All retail products 50% off — for the next 24hSell to ChatGPT, Claude and new AI agentsA2A commerce ready — checkout in chatAll your products. A2A · MCP · UCP readyAll retail products 50% off — for the next 24hSell to ChatGPT, Claude and new AI agentsA2A commerce ready — checkout in chatAll your products. A2A · MCP · UCP readyAll retail products 50% off — for the next 24hSell to ChatGPT, Claude and new AI agentsA2A commerce ready — checkout in chatAll your products. A2A · MCP · UCP ready
StartShop.ai · A2A · COMMERCE
Sign inGet started
← Back to blog
AI Agent Payments·11 min read·May 2, 2026

AI Agent Wallets and Credit Cards: The Complete 2026 Guide to Stripe Link, Visa Intelligent Commerce, Mastercard Agent Pay, and PayPal

Stripe, Visa, Mastercard, Amex, PayPal, Coinbase — every major agent payments product in one place, with concrete integration guidance for merchants and developers.

By StartShop Editorial

For most of 2024, the limiting factor in agentic commerce wasn't the AI — it was the payments. An agent could find the perfect product, draft the perfect cart, and then stall at checkout because no payment system was built to be used by software acting on a person's behalf.

That changed in 2025. Within roughly twelve months, Stripe, Visa, Mastercard, American Express, and PayPal all launched products explicitly designed to let AI agents pay. Coinbase added a crypto-native rail for machine-to-machine commerce. And a wave of agent-native wallets and credit cards followed.

This guide breaks down every major product in the agent payments stack as of May 2026 — what each one actually is, how they differ, and which ones merchants and developers should integrate first.

Why Agent Payments Are a Different Product Category

A regular online card transaction has roughly one job: move money from a known cardholder to a known merchant after the cardholder explicitly clicks "Pay."

An agent transaction adds three new requirements:

  1. The cardholder isn't pressing the button. A piece of software is, on the user's behalf, sometimes hours after the user authorized it.
  2. The card credentials must never be exposed to the agent. If the agent's prompt window or tool log leaks card details, the consequences are catastrophic.
  3. The merchant needs proof the agent is authorized. Anyone can write a script that calls a checkout endpoint. The merchant needs to distinguish a legitimate user-authorized agent from a fraudster's bot.

Every product in this guide solves some combination of those three problems. They differ in how they do it, who underwrites the risk, and how much of the merchant integration is "use what you already have" vs. "implement a new protocol."

Stripe: Agent Toolkit, Shared Payment Tokens, and Link for Agents

Stripe was the first major PSP to ship a coherent agent payments stack. Its current product family has three pieces:

Stripe Agent Toolkit. A set of SDKs (Python, TypeScript, and integrations for LangChain and Vercel's AI SDK) that let an agent invoke Stripe APIs as tools. Released in late 2024 and continuously expanded since, the toolkit lets a developer give an agent scoped access to charges, refunds, customer creation, and invoicing without exposing root API keys.

Shared Payment Tokens. Stripe's mechanism for letting an agent platform (like ChatGPT) pass tokenized customer payment credentials to a Stripe-using merchant without revealing the underlying card. The user's card stays in the agent platform's vault; the merchant gets a single-use token they can charge through their existing Stripe integration. This is the rail powering OpenAI's "Buy in ChatGPT" experience for merchants on Stripe.

Link for Agents. Stripe's consumer wallet, Link, was opened to agent flows in 2025. A user with a Link account can authorize an agent to check out at any Link-accepting merchant — which is most of the Stripe merchant base. The agent never sees the card; Link mints a constrained credential, the merchant gets paid through their normal Stripe integration, and disputes flow through the existing Stripe rails.

Stripe also co-authored the Agentic Commerce Protocol (ACP) with OpenAI, an open spec for how agents, merchants, and PSPs exchange the trust and authorization signals needed for safe agent transactions. ACP is the most widely-adopted neutral standard so far, used by Shopify, Vercel, and several large retailers.

Why merchants pick Stripe-based agent payments first: if you already accept Stripe, you accept agent traffic with no checkout rebuild. The token comes in, you charge it like any other token.

