MENU
The press cycle for 2026 has been dominated by a singular, repetitive narrative: "Agentic Payments are here." Stripe launched the Agent Toolkit and the A2A Commerce Suite. Google announced the Agent-to-Agent (A2A) protocol. Visa and Mastercard published frameworks for agent-initiated transactions. SAP, Salesforce, and AWS have all incorporated "agentic" into their commerce narratives.
The announcements share a common pattern: big vision, light on infrastructure detail. What's missing from nearly all of them is the practical answer: how do you actually let an AI agent process a payment — securely, compliantly, and across the PSPs your merchants require?
This guide strips away the marketing to reveal the three distinct categories of agentic payments, the specific infrastructure gaps in each, and why the current "plumbing" provided by major players is insufficient for true autonomy. We will also look at how open-source protocols like x402 and specific implementations like Nevermined are solving the friction that legacy systems were built to avoid.
Strip away the marketing and there are three distinct categories of agentic payments. Understanding which category you are building for is critical, as the infrastructure requirements differ radically between them.
An AI agent autonomously purchases a service from another AI agent. No human in the loop.
Example: An AI procurement agent evaluates three cloud storage providers' API agents, negotiates pricing, and pays for the selected service — all programmatically.
Current State: Very early. Coinbase's x402 protocol and Google's A2A are building the plumbing. Most implementations use stablecoins (USDC) or tokenised pre-authorisations rather than traditional card payments. The infrastructure is being defined in real time.
What platforms need: Not much, yet. This is a 2027-2028 reality for most. The challenge here isn't the payment network; it's the semantic layer. How does Agent A know that Agent B's price quote is valid? How do we reconcile a payment made by an agent with a billing cycle that doesn't exist in the traditional sense?
An AI voice agent — handling a phone call instead of a human agent — processes a card payment mid-conversation.
Example: A customer calls an insurance company to renew a policy. An AI voice agent (PolyAI, for instance) handles the call, confirms the renewal, and processes the payment — all via voice, PCI-compliant, without human intervention.
Current State: This is the immediate battleground. The friction point is the "click-to-confirm" or "click-to-approve" required by current card networks. If an AI says, "I've charged your card for $50," and the user must click a link to approve it, the agent has failed its primary function: autonomy.
What platforms need: Frictionless, silent authorization. The user must have already granted broad, revocable spending limits to the agent. The system must be able to verify the transaction context (e.g., "Is this the renewal we discussed?") without forcing a UI interaction that breaks the conversational flow.
The agent initiates the payment, but a human must sign off, often via a mobile notification or a simplified dashboard.
Current State: This is where 90% of current "agentic" implementations live. It's not truly agentic; it's just a faster checkout flow.
What platforms need: Context-aware notifications. Instead of "You have a pending charge," the system needs to say, "Your agent just purchased a server instance for $40.00. Approve?" with a single tap. The infrastructure must support this specific metadata to make the HITL experience feel seamless.
Every payment, no matter how high-tech, still relies on the fundamental movement of value. The Cardholder, the Merchant, the Issuer, and the Acquirer form the Four-Party Model.
In the traditional world, the Acquirer (the bank) and the Merchant (the store) have a relationship. The Agent sits in the middle, often as a third-party script. In the agentic world, the Agent is the merchant, or the Agent is the customer.
This is where the x402 protocol becomes critical. x402 is an HTTP-native payment protocol designed specifically for AI agents. Unlike legacy protocols that require heavy SDKs and manual configuration, x402 allows agents to request funds directly over standard HTTP requests, leveraging the existing web infrastructure.
However, even with x402, the "plumbing" is often brittle. Most implementations rely on a single Payment Service Provider (PSP) like Stripe. This creates a single point of failure and a single point of friction. If Stripe's API changes, your agent breaks. If Stripe's rate limits are hit, your agent stalls.
The Real Problem: The major PSPs are optimizing for human users. They expect a session ID, a user agent string, and a predictable flow. AI agents do not behave predictably. They make thousands of requests per second. They might retry a failed payment with a different token. They might pause for hours and then retry.
Legacy PSPs cannot handle this. They require a "human-like" session. This is why we see so many agents falling back to stablecoins or crypto rails. While stablecoins offer speed, they introduce volatility and regulatory complexity that a retail payment network shouldn't need. We need a hybrid rail: the speed of crypto, the compliance of cards, and the programmability of x402.
The biggest hurdle to agentic payments is not technology; it is trust. How do you allow an AI to spend money without a human clicking "approve" every time?
The answer lies in Delegated Spending and Session Tokens.
In the traditional model, you give a merchant a credit card number. In the agentic model, you give an agent a delegation. A delegation is a scoped permission that says, "This agent can spend up to $500 on cloud infrastructure between 9 AM and 5 PM EST."
If the agent tries to spend $600, the delegation fails. If the agent tries to buy a physical good, the delegation fails. This is the power of Nevermined's approach to payment infrastructure.
Nevermined introduced the Autonomous Card Enrollment and Delegation capabilities. This isn't just a UI component; it's a security boundary. It allows AI agents to autonomously enroll and manage payment cards directly from host applications. This capability enables seamless, frictionless payment setup without manual user intervention.
But how is this secure? By surfacing a hashed API key within session tokens. This ensures robust authentication for autonomous agent interactions. The widget doesn't just store the card; it creates a cryptographic binding between the agent's identity and the card's spending limits.
This is a massive shift from the current state. Currently, if you want an agent to pay, you have to manually enter the card details into a form, copy the token, and paste it into your agent's code. This is error-prone and insecure.
One of the most significant advancements in the agentic payments space is the ability to route payments dynamically across multiple providers.
In 2026, relying on a single PSP is a liability. If Stripe goes down, your agents stop working. If Visa changes their rules, your agents break. The solution is Dynamic Network Resolution.
Nevermined introduced PSP Network Resolution for Delegation. The platform now intelligently resolves the correct payment network (Stripe or Braintree) directly from plan metadata. This ensures the right infrastructure is used for every card-delegation request without manual configuration.
Previously, developers had to write complex logic to decide: "If the user is in Europe, use Braintree. If they are in the US, use Stripe." Now, the system handles this based on the fiatPaymentProvider metadata.
This is crucial for global agents. An agent operating in the EU might need to use a local acquiring bank, while an agent in the US uses a different one. The Nevermined SDK allows the the publication of Payment Plans attached to different PSPs. These plans can be discovered and purchased by customers depending on their PSP requirements.
This means your agent can say: "I need to buy something in Japan. I don't have a local card. I will use my PayPal balance." The system routes the request to the correct provider automatically.
When an AI agent makes a purchase, who is responsible? The agent? The developer? The user?
In the current landscape, this is a legal grey area. However, the new infrastructure is building in Enhanced Payment Verification Reporting.
Nevermined's VerifyPermissionsResult now includes the specific payment network used, providing greater transparency and auditability for every transaction settlement. This is vital for compliance. If a regulator asks, "Who authorized this $1,000 purchase?" the system can trace it back to the delegation token, the agent's identity, and the specific user who granted the permission.
The NVM SDK now supports enhanced payment method metadata, allowing agents to declare their intent (e: "I am a procurement agent") and the system can apply the correct compliance rules automatically.
The future of agentic payments is not about replacing the card network; it is about augmenting it. The future lies in Delegated Spending and Session Tokens.
The current "plumbing" provided by major players is insufficient for true autonomy. We need a hybrid rail: the speed of crypto, the compliance of cards, rails, and the programmability of x4
See Nevermined
in Action
Real-time payments, flexible pricing, and outcome-based monetization—all in one platform.
