on-chain settlement has a floor: even at $0.001 per call on Base, gas eventually overwhelms the payment value at sufficient frequency. AEP2's ZK batch settlement (Groth16/BN254 on EVM) verifies hundreds of mandates in a single on-chain transaction — proof once, pay many — making sub-cent settlement economically viable. The principle mirrors how rollups scale L2 execution, applied to the payment layer instead.
Pricing Models for the Agentic Economy
Monetizing AI agent interactions demands pricing flexibility that traditional billing systems lack. Most payment processors support only flat fees or usage tiers, but agents create value in multiple ways that require different commercial models. AgentCharge supports four production patterns.
Cost-Plus Pricing with Margin Locking
The simplest model meters actual consumption and adds a fixed margin. Base cost of $0.002 per 1,000 input tokens plus a 20% markup equals $0.0024 per 1,000 tokens. Margins lock onto each usage credit at creation, so platform revenue stays predictable even when underlying provider costs fluctuate.
Usage-Based Tiering
More sophisticated pricing combines a base subscription with consumption tiers: a free tier with 100 API calls per month, a Pro tier at $20/month plus $0.02 per 1,000 tokens beyond included quota, and an Enterprise tier with custom volume discounts.
Outcome-Based Models
The most advanced approach charges for results rather than resources consumed: $5 per scheduled meeting booked by a sales agent, 3% of order value processed by a procurement agent, or 10% of cost savings identified by an optimization agent. Outcome pricing aligns vendor revenue with customer success but requires tamper-proof attribution — exactly what cryptographic Task DAGs provide.
Credits-Based Pricing
Sub-cent transactions are operationally hostile to finance teams. Reconciling thousands of $0.003 charges against budget creates noise that obscures real spend patterns. Credit systems collapse this into trackable units: users prepay credits, agents draw them in real time, and finance gets clean recurring billing instead of an unreadable ledger of fractional cents.
| Agent type | Best-fit pricing | Why |
|---|---|---|
| Coding / writing assistant | Per-token (usage-based) | Cost scales linearly with output |
| Sales / scheduling agent | Outcome-based ($/meeting) | Value is the booking, not the effort |
| Procurement / trading agent | Value-based (% of order) | Vendor success tied to customer ROI |
| Research / data agent | Credits-based | Hundreds of sub-cent calls per task |
| General-purpose API consumer | Cost-plus | Predictable margin on pass-through |
The Protocol Stack: x402, AEP2, AP2, MCP, A2A
The agent commerce protocol landscape has consolidated around five complementary standards. Most production systems implement two or three; understanding what each does is the most consequential infrastructure decision teams make.
x402 — HTTP-Native Stablecoin Payments
x402 reactivates an HTTP status code that has sat unused for decades. The agent requests a resource, the server responds 402 Payment Required with a USDC quote, the agent pays on-chain and retries with proof. Full cycle in roughly 2 seconds, transaction costs as low as $0.001 on Base. The x402 Foundation joined the Linux Foundation in April 2026 for community-led governance.
AEP2 — Authorize First, Settle Later
AEP2 inverts x402's pay-first model with an authorize-first, settle-later architecture. The payer issues a signed mandate embedded directly in x402, A2A, or MCP calls; the payee verifies off-chain and delivers service instantly; mandates batch-settle via a single ZK proof covering hundreds of payments. AEP2 fits high-frequency commerce where per-call settlement becomes the bottleneck. See the AEP2 open spec for the full primitive set.
Google AP2 — The Mandate Framework
Google's Agent Payments Protocol (AP2) launched in September 2025 as a payment-agnostic mandate framework with 60+ partner organizations including PayPal, Mastercard, American Express, Coinbase, and Salesforce. It standardizes the mandate primitive across card rails, ACH, and stablecoin rails, letting agents present consistent authorization regardless of underlying payment method. AP2 was donated to the FIDO Alliance in April 2026 for community-led governance.
MCP — Discovery and Capability Advertising
Anthropic's Model Context Protocol (MCP) standardizes how agents discover and invoke tools. Combined with payment primitives, MCP servers can advertise capabilities, expose pricing, and accept payment mandates inline.
A2A — Agent-to-Agent Discovery
Google's A2A protocol governs how agents find each other and negotiate. Combined with AP2 mandates and x402 payment, A2A completes the missing link for autonomous agent-to-agent commerce: a procurement agent can discover a supplier agent, negotiate terms, sign a mandate, and settle payment without any human in the loop.
| Protocol | Layer | Primary purpose | Settlement model |
|---|---|---|---|
| x402 | Rail | HTTP-native USDC payment | Per-call on-chain |
| AEP2 | Rail + settlement | Embedded mandates, ZK batch settle | Authorize-first, batched |
| AP2 | Authorization | Payment-agnostic mandate framework | Rail-neutral |
| MCP | Discovery + capability | Tool advertising and invocation | N/A (delegated) |
| A2A | Discovery + negotiation | Agent-to-agent connection | N/A (delegated) |
For most setups, x402 is the right starting rail and AP2 the right authorization framework. AEP2 becomes the right choice when transaction frequency creates settlement bottlenecks.
