Stripe Sessions 2026: The Year the Bot Became the Customer
In May 2026 I made the trip back to San Francisco for Stripe Sessions.
Last year was my first time at the US event, and I came home with a fairly comprehensive review, along with a renewed appreciation for just how enthusiastically San Francisco believes in hills. This year I was marginally better prepared. Running shoes packed, lungs braced for the hills, and Stripe Advocate badge in tow, after being part of the inaugural cohort last year.
Stripe describes Sessions as its "internet economy conference", rather than a conference just about Stripe. There are, of course, plenty of Stripe product launches. That is very much part of the deal. But the more interesting thing this year was the shape of the conversations around them.
The big recurring theme was agentic commerce: what happens when the customer is no longer necessarily a person clicking around your website, but a piece of software acting on their behalf?
That sounds like the sort of thing that can live safely in conference-keynote-land for a while, but a lot of the Sessions conversations made it feel much closer than that. Product data, fraud signals, pricing models, stablecoin payments, API design - all the boring practical bits of commerce start to look different when the buyer might be an agent rather than a browser session.
The Bot Is the Customer Now
For most of the last twenty years, a lot of fraud and checkout tooling has worked from a reasonably simple mental model.
A normal customer browses. They look at a few products. They hesitate. They click around. They eventually buy.
A suspicious customer arrives directly at checkout, moves too quickly, offers very little useful behavioural signal, and may be coming from somewhere that looks suspiciously unlike a person on a phone.
This is the model that most anti-fraud systems have been built on, including Stripe's own Radar product. But these assumptions are changing quickly as agentic commerce gathers pace.
One of the recurring examples at Sessions was the concierge-style shopping prompt. Not just "find me this jacket", but something more like: "Get me a full outfit for hiking in France in July, within this budget."
A human can muddle through that kind of task. We can read between the lines of a product page. We can infer whether two things will work together. We can make a judgement call on whether the returns policy feels reasonable. We can decide that the model in the photo looks cold, or the fabric looks itchy, or the description was clearly written by someone who has never been within 500 metres of a mountain.
An agent needs the same information, but in a form it can actually use. Sizes, materials, availability, compatibility, delivery windows, returns, trust signals, pricing rules. All the messy stuff that humans compensate for without really noticing.
That makes accurate product data much more important. Without strong data to ingest and understand, it's increasingly likely that there's a new class of robotic customer who may not understand what you sell. And, as anyone who has ever worked near an ecommerce catalogue knows, product data is one of those areas that feels like it should be simple, but quickly enters a fractal of complexity. It's a big challenge, and getting bigger as shopping moves from humans who can reason from loose descriptions to agents who won't bother.
Universal Commerce Protocol
This is where the Universal Commerce Protocol comes in.
UCP is an attempt to standardise how agents and merchants communicate. If agents are going to shop on our behalf, they need a reliable way to understand what a merchant sells, what it costs, how it can be bought, and what rules apply around the transaction.
The comparison that kept coming to mind was early SEO. There was a period where clean structured data was a real advantage. Then it became something closer to basic hygiene. UCP feels like it could follow a similar path.
Today, having product and policy data exposed cleanly for agents feels a little experimental. Soon enough, it may just be one of those things merchants are expected to have sorted.
Which, naturally, means a lot of merchants will discover they have not sorted it at all.
Microtransactions With a Point
One of the more interesting demos was a code review tool that charged based on tokens consumed. Each token cost a tiny amount, only fractions of a cent. It sounds like a niche demo until you think about the economics of AI products.
If you are building software that uses AI heavily under the hood, inference is not an abstract cost. It is a live operating cost. Every prompt, every completion, every background task that asks a model to do something has a price attached to it.
We have all seen the screenshots where someone convinces a fast-food chatbot to stop taking orders and write a React app instead. Very funny on Twitter, but significantly less funny if you are paying for the tokens. Flat subscriptions work beautifully until usage becomes unpredictable. If one customer quietly uses the product at a normal level and another turns it into a small-scale model abuse laboratory, the economics can get ugly quickly.
Charging based on actual usage is the obvious answer. The problem is that traditional payment rails were not built for fractions of a cent. Card fees make true microtransactions more or less impossible.
