UCP Eligibility Claims: Enabling Verified Discounts for AI Agents

Google's Universal Commerce Protocol is proposing PR #250, introducing eligibility claims and verification contracts. This enables AI agents to prove customer eligibility for restricted discounts—student pricing, employee programs, membership benefits—without exposing underlying identity data.

About the Author

Ilya Grigorik is a Principal Engineer at Google leading the UCP specification effort. Previously at Shopify and author of "High Performance Browser Networking," he brings deep expertise in protocol design and web performance.

The Problem

Many commerce discounts are eligibility-gated:

Student discounts (10-20% off, require .edu verification)
Employee purchase programs (corporate pricing)
Membership tiers (Prime, Costco, loyalty programs)
Geographic restrictions (regional pricing, export controls)

Human shoppers handle this by logging in, uploading IDs, or showing membership cards. AI agents acting on behalf of users need a protocol-native way to make these claims.

The naive approach—passing raw credentials—is a privacy nightmare. UCP's eligibility claims solve this with cryptographic verification.

What's Proposed

            Key Concepts:
            Eligibility Claim: A signed assertion that a user qualifies for a specific benefit
Verification Contract: The merchant's specification of what claims they accept and how to verify them
Claim Issuer: Trusted third party that vouches for eligibility (e.g., SheerID, ID.me)

        

The flow works like this:

Agent discovers a discount requiring eligibility verification
Merchant's verification contract specifies accepted claim issuers
Agent requests claim from an accepted issuer (one-time or cached)
Agent presents claim with discount application
Merchant verifies claim signature and applies discount

Technical Design

Claims use a JWT-like structure with selective disclosure:

{
  "iss": "https://sheerid.com",
  "sub": "user_hash_12345",
  "claim_type": "student_status",
  "claim_value": "verified_active",
  "institution_hash": "a1b2c3...",  // Optional: hashed institution
  "exp": 1741824000,
  "sig": "..."
}

The user's actual identity (name, school, email) never touches the merchant. They receive only: (1) that a trusted issuer verified eligibility, and (2) a pseudonymous identifier for fraud prevention.

Why This Matters

Eligibility verification is one of the last barriers to full agent autonomy in commerce. Currently, AI agents either:

Skip eligibility-gated discounts entirely (user loses money)
Require human intervention at checkout (breaks automation)
Store raw credentials (security risk)

With eligibility claims, an agent can negotiate the best available price including restricted discounts—all while preserving user privacy.

This also opens new business models. Verification providers like SheerID can become claim issuers in the UCP ecosystem, earning fees for eligibility verification across AI commerce transactions.

Next Steps

PR #250 has TC Review status, indicating it's on track for inclusion. Watch for:

Integration with the recently-merged discount capability (analysis)
Reference implementations with major verification providers
Privacy impact assessments from the broader community

This capability, combined with discount cart persistence and catalog search, moves UCP significantly closer to feature parity with human shopping experiences.

View PR #250 → Back to Repo Pulse →