Visa Intelligent Commerce and the Visa Trusted Agent Protocol

Visa launched Visa Intelligent Commerce in April 2025 as the network's flagship agent commerce product. It has two parts that often get confused:

Visa Intelligent Commerce (the consumer-facing product). A program that lets cardholders link their Visa cards to approved AI agent platforms (OpenAI, Perplexity, Microsoft, Anthropic, and others were named launch partners) and grant those agents the ability to transact within user-set limits. The agent receives a tokenized network credential — not the PAN — that's bound to the agent's identity, the merchant categories the user allowed, and a spending cap.

The Visa Trusted Agent Protocol. A merchant-side protocol that lets a checkout endpoint cryptographically verify that an incoming agent transaction is (a) backed by a real Visa cardholder, (b) within the user's authorized policy, and (c) coming from a registered, vetted agent platform. The protocol piggybacks on existing 3-D Secure and tokenization infrastructure, so most issuers and merchants can support it without a parallel build.

Visa Intelligent Commerce is the closest thing the industry has to a network-level standard for agent payments. Its strength is reach — every Visa-accepting merchant and every Visa cardholder is, in principle, a participant. Its tradeoff is that it requires merchant adoption to unlock the verification benefits; without Trusted Agent Protocol on the merchant side, the transaction looks like a regular tokenized card-not-present charge.

Mastercard Agent Pay

Mastercard Agent Pay, announced in 2025 and rolled into broader availability in early 2026, is Mastercard's parallel offering. The headline features:

  • Agent-bound Mastercard credentials, similar to Visa's tokenized agent credential, that the cardholder issues to a specific agent platform with scoped permissions.
  • Conversational checkout integrations with Microsoft Copilot, IBM watsonx, and several major agent platforms — a key differentiator versus Visa, which leaned harder on consumer agent partnerships like ChatGPT and Perplexity.
  • A merchant-trust signal that flows through existing Mastercard SecureCode/EMV 3DS rails, letting acquirers verify the agent transaction without bespoke integration.

Mastercard also acquired or partnered with several agent identity startups in 2025 to strengthen the "is this a real authorized agent?" verification side, and announced an agent fraud-scoring service in early 2026.

Visa vs. Mastercard, in practice: for a US merchant, both will arrive through the same acquirer integration, and you generally don't choose one — you accept both. The interesting differences are at the issuer level (which cards your customers carry and which agent platforms those issuers have approved) and at the partnership level (Visa is more visible inside ChatGPT and Perplexity, Mastercard is more visible inside Microsoft Copilot and enterprise agent stacks).

American Express Agent Commerce

American Express moved later but landed substantively in late 2025 with Amex Agentic Commerce, focused on its premium and small-business cardholders. The differentiators:

  • Tighter spending controls and category gates — important for the corporate card use case where finance teams want to authorize agents to book travel or order supplies but not buy crypto or gift cards.
  • Membership Rewards integration, so agents can transact and earn/redeem points within the same flow.
  • Direct partnerships with vertical agents in travel and procurement, including pilots with major TMC and ERP platforms.

Amex's strategy is less "be everywhere" and more "be the best card to give your agent" — leveraging its premium and B2B base.

PayPal Agent Toolkit and Agent-Ready Checkout

PayPal launched the PayPal Agent Toolkit in 2025, offering:

  • An MCP (Model Context Protocol) server and SDKs that let agents create invoices, generate payment links, run refunds, and orchestrate PayPal and Venmo transactions.
  • An agent-ready checkout flow that accepts tokenized agent credentials and surfaces PayPal's existing buyer protection on agent-initiated purchases — a meaningful trust feature when the user wasn't physically at the point of sale.
  • Integrations with major agent frameworks including LangChain, CrewAI, and Vercel's AI SDK.

PayPal's pitch leans on its existing two-sided network — hundreds of millions of consumer wallets and tens of millions of merchants — and on dispute resolution, which is more developed for PayPal than for raw card transactions.

Coinbase x402 and Crypto-Native Agent Payments

The crypto rail entered the conversation seriously when Coinbase introduced x402, a payment protocol named after the long-dormant HTTP 402 ("Payment Required") status code. x402 lets an API or website respond to an agent request with a payment challenge that the agent can satisfy using a stablecoin (typically USDC) over an L2 like Base.

The pitch is simple: agents are software, and software pays best in machine-native money. x402 transactions:

  • Settle in seconds, not days.
  • Have no chargeback risk for merchants (a feature for some, a non-starter for consumer e-commerce).
  • Support micropayments at fractions of a cent — useful for paying per API call or per scraped page, less so for buying sneakers.

x402 is most interesting for machine-to-machine commerce — one agent paying another for data, compute, or API access — rather than consumer retail. But several agent platforms now offer it as an option alongside card-based rails, and it's the leading proposal for an agent-native payment protocol that doesn't depend on the card networks at all.