This is where stablecoins became one of the more practical conversations of the week. Not as a grand philosophical argument about crypto, but more like plumbing. If software agents are going to hold wallets, make purchases, and pay tiny amounts based on real-time usage, then stablecoins start to look less like a speculative side quest and more like useful infrastructure.
I still have the usual healthy level of cynicism about anything that arrives wearing a crypto badge. But this was one of the first times the practical use case felt a lot more, well, practical.
The View From Dublin
The contrast between Dublin and San Francisco is hard to miss.
At home, the bus shelters near me are usually advertising phone plans, supermarket offers, or whatever film is opening this weekend. In San Francisco, every second billboard seems to be for an agentic AI startup, a new payment rail, or a payroll business set to change the world. A lot of this is hype, and the nature of San Francisco in general. But behind some of the starry-eyed optimism, real things are being built, justifying some of the hype.
The part that feels more important is that the US is actively wiring up the commercial infrastructure for this stuff. Agent wallets, stablecoin payments, usage-based billing, new checkout patterns, fraud models for machine-led transactions. These are moving from conference-stage talking points into live products. From a European perspective, that should make us a little uncomfortable.
Europe is very good at regulatory frameworks, and often for good reason. Consumer protection matters. Financial stability matters. Clear rules matter. MiCA is an obvious recent example of Europe trying to create clarity around crypto assets.
But there is a difference between regulating carefully and moving so slowly that the next generation of infrastructure gets built somewhere else, with someone else's assumptions baked in from the start.
I wrote about this in more depth over on Silicon Republic, but the short version is: Europe does not need to copy the US approach. It does need to avoid watching the whole thing from the sidelines and then writing a very thoughtful PDF about it five years later.
Fraud Gets Weird
If the bot is the customer, fraud tooling has a problem.
Historically, bot-like behaviour was suspicious by default. Direct to checkout. No browsing. Fast transaction. Data-centre IP. Little or no behavioural history. All of these were useful signals.
In an agent-led transaction, a perfectly legitimate purchase might look exactly like that. That creates a fairly unpleasant tension. Block the good agents and you lose real revenue. Let the bad ones through and you open the door to a very scalable form of abuse.
This was one of the more interesting parts of Sessions because the tone was not especially triumphalist. There was plenty of confidence, obviously. Stripe is Stripe. But there was also a refreshing amount of "this is difficult and nobody has completely solved it yet."
Fraudsters can use AI to generate attacks, test weaknesses and scale patterns that would previously have required a lot more manual effort. Tools like Radar are using AI in the other direction, trying to detect and respond to those patterns.
The awkward questions are not just technical. How do you authenticate intent when a user has delegated the decision to an agent? Who is responsible when that agent makes a poor choice? What does consent look like when software is making thousands of small decisions on your behalf?
These are not abstract questions if you operate on tight margins. The same automation that makes buying easier also makes abuse cheaper to attempt. That is usually where the trouble starts, in particular with "trial abuse". It's going to be a fascinating area to watch as new norms form in the coming months.
Beautiful APIs Become Strategic
Between sessions in the main hall, there was a live string quartet playing pop covers. It is a tiny detail, and will not likely appear in anyone's ROI calculation. Nobody is going to attribute pipeline to "tasteful string arrangement of pop song near sponsor booth." But somebody decided the room should be a nicer place to be, and Stripe committed to the bit.
That same idea, the hidden utility of caring about how things feel, came up during Patrick Collison's interview with Sam Altman. Altman made the point that Stripe has cared to an almost unreasonable degree about the beauty and design of its APIs for years. That originally mattered because developers are human beings, despite some evidence to the contrary, and humans prefer tools that are clear, coherent and pleasant to use. The interesting twist is that those same qualities may matter even more when software is doing the choosing.
Agents benefit from the same things developers do: clear APIs, predictable behaviour, coherent abstractions, sensible defaults, good documentation. Stripe spent years making itself easier for developers to choose. That work looks very well timed now that more of the choosing may be done by software.
This is not the flashiest AI point, but it may be one of the more durable ones - the "boring" craft work compounds.
So we can chalk that up as a win for the people who told us to write better documentation all along!
The Guy With The Guitar
During the Sam Altman interview there was a fairly surreal interruption.
A protester with a guitar walked down the aisle, singing that music and art should be made by humans, not machines. The acoustics in the Moscone Center are good enough that, for the first few seconds, a lot of the room - myself included - seemed unsure whether this was part of the show.
It was not part of the show.
