~ Mohan Sankaran.
From rules to reasoning
Risk engines used to feel like spreadsheets with electricity: if-this-then-that, a forest of thresholds, and a few models glued on at the end. Useful, but brittle. Agentic transactions flip the flow. Instead of pushing data through a fixed pipeline, a decision agent pulls in just enough context-device posture, merchant type, behavioral cues, past disputes-to plan the next move. It’s not replacing risk models; it’s orchestrating them. The question changes from “What’s the score?” to “What should we do, here and now, for this customer and this payment?”
From context to decisions
Payments happen inside moments. A tap at a familiar terminal on a usual morning is different from a midnight keyed entry after a SIM swap. The agent gathers live context: integrity verdicts from the device, recent velocity across instruments, geovelocity, merchant reputation, step-up fatigue, and even terminal health if it’s an in-person flow. Context isn’t a pile of features; it’s a narrative. The agent turns that narrative into a plan: approve silently, add light friction, delay settlement, or route to review-always with a time budget measured in milliseconds.
From model to agent
Under the hood, the agent is a constrained LLM with tools, not a free-roaming chatbot. It calls a calibrated fraud model, a rules service, a merchant graph, and a policy engine; it never invents data and never writes to systems directly. Think of it as a conductor: the strings are probability models, the brass are deterministic rules, percussion is the history store, and the agent keeps time. Guardrails live outside the model-allow/deny lists, query cost limits, PII redaction, and a sandbox that turns every external call into a declarative “ask,” not an imperative “do.” The model plans; signed services act.
From black box to evidence
Reasoning without evidence is just theatre. Each decision produces a compact, structured “decision card”: inputs used (hashed where needed), tools called, intermediate scores, policy checks, and the final action with confidence. Cards are signed, versioned, and attached to the transaction record. Investigators get a human-readable rationale; auditors get a cryptographic trail; users get a plain-language explanation when friction appears. Black box becomes glass box without exposing secrets.
From cloud to edge
Latency is a feature. Keep the fast path on device whenever possible: local integrity checks, cached merchant policy, lightweight behavior signals, and a tiny risk model for quick passes. The heavier agentic plan runs in the cloud with strict timeouts and a budget for tool calls. If the budget expires, the client follows a safe fallback-approve low-risk with post-auth monitoring, or step up for anomalies. Edge and cloud don’t compete; they collaborate. The device protects the moment; the platform protects the system.
From uncertainty to choreography
Uncertainty is normal. When confidence sits in the grey zone, the agent choreographs next steps: swap a high-cost tool for a cheaper one, request a short biometric, or re-score after a second or two of additional signals. Temperature stays near zero for deterministic plans; sampling opens just enough to explore alternates in shadow. If prompts drift or inputs look adversarial, the sandbox snaps shut and the plan reverts to deterministic policy. The system fails safe, not clever.
From experiments to operations
Agentic decisions need production discipline. Roll out in shadow mode first: compute actions, take none, collect deltas. Then canary behind a feature flag by region and device tier. Track the only metrics that matter: false-positive friction, fraud catch rate, time-to-approve, and user recovery after a step-up. Pair those with platform SLOs-p95 agent latency, tool error budgets, and budget overruns. Every model, prompt, policy, and tool contract is versioned so yesterday’s choice can be reproduced tomorrow.
From privacy posture to privacy design
Risk loves data; trust loves restraint. The agent sees signals, not identities. Pseudonymize account references, clamp precision on location, and prefer derived features (variance, smoothness, frequency) over raw streams. When learning from outcomes, update models-not logs. If field learning is needed, use aggregation and retention windows you can explain to a regulator without sweating.
From novelty to normal
The value of agentic transactions isn’t theatrics-it’s calm. Approvals feel instant because the right work happened in the right place. Step-ups feel fair because the system can say why. Disputes resolve faster because every decision comes with a receipt of its own reasoning. Over time, the agent becomes less a feature and more the habit of the platform: plan, prove, act, learn.
Do that well and the cleverness disappears. The customer taps; the merchant smiles; the payment goes through. Behind the scenes, a quiet conversation among models, policies, and proofs keeps risk low and confidence high-exactly what payments should feel like.
Leave a Reply