Starting in 2026, PayPal users will be able to pay directly within ChatGPT.
The feature relies on OpenAI’s new Agentic Commerce Protocol. The framework lets merchants make their products available within AI apps. This allows users to make purchases through AI agents. This is coming after OpenAI launched their “Instant Checkout” feature, which lets users confirm their order and payment details without leaving ChatGPT.
It’s being pitched as the next evolution of online shopping. A streamlined, AI-powered checkout where you can find a product, confirm your details, and pay for it. All without ever leaving the chat window.
Sure it’s convenient, but that’s also the problem.
The illusion of convenience
Linking an AI chatbot to your financial accounts is a privacy nightmare in disguise. You’re essentially giving two massive companies, OpenAI and PayPal, access to your personal and financial life.
Every purchase made inside ChatGPT involves at least two major data handlers. Payment details, shipping information, and even your conversational history might be stored, analyzed, or cross-referenced to “improve the service.” What that means is that your data becomes another source of user profiling and monetization.
Here’s the unfortunate truth. Users don’t know exactly how much data either company collects. We don’t know how it’s shared, or how long it’s kept. Agentic commerce is so new that even experts are unclear about how multiple companies will handle all that data.
When integration = exposure
When AI and payment systems merge, the definition of “user data” expands.
Imagine asking ChatGPT for “affordable skincare for sensitive skin.” The system logs that query, recommends a few brands, and processes your order through PayPal.
What you’ve actually done is create a rich dataset that ties your preferences and spending habits directly to your identity. Over time, those patterns form a detailed user profile. The kind of information advertisers and third-party brokers love.
The risk isn’t hypothetical. AI platforms already retain portions of user interactions for “training” and “improvement.” Now, those interactions could be tied to real financial transactions. PayPal will have insight into what you want, what you buy, or even how you think.
Who’s really in control?
The premise of agentic commerce relies on trust. You’re expected to trust the AI to understand your requests, choose the right product, and handle your payment safely. Remember that AI agents are fallible. They misinterpret prompts, make biased recommendations, or accidentally select the wrong item.
When that happens, who’s responsible? PayPal? OpenAI? The merchant? The system is built on layers of automation that make accountability murky. If something goes wrong, like an unauthorized charge or data breach, you’ll be dealing with two corporations pointing fingers at each other.
What users should take away
With PayPal’s ChatGPT integration, you’re offering these companies a look into your preferences, spending behavior, and personal interactions.
Convenience is the bait. Data is the catch.
Before you let ChatGPT handle your next purchase, ask yourself if the trade-off is worth it. Once your payment information, shopping history, and conversation data is shared between two companies, there’s no easy way to separate them again.
