Contains the user's instructions & authorization for payment
While the Cart and Intent mandates are required by the merchant to fulfill the order, separately the protocol provides additional visibility into the agentic transaction to the payments ecosystem. For this purpose, the PaymentMandate (bound to Cart/Intent mandate but containing separate information) may be shared with the network/issuer along with the standard transaction authorization messages. The goal of the PaymentMandate is to help the network/issuer build trust into the agentic transaction.
The data contents of the payment mandate
user_authorization: string
This is a base64_url-encoded verifiable presentation of a verifiable credential signing over the cart_mandate and payment_mandate_hashes. For example an sd-jwt-vc would contain:
- An issuer-signed jwt authorizing a 'cnf' claim
- A key-binding jwt with the claims "aud": ... "nonce": ... "sd_hash": hash of the issuer-signed jwt "transaction_data": an array containing the secure hashes of CartMandate and PaymentMandateContents.