Security, Risk Control, and Compliance
As autonomous agents handle real money, security and regulatory compliance shift from "nice to have" to table stakes. Three control surfaces matter.
Ternary Risk Model: Human, Agent, Merchant
Traditional payment risk is binary: user versus merchant. Agent commerce introduces a third party that acts but does not own the funds. FluxA's risk engine closes the gap mandates alone cannot, with four controls:
- Agent Identity Graph: each agent carries a composite identity — people, devices, addresses, historical reputation, merchants — governed by KYA, making execution subjects traceable.
- Intent Mandate Semantic Layer: natural language authorization is converted into a minimum permission constraint set (time, budget, frequency, merchant scope) the system can verify against.
- Model Drift Detection: real-time detection of prompt injection and behavioral anomalies feeds a progressive risk engine that escalates verification without blocking legitimate transactions.
- Task-Chain Enforcement: every API and skill call is recorded as a signed, hash-linked Task DAG, tying execution back to the original mandate and producing non-repudiable evidence for disputes.
AI-Specific Fraud Vectors
Autonomous agents create attack surfaces that did not exist in human commerce:
- Prompt injection: malicious input tricks an agent into spending outside its mandate
- Model drift: changes in upstream model behavior produce unexpected spending patterns
- Goal hijacking: a compromised tool call redirects payment to an attacker-controlled address
- Mandate replay: a captured signed mandate is reused beyond its intended scope
Effective defenses combine cryptographic mandate verification at every spend, spending-velocity monitoring, automated circuit breakers that halt suspicious activity in real time, and revocable authorization that can be withdrawn instantly without rotating credentials across every integrated service.
Compliance Requirements
Enterprise deployments must satisfy overlapping regulatory regimes:
- PCI DSS for card processing in the path, handled via partners like Visa Intelligent Commerce and Mastercard Agent Pay
- SOC 2 Type II for security controls covering availability, confidentiality, and processing integrity
- GDPR Article 5(1)(f) integrity guarantees, satisfied by append-only cryptographic logs
- EU AI Act traceability requirements for high-risk AI systems — signed usage records satisfy this for payment authorization
- AML / KYC / KYB for the human and business behind each agent
- KYA (Know Your Agent), the emerging additional layer specific to autonomous systems
The combination produces line-by-line verifiable reconciliation: auditors, finance teams, and users can independently confirm that billed amounts match actual usage, with cryptographic proof at every step.
How to Become Agent-Payable in 20 Minutes
The agent payment conversation usually focuses on the buyer side: how does an agent pay? The harder problem for most businesses is the merchant side: how does your existing API, MCP server, or content product become findable and payable by an agent that has no account, no card, and no human operator?
The Three-Primitive Checklist
For an agent to discover and transact with your service autonomously, three things must be in place:
- Discovery: a machine-readable manifest, typically
skill.md, advertising capabilities and pricing - Pricing: an endpoint that returns HTTP 402 with a quote, instead of 401 Unauthorized
- Settlement: a payment rail that accepts machine-signed mandates and settles in stablecoins without erosion from per-transaction fees
Before and After
The change is concrete. Before: GET /pricing returns HTML, GET /skill.md returns 404, POST /api/checkout returns 401 requiring a human session. After: GET /skill.md returns 200 with capabilities and price, POST /api/query returns 402 with a USDC quote, and the retry with an attached mandate returns 200 with the resource served and settled. Discoverable, priceable, paid in one round trip.
SDK Integration in Three Steps
FluxA Monetize reduces the merchant-side integration to under 20 minutes. Step one — create a payment link:
curl -X POST <https://walletapi.fluxapay.xyz/api/payment-links> \\
-H "Content-Type: application/json" \\
-H "Authorization: Bearer $AGENT_JWT" \\
-d '{
"amount": "1500000",
"currency": "USDC",
"network": "base",
"description": "Premium Research Report — AI Market Trends Q1",
"maxUses": 50
}'
Step two — expose an x402 endpoint that returns a quote on unauthorized requests:
app.post('/api/query', async (req, res) => {
const mandate = req.headers['x-fluxa-mandate'];
if (!mandate) {
return res.status(402).json({
scheme: "exact",
network: "base",
amount: "2000",
currency: "USDC",
payTo: process.env.FLUXA_PAYOUT_ADDRESS
});
}
const verified = await fluxa.mandates.verify(mandate);
if (!verified) return res.status(401).end();
return res.json(await runQuery(req.body));
});
Step three — publish a skill.md manifest at your domain root so agents can discover and index your service. Total time from install to first metered transaction: under 20 minutes.
