How E-commerce Teams Build LLM Apps in 2026

The first four months of 2026 changed the engineering reality of e-commerce AI more than any preceding year, and the pivot point was the protocol layer.

OpenAI publicly launched Buy in ChatGPT on February 16, 2026, opening Instant Checkout to all U.S. ChatGPT users with Etsy live and over a million Shopify merchants in the pipeline. ChatGPT's 700 to 900 million weekly users became the largest AI-native commerce surface overnight. On March 4, 2026, OpenAI quietly removed in-chat checkout, citing data quality issues with the early merchants. The strategy pivoted to ChatGPT Apps and dedicated merchant integrations. The Agentic Commerce Protocol (ACP), open-sourced with Stripe, remains the connective layer.

Google's Universal Commerce Protocol (UCP) launched in January 2026 with Walmart, Target, Shopify, and 20+ partners. Mastercard rolled out Agent Pay, Visa rolled out AI-ready credentials, and Stripe shipped Shared Payment Tokens for tokenized agentic transactions. Anthropic ran Project Deal in April 2026, an internal experiment with agent-to-agent negotiation, signaling research interest in multi-agent commerce. Amazon invested $50 billion in OpenAI in February 2026 and continued litigating against Perplexity to keep agents off its platform. Shopify activated Agentic Storefronts by default for all merchants in March 2026.

The macro numbers reflect the shift. McKinsey projects $3 to $5 trillion in global retail spend redirected through agentic commerce by 2030, with $900 billion to $1 trillion from the U.S. Adobe Digital Insights tracked a 4,700% year-over-year increase in AI-driven traffic to retail sites by mid-2025. Shopify reports AI-attributed orders growing 11x between January 2025 and January 2026. Klaviyo's 2026 AI Consumer Trends Report finds 39% of consumers have purchased based on an AI recommendation in the past 6 months. Bain estimates 15 to 25% of total online retail will flow through agentic channels by end of decade. Q1 2026 venture funding into AI commerce infrastructure cleared $12 billion, the largest quarterly total on record.

For engineering teams building e-commerce LLM products, the implications are not abstract. A meaningful share of traffic in 2026 is no longer humans with browsers, it is agents operating on behalf of humans. Sites built for human conversion patterns fail agent traversal. Product catalogs that update nightly fail real-time agent queries. Customer service LLMs that hallucinate policy details create binding statements (the 2024 Air Canada ruling). Shopping assistants without verification surface fabricated products. Each of these failure modes has solutions, and teams that built the solutions in are capturing share from teams that did not.

This post is the engineering view of the e-commerce AI stack in 2026. It covers the five architectural patterns serious products converge on, what shifted in the protocol layer, and where the engineering loop typically breaks.

The architecture stack at a glance

Five layers, five distinct failure modes. Most production incidents in 2026 trace to one of these boundaries: a clean protocol response over a stale catalog, a coherent assistant turn from an unverified retrieval, or a refund authorized without a server-side trace.

The market in one paragraph

By mid-2026, e-commerce AI has split into five recognizable shapes. Agentic commerce surfaces like ChatGPT, Google AI Mode, Perplexity, and Microsoft Copilot route shopping queries to merchants through protocol-based or browser-based pathways. AI shopping assistants embedded in merchant sites (Shopify Sidekick, Klaviyo agents, Rep AI, Octopus AI, Nosto's Huginn) provide on-site conversational discovery. Product search and discovery LLMs replace or augment traditional faceted search with conversational, intent-aware retrieval. Customer service LLMs handle support volume across FAQ, returns, refunds, and order management, with varying degrees of action authority. Merchant-facing operational AI (Shopify Sidekick for merchants, Klaviyo's marketing agents, fraud and inventory copilots) accelerates merchant productivity. Each shape has different audiences, different protocols, and different competitive moats. Engineers building for e-commerce need to know which shape they are building.

The shape-to-vendor map most teams use as a reference:

Pattern 1: The catalog graph as foundation

Every working LLM product in e-commerce sits on top of a normalized, attribute-rich, real-time catalog. Shopify spent two years building this before launching Sidekick at scale, using LLMs to extract canonical attributes across products from millions of merchants with inconsistent data conventions. Sidekick now reaches roughly 875,000 merchant interactions per week according to Shopify's engineering disclosures, a volume that only works on top of a clean catalog graph.

