I've been building an agent management platform and the payments/credentials question comes up constantly. Our approach has been to separate 'what the agent knows' from 'what the agent can do' -- agents have their own credential stores with platform-specific OAuth tokens, API keys, and account details, but the execution layer is sandboxed.
For spending money specifically, the pattern that seems safest is: agent proposes action with cost estimate, human approves via a notification (Telegram, email, etc.), then the backend executes the actual payment call. The agent never touches raw card data. Prepaid virtual cards with low limits are probably the most pragmatic path for autonomous spending today.
Re: your question about trusting an agent with $500 -- I'd trust it with $500 in API credits (worst case: wasted compute), but $500 on an e-commerce site is a different risk profile entirely because you can't easily reverse a physical goods purchase.
The Visa/Mastercard announcements are interesting but feel premature. The missing piece is standardized agent identity and capability declarations -- something like 'this agent is authorized by user X to spend up to $Y on category Z'. That's more of an identity/permissions problem than a payments problem.
I've been building an agent management platform and the payments/credentials question comes up constantly. Our approach has been to separate 'what the agent knows' from 'what the agent can do' -- agents have their own credential stores with platform-specific OAuth tokens, API keys, and account details, but the execution layer is sandboxed.
For spending money specifically, the pattern that seems safest is: agent proposes action with cost estimate, human approves via a notification (Telegram, email, etc.), then the backend executes the actual payment call. The agent never touches raw card data. Prepaid virtual cards with low limits are probably the most pragmatic path for autonomous spending today.
Re: your question about trusting an agent with $500 -- I'd trust it with $500 in API credits (worst case: wasted compute), but $500 on an e-commerce site is a different risk profile entirely because you can't easily reverse a physical goods purchase.
The Visa/Mastercard announcements are interesting but feel premature. The missing piece is standardized agent identity and capability declarations -- something like 'this agent is authorized by user X to spend up to $Y on category Z'. That's more of an identity/permissions problem than a payments problem.