He was escorted away, but he ended up getting a few callbacks throughout the rest of the conference. John Collison later joked, during an AI demo that was taking a while to load, that a slow AI demo could really have used a guy with a guitar to keep people entertained. He also lead to more stringent security requirements the next day, and some no-doubt-unpleasant conversations with the Moscone security folks.
It was funny, but also a useful reminder. AI is not just colliding with checkout flows and fraud models. It is colliding with culture, work, identity, art, and a lot of things people feel very strongly about.
That is probably healthy. If a technology is important enough to reshape industries, then we should be having a conversation about the broader impacts before it's too late (guitar accompaniment optional)
Partner Track
One of the things Stripe continues to do very well is its partner ecosystem.
As long-standing Stripe partners at Square1, there was a full slate of partner events around Sessions. Some of the most useful conversations at conferences happen in those less formal settings, swapping implementation stories with people who are seeing similar problems from slightly different angles.
It was also great to catch up with the rest of the Stripe Advocates cohort. Being part of the first group last year was a real honour, and it has been interesting to see the programme develop.
The access to product teams, the quality of the conversations, and the trust built across the group are genuinely useful in the day-to-day work we do with clients. There is only so much you can learn from docs and changelogs. Sometimes the useful bit is hearing how the edges of the product are being thought about before they become the next public release.
This paired really well with an event for what Stripe call the "Stripe Insiders" - developers building interesting things on Stripe. Stripe have an awesome devrel team, who do a great job of getting people excited for new feature releases, and clearing up how we can best use what already exists. Getting a large group like this together in a casual setting over food and drinks was a great way to share common pain points and interesting solutions with developers from around the world.
Downtime, Round Two
Last year I wrote about my father's approach to international travel:
"How was Istanbul?"
"Well, the airport was fine."
I remain determined not to fully inherit this trait, though biology may yet win.
So I tried to see a bit of San Francisco again this year. A couple of early-morning runs along the Embarcadero. One longer run out to the Golden Gate Bridge. A better mental map of the city than I had the first time around. The hills, I can confirm, have not become any flatter.
The Waymos are still everywhere. As a visitor, watching autonomous cars roll up and down San Francisco hills still feels faintly futuristic. For locals, they are mostly just traffic.
That came up during Sessions too. Local panellists talked about Waymos as fairly normal, slightly old news. Visitors were still craning their necks to photograph them.
It is a neat example of the hedonic treadmill in action. The future arrives. Everyone takes a picture. Then, quite quickly, it becomes a thing blocking the junction.
A Small Detour
One of the nicer surprises of the trip had nothing to do with Stripe at all.
On the flight over I got talking to the man beside me, Don Mullan, and ended up having one of those odd, brilliant travel conversations you could never really plan. He was involved in work that helped lead to the Bloody Sunday Inquiry, had fascinating stories about Pelé and Gordon Banks, had worked with Nokia on early mobile-phone photography, collected astronaut autographs, and was now thinking about an Assisi Path linking San Francisco, Los Angeles and Santa Clara back to Francis and Clare of Assisi.
It was one of those conversations that starts with a polite nod and somehow ends up on a tour of different industries and historical events spanning half a century.
I mention it mostly because it was a nice counterweight to the rest of the week. Sessions was full of talk about agents, automation and software doing more on our behalf. Then, before I had even landed, the best bit of the journey was still the most old-fashioned thing possible: talking to the person in the next seat.
Unevenly Distributed
Agentic commerce feels a bit like those driverless cars at the moment. William Gibson's line about the future already being here, just not evenly distributed, is overused for a reason. It fits pretty well here.
For a lot of businesses, agent-led buying still feels theoretical. For others, it is already happening. Software is discovering products, comparing options, triggering payments, generating usage, and creating a new set of risks around fraud, consent and pricing.
The practical work is not especially glamorous. Clean up product data. Make pricing models match usage. Expose policies in ways machines can understand. Revisit fraud rules that assume bots are always bad. Think through what happens when your next customer is an API call rather than a person with a browser.
That is not quite as catchy as "the future of commerce", but it is probably where most of the work is.
The businesses that start now will be in a much better position when agentic commerce stops sounding like a conference theme and starts showing up in support tickets.
And based on the conversations at Stripe Sessions this year, that may be sooner than feels comfortable.
Already looking forward to next year!
