

AI agent card delegation is moving from experimental checkout flows into real payment infrastructure. Agents can now receive scoped credentials, operate within spending policies, and complete approved purchases without handling a user’s raw card details. Bain’s analysis of agentic commerce and trust highlights the importance of authorization, security protocols, and the mix of cards, wallets, and stablecoins as autonomous purchasing develops.
Stripe Issuing, Visa Intelligent Commerce, and Mastercard Agent Pay approach this market from different positions. Stripe lets businesses issue virtual cards directly to agents. Visa extends network credentials, tokenization, and controls into AI-led commerce. Mastercard combines agent credentials, verifiable intent, permissioning, and multi-rail settlement. Nevermined connects delegated card spending with merchant-side metering, pricing, payment-based access, credits, and settlement.
Card delegation is more than issuing a virtual card number. The payment system must preserve the user’s authority while giving the agent enough freedom to complete a task.
A complete delegation workflow should address five areas.
The agent needs a payment credential that works in the intended merchant environment. That may be a platform-specific token, a network token, or a virtual card.
The agent should not receive the user’s original card number. Tokenization and scoped credentials reduce exposure while preserving access to existing card rails.
The credential must operate within clear limits. Common policies include:
These controls determine whether the agent can complete a purchase without returning to the user for every decision.
The payment system needs evidence that the transaction matches what the user approved. This may involve passkeys, signed mandates, authenticated instructions, or verifiable intent records.
The purpose is not to remove the user from the relationship. It is to let the user approve a policy once, then allow the agent to act inside that policy.
A delegated credential must still work with the merchant’s payment environment. Network cards offer broad merchant reach, while platform tokens may depend on a particular processor or integration.
Acceptance becomes more complex for paid APIs, agent tools, and digital resources. These services may need to verify payment before delivering a result rather than process a conventional retail checkout.
Card delegation explains how the agent pays. It does not automatically explain how a merchant prices an API call, meters a tool execution, applies credits, or records revenue.
That distinction separates agent card products from broader agent payment infrastructure.
Stripe Issuing allows businesses to create and manage virtual or physical card programs through APIs. Its current documentation includes a dedicated Issuing for agents product in private preview.
Issuing for agents lets businesses create virtual cards that agents can use for autonomous purchases. Before the agent transacts, the platform can define what it may spend, where it may spend, and how much it may spend.
Stripe’s broader Issuing controls support:
Webhook-based authorization gives the issuing business another opportunity to approve or decline a transaction as it occurs.
Stripe provides authorization and transaction records for issued cards. This gives the business visibility into the merchant, amount, status, and lifecycle of each card purchase.
That visibility is useful for expense management, procurement agents, travel workflows, and other applications where an agent purchases through conventional merchant card acceptance.
Stripe Issuing fits businesses that want to create virtual cards for their own agents or provide card programs through a platform. It is particularly relevant for companies already operating within Stripe’s payment, Connect, Treasury, or financial-services ecosystem.
Stripe’s wider product portfolio now also includes agentic commerce tools, agent wallets, x402 support, and seller integrations. These developments make Stripe more applicable to AI commerce than a traditional issuing-only description would suggest.
The Issuing product still focuses on creating and controlling card credentials. AI merchants charging for APIs, MCP tools, datasets, or agent actions may need additional metering, entitlement, and request-level payment infrastructure.
Visa Intelligent Commerce brings AI-led purchases into Visa’s card network through tokenization, authenticated instructions, payment credentials, and network controls.
The workflow begins with an authenticated user instruction. When the agent is ready to purchase, it requests a payment credential from Visa Intelligent Commerce.
Visa validates that the request matches the user’s instruction and applies network-level controls. The agent then uses the resulting credential to complete approved purchases with participating merchants.
This model preserves several important elements:
Visa’s Trusted Agent Protocol gives merchants a method for recognizing approved agents and distinguishing legitimate automated commerce from unverified bot traffic.
That trust layer matters because payment authorization alone does not tell a merchant whether the automated client is acting under a valid instruction. The protocol supports clearer communication between the agent, merchant, payment network, and issuer.
