Secure Confirmation Flow and User Consent Evidence

In agentic commerce, the user never directly interacts with your checkout. This creates unique challenges around proving consent. Here's how to implement a confirmation flow that's both user-friendly and legally defensible.

The Confirmation Flow Architecture

When an AI agent initiates a purchase, a confirmation request is created with a unique token. The user receives this token via email or in-app notification and must explicitly approve the transaction on a dedicated confirmation page.

What the Confirmation Page Must Show

• Exact product(s) being purchased with images and descriptions
• Total price breakdown (subtotal, shipping, taxes)
• Merchant name and contact information
• Delivery address and estimated arrival
• Clear 'Confirm' and 'Cancel' buttons
• Links to terms, privacy policy, and refund policy

Collecting Consent Evidence

Every confirmation must capture: timestamp (ISO 8601 with timezone), user's IP address, user agent string, confirmation token, explicit consent checkbox state, and a cryptographic hash of the displayed terms.

Data to Log for Each Transaction

• Request ID and correlation IDs across systems
• Agent identifier (which AI initiated the purchase)
• User identifier and authentication method
• Full request payload (products, quantities, prices at time of request)
• Confirmation page render timestamp
• User action timestamp (confirm/cancel/expire)
• Payment authorization response

Token Security

Confirmation tokens should be: cryptographically random (min 256 bits), single-use, time-limited (15-30 minutes typical), bound to specific transaction details, and invalidated on any modification attempt.

Handling Edge Cases

• Expired tokens - Show clear message, offer to restart flow
• Price changes - Invalidate token, require new confirmation
• Stock changes - Notify user before confirmation completes
• Multiple confirmation attempts - Accept first, reject duplicates