What the catalog graph requires:

• Canonical taxonomy. Standardized categories and subcategories. Products mapped consistently regardless of how individual merchants describe them.
• Structured attributes with confidence. Material, color, size, use case, key features extracted as structured fields with source attribution and confidence scores. LLM extraction fills gaps merchants did not provide.
• Real-time inventory and pricing. Sub-minute sync from order management to the catalog index. Stale data is the most cited reason for AI surface deprioritization.
• Variant resolution. Multiple SKUs per product handled coherently, so a query for "blue medium" resolves to the right variant.
• Embeddings for semantic search. Product representations that support both lexical and semantic retrieval.

This is the foundation everything downstream depends on. A retrieval system over a poorly normalized catalog returns inconsistent results. A generation layer working from inconsistent attributes hallucinates to fill gaps. A protocol integration that exposes a messy catalog to ChatGPT or Google AI Mode gets deprioritized in favor of merchants whose data is clean.

The full schema and build pattern is in Building an AI Shopping Assistant.

Pattern 2: Protocol adapters for agentic commerce surfaces

The 2026 shift toward agentic commerce means a meaningful share of traffic arrives through protocols rather than browsers. The architectural pattern that scales: a clean internal product API as the backbone, with thin adapters that translate to ACP, UCP, and any future protocol.

The four agentic commerce frameworks that matter in 2026:

ACP and UCP are commerce-specific. MCP is general-purpose tool-calling that often underlies the data access supporting commerce, and Shopify's Agentic Storefronts effectively wraps merchant data in an MCP-friendly shape. Building all three is the practical path for any merchant of meaningful size.

What is also changing: tokenized agentic payments. Stripe's Shared Payment Token API, Mastercard Agent Pay, and Visa's AI-ready credentials let merchants accept agent-mediated transactions without exposing card details to the agent. Most current implementations layer on top of existing payment processors, so building for agentic payments is largely configuration if your processor supports it.

The detailed protocol architecture, agent traffic patterns, and 90-day readiness plan are in Building for the Agentic Commerce Era.

Pattern 3: Hybrid retrieval for long-tail queries

E-commerce search shifted in 2025 from keyword matching to long-tail conversational queries. Klaviyo's 2026 report shows 30% of AI shopping queries contain 8+ words, and 78% include emotional or personal context. "Best running shoes under $100" is the easy case. "Lightweight rain jacket that packs into its own pocket for hiking shoulder-season Grand Canyon" is the workload.

The retrieval architecture that handles these:

• Hybrid lexical + semantic search. BM25 for keyword precision, dense embeddings for descriptive queries, combined rank.
• Attribute extraction and filtering. The query is parsed into structured attributes (price, category, color, use case) before retrieval. Filtering happens before semantic search.
• Personalization integrated at retrieval. User signals (declared preferences, prior queries, purchase history) influence which candidates surface, not just how they are ranked.
• Diversity-aware reranking. The top-K results cover the relevant attribute space rather than clustering around near-duplicates.
• Refusal pathway. When the catalog does not support the query, the system says so or surfaces close alternatives with appropriate qualification rather than hallucinating.

The eval framework that catches the failure modes specific to LLM-powered search is in Evaluating LLM-Powered Product Search.

Pattern 4: Customer service with bounded LLM authority

The customer service LLM has the most legally consequential failure modes in e-commerce AI. The 2024 Air Canada chatbot ruling established that AI customer service statements are binding statements by the company. Hallucinated policy details create real liability. Refund authorization outside policy bleeds margin. Refund refusal inside policy creates chargebacks.

The architectural patterns that work:

The unifying property: the LLM does not authorize actions through its own judgment. It either provides information grounded in policy documents or routes to deterministic logic that checks policy and authorizes actions based on rules. The LLM communicates the result, it does not produce the authorization.