Visa Payment Passkeys can authenticate the user when a new payment credential is created or when a transaction needs additional confirmation. This adds device-bound authentication to higher-risk actions without requiring the user to enter card information into the agent.
Visa Intelligent Commerce has progressed through partner pilots, test transactions, and regional deployments. Visa also introduced Intelligent Commerce Connect in 2026 to help businesses connect agent purchasing and merchant acceptance through a single integration.
Availability can still depend on geography, issuer participation, partner readiness, and the specific Visa Intelligent Commerce product being used.
Visa Intelligent Commerce fits consumer and business purchasing experiences that need network-level credentials and controls on established card rails. It is especially relevant when broad Visa merchant acceptance and issuer participation are central requirements.
Its primary role is enabling and securing the purchase. Metering a digital service, calculating usage-based prices, and enforcing resource access remain separate merchant concerns.
Mastercard Agent Pay provides a framework for trusted AI-led commerce across consumers, merchants, issuers, and payment partners. It combines agentic credentials with authentication, permissioning, and network protections.
Mastercard Agentic Tokens extend tokenized card credentials into agent transactions. The credential can be associated with an approved agent and purchasing context rather than exposing the underlying card details.
Verifiable Intent creates a record of what the user authorized the agent to do. This helps participating systems distinguish an approved purchase from activity outside the user’s instruction.
Mastercard Agent Pay supports policy-bound transactions through controls such as:
These controls provide a basis for autonomous transactions without removing accountability.
Mastercard launched Agent Pay for Machines in June 2026 for continuous, high-frequency, low-latency, and low-value machine payments. The system extends agent payment infrastructure into use cases where transactions happen repeatedly in the background.
Its core functions include:
This multi-rail design distinguishes Agent Pay for Machines from a card-only delegation product.
Mastercard has completed authenticated agent payment pilots and production transactions with banks, processors, and technology partners in several markets. Commercial availability and regulatory status can differ by region and use case.
Mastercard Agent Pay fits organizations that want agent payments connected to Mastercard credentials, network controls, and merchant acceptance. Agent Pay for Machines broadens that scope to machine-driven transactions across several settlement types.
Merchant-side pricing, product entitlements, API metering, and agent service monetization may still require an additional application layer.
Nevermined approaches card delegation as one part of a wider agent payment workflow. It gives agents controlled purchasing authority while giving AI merchants the infrastructure to charge for what those agents consume.
With Nevermined, agents can pay using an enrolled card and a defined delegation.
Users add a supported card through a tokenized capture flow. During setup, they define the guardrails, including spending caps, time windows, merchant categories, transaction limits, expiration, and revocation.
The agent receives a scoped API key. That key represents payment capability rather than the underlying card credentials.
Nevermined’s current product page lists Stripe and Visa VIC as live payment providers. PayPal Braintree is listed as coming soon.
Visa and Stripe card enrollment use VGS tokenization. Nevermined does not store raw card numbers, and the agent does not receive the original PAN.
Visa delegations also use a passkey approval that binds the defined limits to the user’s device. Each transaction remains associated with the agent, amount, merchant, and timestamp.
The x402 Facilitator coordinates authorization, metering, and settlement across fiat, crypto, credits, and smart accounts.
A paid API or tool can return an HTTP 402 payment requirement. The agent obtains a scoped payment token and retries the request. The service verifies the permission, performs the work, meters the completed action, and records settlement.
The facilitator can return payment verified, settlement ready before the application releases the resource.
This flow is relevant for:
AI merchants can sell to AI agents without forcing every buyer through a traditional checkout page.
Nevermined supports flexible pricing models, including pay-as-you-go, credit plans, and time-limited access. Dynamic pricing can reflect request complexity, token count, cost, or another custom event.
Flex Credits are prepaid, usage-based credits redeemed as activity occurs. Credits can be distributed across users, departments, or agents and monitored through their consumption.
Nevermined keeps the commercial layer independent from one credential or settlement path. The platform supports fiat payments, stablecoins, credits, and ERC-4337 smart accounts.
