Banks built their rewards programs on browser extensions. Are they still relevant when the AI does the shopping?
The Extension Era Is Ending. The Strategy Behind It Is Not.
Over the past few years, several major issuers, banks, and rewards platforms arrived at the same product: a shopping browser extension.
Citi launched Citi Shop in January 2024, a free extension surfacing coupons and cashback across 5,000+ merchants. It runs on rails built by Wildfire Systems, a company Citi Ventures invested in back in 2022. RBC runs Avion Rewards ShopPlus on those same Wildfire rails, which also power programs at LendingClub and Acorns. Capital One built its own version by acquiring Wikibuy in 2018. PayPal paid $4 billion for Honey in 2020 to own the category outright.
The logic was sound. Citi's own research found that 35% of Americans say it takes too long to find coupons online, and 74% have abandoned a purchase because they could not find a deal. If the cardmember is going to hunt for savings anyway, be the one who hands them the savings. Earn the loyalty. Stay top-of-wallet.
The strategy was right.
The delivery mechanism is becoming the weak link.
How the extension model actually works
Strip away the branding and every one of these programs runs on the same plumbing: affiliate marketing attribution.
The extension sits in the browser and watches for merchant sites. You land on one. It surfaces an offer. You activate the offer, and the extension fires an affiliate tracking link, dropping a cookie that identifies the bank's program as the referral source. You check out on the merchant's site. The merchant's affiliate network reads the cookie, attributes the sale, and pays a commission. The bank splits that commission with you as cashback.
Every link in that chain assumes the same five things:
A human is doing the shopping
In a browser
That has an extension installed
Who clicks to activate an offer
And whose cookie survives to checkout
This is web-era attribution plumbing wrapped in a modern rewards product. Affiliate links, redirects, and cookies. It worked well enough for decades because all five assumptions held.
They are now breaking simultaneously.
The cracks were showing before AI arrived
Crack #1: The extension no longer maps cleanly to where commerce is moving to
Browser extensions began as a desktop artifact, and mobile support remains fragmented.
Citi Shop works on desktop browsers and iOS Safari. Citi states plainly that it is not available on Android. RBC's ShopPlus follows the same pattern, routing Android users to cash-back offers inside the Avion Rewards app instead. Capital One Shopping goes further with standalone iOS and Android apps.
Meanwhile, per Adobe Analytics, mobile accounted for 56.4% of all U.S. online sales in the 2025 holiday season, crossing 60% on Thanksgiving for the first time.
So the point is not that rewards programs do nothing on mobile. They do. But the workarounds concede the architectural problem. The extension is no longer an ambient layer that follows the shopper across every merchant site, every app, and every checkout context. The reward now attaches only when the shopper passes through a bank-controlled surface.
The in-app version is even more fragile than it looks. When an app opens a merchant site inside itself, that journey is often happening in a webview or embedded browser rather than the shopper's normal browser-extension environment. Cookies can be isolated to that app context, separate from Safari, Chrome, and other apps. Attribution survives only if the journey starts from a tracked link inside the rewards app and the purchase completes in that same controlled session. One detour, such as the shopper backgrounding the app or the merchant steering them into its own native app, and the trail goes cold.
Banks have quietly acknowledged this for years. It is why card-linked offers exist: programs that skip cookies entirely and attribute by matching the transaction itself on the card rails. Card-linked offers are the industry's own admission that attribution belongs on the transaction, not in the browser.
Crack #2: Last-click attribution rewards the wrong party
In December 2024, a tech investigator named MegaLag published a video alleging that Honey, PayPal's $4 billion extension, was replacing creators' affiliate tracking links with its own at checkout, exploiting last-click attribution to claim commissions on sales it did not originate. Because whoever drops the last cookie often wins, an extension that activates at the checkout page can override everyone upstream, even when it finds the shopper no coupon at all.
The fallout was swift. A consolidated action involving more than 25 similar cases became In re PayPal Honey Browser Extension Litigation in the Northern District of California, a case still active in 2026. Google updated Chrome Web Store policy to restrict affiliate-link injection unless it provides a direct and transparent user benefit. Rakuten Advertising reportedly removed Honey from its affiliate network in January 2026.
Whether or not the plaintiffs ultimately prevail, the controversy exposed an uncomfortable incentive: the party that touches checkout last can capture the credit, even when someone else created the demand.
That is not a Honey problem. It is the foundation the entire category is built on, including every bank-branded extension.
And the banks know it. Read the terms and conditions of any issuer's shopping extension and you will find the same disclosure: rewards may fail to track if attribution methods are overwritten or disabled by the browser, by ad-blocking software, or by other services that activate affiliate tracking. The fine print concedes that your cashback depends on a cookie surviving a hostile environment, and that another extension can silently take the credit.