Migration from Stripe and Existing Billing
Most teams do not start from zero — they already have Stripe, Adyen, or a custom billing stack. The recommended pattern is parallel-run: keep existing human-checkout flows on Stripe for consumer subscriptions, layer FluxA on top for agent-initiated traffic, and shift workloads gradually as agent volume grows. AgentCard issues single-use virtual cards that settle through any card processor your merchants already accept, so the merchant side doesn't need to change at all.
Customer Segments: Choosing the Right Setup
AI agent payment infrastructure serves four distinct segments, each with different priorities.
Solo developers need plug-and-play setups with free tiers, single-API integration, and self-service onboarding. The path: install the FluxA SDK, register an agent, set a $50 monthly cap, ship.
AI startups prioritize speed-to-market with sub-20-minute integration, flexible pricing experiments, and headroom to scale. The pattern: A/B test cost-plus vs outcome-based pricing, layer Intent-Pay mandates as agent autonomy grows, adopt AEP2 batch settlement when transaction frequency justifies it.
Enterprise AI platforms require SOC 2 Type II, multi-currency support, contract-to-cash automation, audit-ready reconciliation, and dedicated support. Deployment includes KYA enrollment for every agent, EU AI Act traceability via Task DAG logs, host-scoped mandate policies aligned to procurement rules.
Publishers and API providers — the receive-side segment — is often overlooked but represents the larger market opportunity. The priority is making existing content and APIs discoverable and payable by agents without rebuilding billing infrastructure.
Best Practices for Implementation Success
Successful AI payment integration requires strategic planning beyond technical implementation. Four patterns separate teams that scale from teams that stall.
Start with a Single Mandate Scope
Before deploying autonomous agents, define the narrowest possible mandate that lets the agent complete its primary task. A research agent does not need access to e-commerce checkout. A coding agent does not need procurement permissions. Tight initial scopes make later expansion an explicit decision, not a side effect — and reduce the blast radius if the agent or its prompts get compromised.
Layer Compliance Early, Not at Audit Time
Teams that bolt compliance on after launch spend 3–5x longer than teams that build it in from day one. Enable append-only logs at first commit, enroll in KYA before production traffic, and treat EU AI Act traceability as a default — not a feature flag. Cryptographic evidence chains are cheap to generate at write time and effectively impossible to reconstruct retroactively.
Match Pricing to Agent Type, Not Vendor Preference
The most common monetization mistake is forcing one pricing model on every agent. A coding assistant priced per-outcome misaligns with how customers consume it; a sales agent priced per-token leaves outcome value on the table. Use the agent-type-to-pricing table earlier in this guide as a starting point, and iterate based on actual usage data after first month.
Plan for Scale Before You Need It
AI agent adoption accelerates non-linearly. A product handling 10,000 daily transactions can hit 1 million within a quarter once an integration with a major platform lands. Design payment systems with webhook buffering for traffic spikes, asynchronous metering to prevent API blocking, and batched settlement paths (AEP2) available before the per-call (x402) ceiling is reached. Architecture changes under load are expensive; planning ahead is not.
Real-World Production Deployments
Theory matters less than what works in production. Two deployment patterns illustrate the architecture under real load.
ClawPi — Social Commerce Among Agents
ClawPi demonstrates agent-to-agent value transfer in a consumer-facing context: a social gifting circle where users' OpenClaw agents send USDC rewards to one another based on social activity. The deployment showcases ternary-risk-model controls (user, agent, merchant) in a setting with high transaction frequency and low per-transaction value — exactly where AEP2's batch settlement model earns its keep.
Partner Ecosystem
Integrations span the agent infrastructure stack: Coinbase for x402 protocol alignment and USDC rails; Cloudflare for edge-deployed agent payment endpoints; Ant Group for Asia-Pacific payment infrastructure; Privy for embedded wallet experiences; MoonPay for fiat-to-stablecoin on-ramps; Qwen for LLM-side integration; Pharos for high-throughput L2 settlement. The breadth matters because no single vendor owns the full stack — interoperability is a feature, not an aspiration.