Agent-Native Credit Cards

A small but growing category in 2026 is the agent-native credit card — a card product designed from day one to be issued to or used by an AI agent rather than retrofitted from a consumer card.

The use cases:

  • Business agents with their own scoped corporate card for procurement.
  • Personal agents with a virtual card the user provisions specifically for AI-driven shopping, separate from the user's primary card.
  • Single-use agent credentials that auto-expire after one purchase or one merchant.

The major card networks now support this through their existing virtual-card infrastructure (Visa's Token Service, Mastercard's MDES) plus the agent-credential metadata layer added in 2025. A handful of fintechs — including issuers in the Stripe Issuing, Lithic, and Marqeta ecosystems — now market "agent cards" as a specific product, often with policy controls (max ticket size, merchant allowlist, time-of-day windows) that fit how agents actually behave.

How Merchants Should Choose What to Accept

For a typical e-commerce merchant in 2026, the practical answer is: accept everything, but invest first where your customers actually are.

A reasonable priority order for a Shopify or headless storefront:

  1. Stripe Shared Payment Tokens / Link for Agents — if you're on Stripe, this is the single highest-ROI integration. It unlocks ChatGPT, Operator, Perplexity, and Claude commerce flows with zero checkout rebuild.
  2. Visa Intelligent Commerce + Mastercard Agent Pay verification — these arrive through your acquirer for the most part, but you should explicitly enable agent-authentication signals at checkout so trusted agent traffic doesn't get blocked by fraud rules.
  3. PayPal Agent Toolkit — high-value if PayPal is already a meaningful share of your checkout. The buyer-protection story is a differentiator.
  4. Amex Agentic Commerce — turn it on if you sell travel, premium goods, or B2B; lower priority for mass-market consumer.
  5. Coinbase x402 / crypto agent rails — relevant today for API and B2B-machine commerce, watch-and-wait for consumer retail.

Above all, treat agent traffic as a first-class segment in your fraud rules. Several merchants in late 2025 reported losing real revenue because their fraud filters auto-declined tokenized agent transactions that were fully authorized — the credentials looked unfamiliar, so the rule fired. Whitelist trusted agent issuers and tune your decline thresholds for the category.

What's Coming Next

Three trends to watch through the rest of 2026:

  • Convergence of ACP and AP2. Stripe/OpenAI's Agentic Commerce Protocol and Google's Agent Payments Protocol overlap heavily. A single merged spec — or a clean compatibility shim — would meaningfully reduce integration cost. Conversations between the two camps were public at the end of 2025.
  • Issuer-side agent controls in consumer banking apps. Expect Chase, Bank of America, Capital One, and the major issuers to ship in-app controls for "which agents can use my card and for how much" alongside the network-level products described above.
  • The first major agent-payments fraud event. It hasn't happened yet at scale, but the security research community has demonstrated multiple attack paths. The first headline incident will reshape both regulation and merchant integration patterns.

The takeaway for any merchant or developer: the agent payments rails you needed in 2024 didn't exist. The ones you need now do. Wiring at least one of them up is no longer optional — it's the table stakes for showing up in the agentic channel.

Related reading:

Keep reading

More on agentic commerce.

Agent Commerce Standards

Agentic Commerce Protocol (ACP) vs. Agent Payments Protocol (AP2): The 2026 Standards Guide

What ACP (OpenAI/Stripe) and AP2 (Google + coalition) actually specify, where they agree, where they diverge, and how to plan an integration that won't need a rewrite in 12 months.

Read Agent Commerce Risk & Compliance

Agentic Commerce Risks in 2026: Prompt Injection, Fraud, and the Merchant Liability Question

The five new risk categories agent commerce introduces — prompt injection, agent impersonation, compromised authorization, merchant manipulation, cross-agent confusion — and how to mitigate them.

Read Agent SEO & Merchant Strategy

How to Optimize Your Shopify Store for ChatGPT, Perplexity, and Claude in 2026 (Agent SEO Guide)

Some Shopify merchants report 3–8% of checkout volume from AI agents. A practical 60-day playbook covering discovery, selection, agent-friendly checkout, and reorder loyalty.

Read