When a product's own legal terms describe its core mechanism as fragile, that is not a disclosure. That is a diagnosis.
Crack #3: The reward is a forensic reconstruction, not a reward
Consider what the experience looks like even when everything works.
The shopper taps "activate," sees a confirmation, completes the purchase, and then the reward enters a black box.
Read the offer terms behind these programs and you will find that statement credits commonly post 61 to 180 days after the transaction, and may take longer. The program only pays the shopper after the merchant pays the commission, and merchants hold that commission until return windows close. For the entire waiting period the reward is conditional. The fine print is explicit that a pending reward creates no obligation until it is actually paid, and it can be adjusted or canceled along the way.
Eligibility itself is adjudicated invisibly after the fact. The popup says "activated" at the merchant level, while exclusions (specific product lines, promo-code conflicts, order caps) are applied months later at settlement, with no notice.
The shopper is told they earned something at checkout, and finds out whether that was true sometime next quarter.
That is not a rewards experience. It is a forensic reconstruction with a marketing layer on top.
Then AI started doing the shopping
While the extension category was defending its plumbing, the way people shop began changing underneath it.
Visa's research now shows 47% of U.S. shoppers use AI tools for at least one shopping task. In December 2025, Visa announced that hundreds of secure, agent-initiated transactions had been completed in production with ecosystem partners, and predicted millions of consumers will use AI agents to complete purchases by the 2026 holiday season. McKinsey projects AI agents could orchestrate up to $1 trillion in U.S. B2C retail revenue by 2030.
The infrastructure is being poured right now. Visa launched its Trusted Agent Protocol in October 2025 with more than ten partners, so merchants can distinguish legitimate consumer agents from malicious bots. Mastercard announced Agent Pay in April 2025, with tokenized agent credentials, spending controls, and verifiable intent. Google's Universal Commerce Protocol is standardizing agent-to-merchant commerce, backed by Gemini-scale distribution.
OpenAI ran the other experiment, and its result is just as instructive. It launched Instant Checkout inside ChatGPT in 2025, and Forrester reported that OpenAI was shutting it down by March 2026 in favor of product discovery, with merchants completing checkout on their own sites and apps.
The lesson was not that agentic shopping stalled. It was that merchants are not ready to hand their checkout to a protocol. The transaction still runs through the merchant's own systems, with the merchant as seller of record. The open question is who makes that trip. Sending the shopper back out through a redirect recreates the attribution fragility of the affiliate era. The alternative: the shopper stays on the surface they are already on, and the order completes behind the scenes, via protocol where the merchant supports one, or a verified agent completing the purchase on the shopper's behalf where it does not.
Both card networks have reached the same conclusion. The next era of commerce is agent-initiated, and it needs new rails for identity, consent, and trust.
Two flows, two very different fates
AI-influenced shopping happens in two ways today. The extension meets a different fate in each.
Flow #1: The assistant recommends, the human clicks through
This is the dominant flow right now. A shopper asks ChatGPT or Gemini what to buy. They compare options inside the chat: prices across sellers, reviews, what-to-know summaries. They tap a merchant link that opens in their own browser.
The extension is present in that session. It fires. Run the test yourself and you will watch it happen. The popup appears on the merchant's product page, offering its percent back on a purchase it had nothing to do with shaping. The merchant URL even carries the assistant's referral tag. The tag says the AI sent the shopper. The last-click cookie says the extension closed the sale.
Guess which one the commission follows.
Because that is what actually changed. Every job the extension category was built to do (surface the offer, compare the prices, steer the merchant choice) now happens upstream, inside an AI surface the extension cannot see and the bank does not influence. The recommendation, the comparison, the best-price flag: all delivered before the browser tab ever opened.
The extension has been demoted from shopping companion to toll collector at the end of someone else's sale.
That position is profitable and precarious at the same time. Profitable, because last-click attribution still pays whoever touches checkout last. Precarious, because the demand now belongs to the platforms, and the platforms are not going to keep generating purchase intent and donating the commission.
That is the same incentive problem the Honey controversy exposed. Except this time the party losing the credit owns the customer relationship and builds the infrastructure. It is exactly why Google is wiring checkout into Gemini, why agentic browsers are putting the agent inside the session itself, and why the card networks are building agent credentials.
Collecting tolls on demand created by companies with every incentive and capability to route around you is not a durable position.
Publishers are making the same argument from their side of the table. Shopsense's Chief Product Officer recently described what happens when a chatbot synthesizes a product recommendation from content it learned from: not an attribution gap, but an attribution absence. No click. No referral. No event fired at all.