Why FluxA Leads AI Agent Payment Infrastructure
The platform combines four production-ready products built on the open AEP2 protocol with ZK batch settlement that makes sub-cent transactions economically viable:
- FluxA AI Wallet: a co-wallet with Intent-Pay mandates — users retain custody while agents transact within signed budgets
- AgentCard: single-use virtual cards that auto-return unused balance, for merchants that only accept cards
- AgentCharge: three ways to get paid by agents in USDC, supporting usage / outcome / value / credits pricing
- FluxA Monetize: turns any API, MCP server, CLI, or skill into an agent-payable endpoint with one deploy
More than 84,000 AI agents have created FluxA wallets, processing over 200,000 payment requests per month. Production users include Reforge VC's Ava autonomous research agent and OpenClaw's ClawPi social gifting circle. FluxA's protocol-first architecture supports x402 natively, embeds payment mandates in MCP and A2A calls, and exposes modular roles for wallet, settlement, KYC, and dispute — so teams are not locked into any single vendor. The documentation includes LLM-friendly structure for AI coding assistants, with integration in minutes via a one-line install referencing the public skill.md.
For teams serious about giving AI agents real financial agency — or about getting paid by them — FluxA provides the payment rails purpose-built for the agentic economy.
Frequently Asked Questions
How are AI agent payment systems different from Stripe?
AI agent payment systems differ from Stripe in three structural ways: agents authenticate via cryptographic identity instead of human KYC, authorize spending through signed mandates instead of per-purchase confirmation, and settle in sub-cent stablecoins instead of $0.10-$0.30 card fees. Stripe was built for human checkout; agent-native platforms are built for machine commerce running at 15,000 events per second. Most production teams use both: Stripe for consumer subscriptions, FluxA for agent-initiated micropayments and agent-to-agent transactions.
What is the difference between x402, AEP2, and AP2?
The three protocols operate at different layers of the agent payment stack. x402 is an HTTP payment rail where agents pay per-call in USDC on-chain, completing in roughly 2 seconds. AEP2 inverts x402 with authorize-first, settle-later: signed mandates ship the resource instantly and batch-settle via ZK proof, making sub-cent commerce viable. AP2 is Google's payment-agnostic mandate framework standardizing authorization across card, ACH, and stablecoin rails. Most production stacks combine all three: AP2 for authorization, x402 for occasional API access, AEP2 for high-frequency micropayments.
What stops an AI agent from spending too much?
Spending limits are enforced cryptographically at the wallet layer, not in application code an agent could bypass. Users define spending envelopes—per-transaction caps, daily and monthly ceilings, host-scoped allow-lists, time-bound validity windows—that the wallet checks before any transaction reaches the payment rail. Intent-Pay mandates further restrict spending to a specific mission and purpose. Hard caps plus revocable authorization mean a compromised agent's exposure is bounded by infrastructure, not by trust in the model.
How long does integration take?
Typical merchant-side integration takes under 20 minutes: install the SDK, register a payment plan, deploy a skill.md manifest at your domain root, and expose a 402 endpoint that returns a USDC quote. Buyer-side integration—giving an agent a wallet—is similarly fast: install the FluxA MCP server, authorize a mandate, and the agent can pay anywhere x402 or AEP2 is accepted. Full enterprise rollouts with KYA, EU AI Act traceability, and dedicated support take weeks, not months.
Can I migrate from Stripe to FluxA without disrupting customers?
Yes—through a parallel-run migration that keeps customer payment methods untouched. Keep existing Stripe subscriptions running for human-initiated traffic, layer FluxA on top for agent-initiated traffic, and shift workloads gradually as agent volume grows. FluxA AgentCard issues single-use virtual cards that settle through any card processor your merchants already accept, so the merchant side requires zero changes. Most teams complete migration in cohorts over 4-8 weeks without any customer-facing disruption.
Do I need blockchain expertise to accept agent payments?
No—modern agent payment platforms abstract blockchain complexity entirely. Facilitator services handle wallet creation, transaction signing, and gas fees transparently behind a standard HTTP API. SDK integration resembles traditional payment processing: the developer never touches a private key, makes standard REST calls, and signs messages with familiar libraries. The blockchain runs underneath as a settlement layer, but the integration surface looks identical to Stripe. Teams typically ship their first metered transaction in under 20 minutes without writing any on-chain code.
What compliance standards does FluxA support?
FluxA covers the full enterprise compliance stack: SOC 2 Type II for security controls, PCI DSS handling via card-processor partners, GDPR Article 5(1)(f) integrity through cryptographic append-only logs, EU AI Act traceability via Task DAG records, and standard AML/KYC/KYB workflows. On top of these, KYA (Know Your Agent) extends KYC with agent-specific identity attributes: the entity that deployed the agent, host devices, controlled wallet addresses, transaction history, and accumulated reputation across services.