A growing concern: customer-side AI agents arguing with merchant-side AI agents. Customers run their own LLMs to push for unauthorized returns or refunds. The defense is the same: deterministic authorization logic, friction proportional to risk, pattern detection on customer behavior, audit trails for chargeback defense.

The architecture detail and eval framework are in LLM Customer Service in E-commerce.

Pattern 5: Verification as architecture, not feature

Across every category, verification is what separates trusted from abandoned. The pattern:

• Product references validated. Every cited product_id resolves to a real product with current availability.
• Attribute claims grounded. Every claim about a product traces to a real catalog field.
• Pricing currency. Cited prices match live prices.
• Review accuracy. Cited reviews exist and say what they are claimed to say.
• Policy adherence. Customer service responses cite specific policy documents, and ungrounded answers escalate.

Failed verification triggers regeneration with refreshed context, graceful degradation to verified content, or escalation to human review. Hallucinations get filtered before reaching users.

The engineering investment in verification compounds. A platform that runs verification on every response has lower hallucination rates, higher user trust, and stronger litigation defense than one that runs verification on sampled traffic. The cost difference is small, the trust difference is large.

Where the loop usually breaks

Patterns that show up across deployed e-commerce LLM products in 2025 and 2026.

No tracing or observability. When a customer reports a hallucinated product or a wrong policy answer, the team cannot reconstruct what happened. Logs exist but are not structured around the unit of decision. Debugging is reactive and slow.

Catalog graph is shallow. Products from different merchants have inconsistent attributes, and the LLM compensates by generating attributes that may not be true. Foundation work that should have happened before LLM features did not.

No verification pass. Hallucinated products and policies reach users. Some are caught, many are not. Trust erodes silently.

Click-based attribution. Conversion tracking misses the no-click flows that agentic commerce produces. Server-side tracking is missing. Per-surface attribution is missing. The team thinks they know their conversion rate, they do not.

Eval set frozen at launch. Production behavior diverges from evaluated behavior over months. Drift goes undetected. The team is operating on month-one data in month twelve.

Personalization without disparate impact monitoring. Recommendations skew along demographic lines. Regulatory exposure under Colorado AI Act and similar consumer-facing AI laws is real but unmeasured.

LLM in the synchronous high-volume path. The team puts an LLM call in transaction-time logic. Latency p99 jumps, cost spikes, conversion drops. The pattern of LLMs as async enrichment and tabular ML or rule logic in real-time decisioning that has stabilized in fintech (covered in our LLM fraud detection post) applies equally in e-commerce.

Adversarial robustness is missing. Prompt injection in customer messages, LLM-vs-LLM agent dynamics, scraped catalog data being weaponized. The defenses are well-documented but often not implemented.

What to expect in the next twelve months

Trends to plan around:

Format war stays open. ACP and UCP coexist indefinitely. ChatGPT and Google AI Mode capture different audiences. Brands need to support both in parallel, the way they currently run Google Ads and Meta Ads.

ChatGPT Apps mature. The pivot from in-chat checkout to merchant-controlled apps creates a new surface for branded experiences inside the chat. Walmart and Instacart are early references, and many categories will get app experiences through 2026.

Agent-to-agent in B2B. Forrester projects 20% of B2B sellers face agent-led negotiation by end of 2026. Anthropic's Project Deal is research, but the pieces are ready for production pilots in B2B procurement.

Mastercard Agent Pay and Visa agentic credentials become standard. Tokenized agent payments shift from beta to default option across major processors.

Conversion attribution gets harder. No-click flows mean click-based attribution is structurally broken. Server-side tracking, surface attribution, and multi-touch models become standard.

Bias requirements expand to consumer-facing AI. Colorado AI Act, draft California regulations, and EU AI Act consumer-facing AI provisions create disparate impact testing requirements for personalization in e-commerce. The HR-style audit framework migrates to consumer applications.

LLM-vs-LLM dynamics in customer service. Customers running agents to argue with merchant agents become more common. Authorization through deterministic logic, not LLM judgment, becomes table stakes.