Step back and look at the pattern.
Creators lost commissions to last-click override. That was the Honey controversy. Publishers are losing credit to synthesis: demand shaped by their content, closed by a chatbot, with no attributable event in between. Platforms are losing it to redirects that hand the commission to whoever cookies the browser last.
Three different players. One architecture. Failing all of them the same way. The affiliate model can only see clicks, and the parts of commerce that matter are moving to places where the click never happens.
Flow #2: The agent completes the purchase
This flow is small today. It is where everything is converging.
Either checkout is embedded directly in the AI surface, which is the Gemini model, or an agent executes the order in its own session on the merchant's site. (Agents piloting the consumer's own browser exist, but that is a rounding error today.)
Here the extension is not demoted. It is absent.
There is no consumer browser session for it to live in. No human to see its popup. No click to activate an offer. And because the activation never happens, the cookie that carries affiliate attribution is never set. The event the entire model depends on simply does not occur.
That distinction is not cosmetic. It is structural.
The browser extension is demoted in the flow that dominates today, and absent from the flow that is growing.
The honest state of the ecosystem
Agentic commerce is early. Most of the energy today is not going into checkout at all. It is going into discovery: merchants and brands working to be found, described accurately, and recommended on the large agentic surfaces, ChatGPT and Gemini above all. Feeds, product data, and answer-engine visibility are where the budgets are. Merchant coverage across the new checkout protocols remains thin. Extensions will not vanish overnight; they will keep working for some desktop shopping, alongside portals, card-linked offers, and mobile app experiences.
But none of those surfaces changes the core strategic issue. Discovery and intent formation are moving off the browser. By the time the extension appears on the merchant page, the decision it was built to influence has already been made somewhere else.
What comes after the extension
The answer is not a better extension. It is removing the extension, and the fragile attribution underneath it, from the architecture entirely.
Here is what the post-extension model looks like.
The bank becomes the front door, not the plug-in
Instead of bolting a coupon-finder onto someone else's browser session, the cardmember starts from the bank's own app or portal, a surface the bank already owns and the customer already trusts.
The purchase completes with the merchant, by protocol or by agent
The order is placed on the merchant's own systems: through a checkout protocol where the merchant supports one, and through a verified agent completing the purchase on the merchant's site where it does not. The routing is a function of merchant capability, not of the model.
Either way, the merchant remains the merchant of record. Pricing, fulfillment, returns, tax, product liability, and the customer relationship all stay exactly where they are today. The bank does not become the store and takes on no merchant-side obligations. It becomes the trusted place where shopping starts.
Attribution becomes deterministic, not forensic
When the transaction runs through a controlled agentic path, there is no cookie to overwrite, no last click to hijack, no ad blocker to break the chain. The reward attaches because the system knows, rather than infers, where the purchase came from. It settles on the transaction instead of being reconstructed from it months later.
The card stays top-of-wallet by design
The cardmember's credentials are already on file with their bank. When the agent checks out, it does so with the issuer's card, under the issuer's identity and consent framework, aligned with exactly what Visa's Trusted Agent Protocol and Mastercard's Agent Pay are standardizing at the network level.
The economics carry over
The merchant-funded reward model, the thing banks actually monetize, does not disappear. It moves from a cookie-based inference to a transaction-level fact. Banks keep the loyalty economics they have already built. What changes is that the rewards actually, reliably attach.

The strategy was never the extension
The direction is not ambiguous. The card networks have built agent identity rails. The AI platforms have built checkout protocols. Nearly half of shoppers already lean on AI somewhere in the purchase journey.
Relevance measured at the checkout page is the wrong measurement. What a rewards program exists to do is shape the purchase and win the card. That is moving somewhere the extension is not.
Banks did not build these programs because they love browser plug-ins. They built them to own the shopping moment: to be present, useful, and preferred at the point of purchase. That strategy matters more in the agentic era, not less, because the shopping moment is moving. First into AI surfaces the extension cannot see. Then into flows where it is not present at all.
The extension was a delivery mechanism for a strategy. The mechanism is aging out. The strategy is not.
At CartAI, we build the layer that carries that strategy forward: full-stack agentic commerce infrastructure covering catalog, checkout, payments, and agent identity. It lets banks, publishers, and AI apps become the trusted surface where agent-driven purchases begin, while every transaction completes on the merchant's own site and the merchant stays merchant of record. Protocol-based checkout where it exists. Verified agent execution where it does not. Built with the trust-and-safety ecosystem, not around it. Deterministic attribution everywhere.
If you run rewards, cards, or commerce at an issuer and this tension feels familiar, get in touch with us here.
Manil Uppal
Founder

