Crossmint launched a public Agentic Cards API on June 2, giving developers a way to let eligible U.S.-issued Visa credit and debit cardholders authorize AI agents to make payments on their behalf. The product turns card access into a scoped, programmable credential, rather than requiring agents or third-party tools to handle raw card numbers.
The integration brings together three layers: Crossmint’s developer API and payment orchestration, Visa Intelligent Commerce for AI-ready payment credentials and network safeguards, and Basis Theory as the independent vaulting layer for sensitive card data. The core design goal is controlled delegation, where an agent can transact only within the permissions granted by the user.
Tokenized Credentials Become the Control Layer
Crossmint says end users can create tokenized credentials linked to existing Visa cards through Visa Intelligent Commerce Connect, subject to issuer approval and applicable controls. Card numbers and CVCs are protected through tokenization and vaulting, while agents receive limited payment authority rather than direct credential access. That separation is what makes agentic payments operationally viable for developers.
Basis Theory’s role is the security anchor. The company provides PCI Level 1 and SOC 2-certified vaulting infrastructure, storing sensitive payment data outside the agent environment and issuing scoped credentials for specific transaction use cases. The agent gets permission to pay, not possession of the card.
The guardrails are practical: spend limits, merchant restrictions, approval rules, revocable access and auditable logs. Crossmint’s own Agentic Cards product page describes credentials tied to specific agent identities, with user-defined permissions and real card numbers kept out of agent tools. The product is built around limiting autonomous authority before execution, not fixing risk after the transaction.
Developers Get One API for Agentic Commerce
The immediate value is abstraction. Crossmint is positioning the API as a single surface for agentic card payments, wallet primitives and stablecoin-enabled flows, reducing the need to stitch together vaulting, card-network credentials, fraud controls and payment orchestration manually. That could lower integration friction for platforms building AI procurement, travel booking, subscription management or API monetization.
Visa’s broader Intelligent Commerce strategy also supports multiple agentic payment standards and emphasizes tokenization, authentication, spend controls and fraud mitigation. That matters because agentic commerce needs payments infrastructure that can distinguish authorized agents from ordinary bot traffic, while preserving buyer protections and merchant acceptance.
Crossmint also highlights a Merchant-of-Record model for certain agentic checkout flows, where it handles returns and chargebacks while agents purchase goods, software, flights and other services through API-based commerce. That shifts part of the operational burden away from integrators, especially teams that do not want to manage dispute workflows directly.
The stablecoin layer adds another route for settlement and reconciliation. Crossmint’s agentic payments stack supports stablecoin wallets, on-chain payments and x402-compatible flows, giving builders a way to combine card credentials with crypto-native settlement where appropriate. The result is a hybrid payments architecture, not a pure card product or a pure stablecoin product.
The launch points to a larger shift in commerce infrastructure. AI agents are moving from recommendations to execution, and payments now need delegation, auditability, revocation and liability controls built in from the start. Crossmint’s bet is that agentic commerce will scale only if users keep control while agents gain enough authority to act.