How to get started

If you are starting an e-commerce AI build today, the priority order:

1. Catalog graph foundation. Standardized taxonomy, structured attributes with extraction, real-time inventory and pricing. Without this, nothing downstream is reliable.
2. Verification pass. Every LLM response runs through grounding and accuracy checks before reaching users. Hallucinations get filtered.
3. Tracing and observability. Per-decision lineage, structured spans, queryable audit trail. Debugging and litigation defense both depend on this.
4. One pattern, deep. Pick one of the five patterns (catalog graph, agentic commerce protocols, hybrid retrieval, customer service, verification) and ship it deeply before adding more.
5. Continuous evaluation. Eval sets that evolve from production. Regressions catch before deploy.

The detailed engineering depth lives in the spoke posts:

• Building for the Agentic Commerce Era
• Evaluating LLM-Powered Product Search
• LLM Customer Service in E-commerce
• Building an AI Shopping Assistant

How Respan fits

The five patterns above (catalog graph, protocol adapters, hybrid retrieval, customer service with bounded authority, verification) all sit on a shared observability and evaluation substrate, and Respan is built to be that substrate for e-commerce LLM teams. Whether you are exposing your catalog through ACP and UCP, running a Shopify Sidekick-style assistant, or defending a customer service bot against the next Air Canada-style ruling, the same backbone has to be in place.

• Tracing: every shopping query, agent traversal, and customer service turn captured as one connected trace. Auto-instrumented for LangChain, LlamaIndex, Vercel AI SDK, CrewAI, AutoGen, OpenAI Agents SDK. When a customer reports a hallucinated product or a wrong policy answer, you can reconstruct the exact retrieval, prompts, tool calls, and protocol adapter path that produced it, instead of grepping unstructured logs.
• Evals: ten built-in evaluators (faithfulness, citation accuracy, refusal correctness, harmfulness) plus LLM-as-judge and custom Python evaluators. Production traffic flows directly into datasets. CI-aware experiments block regressions on hallucinated product_ids, ungrounded policy answers, stale price citations, fabricated reviews, and refund authorization outside policy before deploys ship.
• Gateway: 500+ models behind an OpenAI-compatible interface, semantic caching, fallback chains, per-customer spending caps. Catalog enrichment and async product attribute extraction can run on cheaper models with caching, while customer service and refund-adjacent flows pin to higher-capability models with strict fallbacks, so an LLM call never sits in the synchronous transaction-time path without guardrails.
• Prompt management: versioned registry, dev/staging/prod environments with approval workflows, A/B testing in production with one-click rollback. Shopping assistant system prompts, customer service policy-grounding prompts, attribute extraction prompts, and ACP/UCP response formatters all belong in the registry so legal-sensitive copy can be reviewed, A/B tested, and rolled back without a deploy.
• Monitors and alerts: hallucination rate per surface, citation accuracy on product references, agent traffic share by protocol (ACP, UCP, MCP), refund authorization deviations from policy, p99 latency on synchronous LLM calls. Slack, email, PagerDuty, webhook. Drift between month-one and month-twelve behavior surfaces in the dashboard instead of a customer complaint.

A reasonable starter loop for e-commerce AI builders:

1. Instrument every LLM call with Respan tracing including catalog retrieval spans, protocol adapter spans (ACP, UCP, MCP), verification spans, and customer service action spans.
2. Pull 200 to 500 production shopping queries and customer service conversations into a dataset and label them for grounding, citation accuracy, refusal correctness, and policy adherence.
3. Wire two or three evaluators that catch the failure modes you most fear (hallucinated products with fake product_ids, ungrounded policy statements that create binding liability, stale price or inventory citations on agentic surfaces).
4. Put your shopping assistant prompts, customer service policy-grounding prompts, and protocol response formatters behind the registry so you can version, A/B, and roll back without a deploy.
5. Route through the gateway so catalog enrichment runs on cached cheaper models, customer service runs on pinned higher-capability models with fallbacks, and no LLM call sits unguarded in the synchronous checkout path.

Skip this loop and you ship the failure modes from the "Where the loop usually breaks" section above: silent trust erosion from hallucinated products, binding policy statements you cannot audit, and a conversion rate you think you know but do not.

To wire any of the patterns above on Respan, start tracing for free, read the docs, or talk to us.