Its one integration, no lock-in model also supports x402, MCP, A2A, and AP2-oriented workflows. Pricing, access, and metering rules can remain consistent while the agent framework or payment rail changes.
Stripe Issuing creates a virtual card for the agent or program. Visa and Mastercard convert user authority into network-recognized credentials. Nevermined can delegate enrolled card authority through supported platform or Visa credential paths.
The appropriate model depends on whether the business wants to operate a card program or let users delegate cards they already hold.
All four approaches support spending controls in some form. Stripe emphasizes API-driven card and authorization rules. Visa emphasizes authenticated user instructions and network controls. Mastercard emphasizes verifiable intent, agent credentials, and permissioning.
Nevermined combines card limits with resource-level payment permissions and x402 tokens. This connects the spending rule to the API, tool, or service the agent is trying to consume.
Stripe, Visa, and Mastercard have direct advantages when the agent purchases from conventional merchants using card acceptance.
Nevermined’s Visa VIC path also supports network credentials, while its platform-token model supports selected payment processors. The product page identifies availability by provider, which helps teams separate live paths from planned support.
Digital services need more than a credential. The merchant may need to charge per request, per token, per result, or through prepaid credits.
Nevermined brings those pricing and access controls into the same transaction flow. It also preserves a complete audit trail for each payment and agent interaction.
Stripe, Visa, and Mastercard implementations can involve program approval, issuer relationships, regional availability, or partner onboarding. The effort depends on the chosen product and deployment model.
Nevermined provides SDKs, REST APIs, widgets, an MCP server, and facilitator endpoints. Its product workflow targets 5 minutes from zero to a monetized agent for supported integrations.
Valory cut deployment time of their payments and billing infrastructure for the Olas AI agent marketplace from 6 weeks to 6 hours using Nevermined, clawing back $1000s in engineering costs.
Stripe Issuing, Visa Intelligent Commerce, and Mastercard Agent Pay each provide credible approaches to controlled agent spending. Stripe gives developers programmable card issuance. Visa extends tokenized credentials and user instructions across its network. Mastercard combines credentials, intent, permissioning, and multi-rail machine payments.
Nevermined is the top choice when card delegation must connect to the full commercial lifecycle of an AI service:
This makes Nevermined especially relevant for AI builders selling APIs, tools, datasets, compute, agent services, and marketplace access. Card delegation remains essential, but the larger opportunity comes from connecting controlled spending to merchant revenue.
AI agent card delegation gives autonomous software permission to use a payment credential within rules defined by a user or organization. Those rules can include spending caps, approved merchants, time limits, transaction counts, and revocation. The agent should receive a scoped token or virtual credential rather than the user’s raw card details. Nevermined connects this delegated authority to payment verification and service-level access.
Card issuing creates a new physical or virtual card under a card program. Delegation gives an agent controlled authority derived from an existing card, account, or network credential. Both approaches can support limits and merchant controls, but their onboarding and settlement models differ. Nevermined supports delegation workflows for users who want agents to operate within approved card policies.
Verifiable intent provides evidence that the agent’s transaction matches the user’s instruction. This helps payment networks, issuers, and merchants distinguish approved automated activity from unauthorized behavior. It can also support dispute review, transaction controls, and regulatory oversight. Nevermined preserves intent through scoped delegations, limits, payment tokens, and transaction records.
Virtual cards work well when agents purchase from merchants that already accept cards. They do not automatically provide per-request metering, product entitlements, usage credits, or agent-to-agent settlement. Digital services may need to verify payment before returning an API response or tool result. Nevermined adds those merchant-side functions around delegated card payments.
An agent payment credential should include amount limits, duration, merchant restrictions, transaction counts, and revocation. Higher-risk workflows may also need device authentication, issuer oversight, or real-time authorization. The controls should be specific enough to prevent misuse without interrupting every approved action. Nevermined applies these policies through scoped delegations and x402 permissions.

See Nevermined
in Action
Real-time payments, flexible pricing, and outcome-based monetization—all in one platform.