Skip to main content
Agents operate across two distinct economies:
  • The traditional web runs on cards. Amazon, Shopify stores, SaaS checkouts, and most traditional merchants rely on card payments. Users expect familiar properties like card rewards, refunds, and chargebacks.
  • The agentic web runs on stablecoins. x402 and MPP-gated APIs, micropayments, and machine-to-machine settlement require stablecoins. Cards don’t work here since fees, chargebacks, and merchant account constraints make small or programmatic payments impractical.
Most agents need both, so Crossmint provides cards and stablecoin wallets as first-class primitives. Making an agent pay well comes down to two things: giving it spending power under rules your users control, and routing each payment to the right destination.

Spending power & rules

You cannot give an agent unrestricted access to money:
  • Credentials can be leaked
  • Agents can overspend or behave unexpectedly
An agent with unlimited access is a liability. The goal is not just “agents can pay”, it is “agents can pay securely without exposing sensitive data.” Each instrument enforces this differently:
  • Cards. The user’s real card is stored in a PCI-compliant vault. Users give agents permissions to use their card with spending rules (amount, merchant, duration), enforced at the network level via Visa VIC and Mastercard Agent Pay. The agent never sees the real card number — developers never handle sensitive information. Each agent card has two time dimensions: the period controls how often the spending limit resets (for example, weekly or monthly), while the expiry (expiresAt) controls when the permission itself stops working. These are independent — a monthly spending limit does not automatically keep the permission alive for a month. If no expiry is set, the permission defaults to seven days. See Create an Agent Card for details.
  • Stablecoin wallets. The user owns a non-custodial wallet and grants the agent scoped permissions (spend limit, counterparties, time window), enforced onchain. Developers and agents never take custody of funds.
Diagram: a user verifies their card once via Visa VIC or Mastercard Agent Pay, and agents receive scoped permissions with spending rules
Every instrument is set up through a user flow — a hosted, customizable UI where the user explicitly delegates access. Every delegation is explicit, scoped, and revocable, so the user stays in control. Crossmint provides the UI components and signing flows; you wire them into your product.
1

User saves a card

Via a Crossmint-hosted secure iframe.
2

User verifies the card for agentic use

This step links the card to the agent card rails.
  • Happens in a Crossmint component
  • User verifies ownership (e.g. email code or bank auth)
  • A passkey is created for future approvals
3

The user sets spending rules and allows payment

The developer requests an agent card with spending rules (amount, merchant, expiration). A network modal (Visa/Mastercard) appears and the user confirms using their passkey.
4

Agent pays using a secure card number

Each approved payment returns a secure one-time card number that only works within the spending rules — never the real card number. The agent uses it in checkout or APIs.

Where agents spend

Once an agent has funded, rule-bound spending power, a payment still has to reach its destination. The right rail depends on where it is paying.

Machine-native payments

To pay APIs and other agents, the agent settles in stablecoins directly:

Merchant checkout

Buying from a real merchant is the hard part. Today an agent has three options, and each falls short:
  • Buy through the merchant’s API — if one exists. Most merchants have no way to purchase programmatically at all.
  • Use an emerging agentic commerce protocol (UCP, ACP, …). These help where a merchant has adopted one, but they typically hand back a checkout link rather than completing the payment — and most merchants haven’t adopted any of them yet.
  • Drive a browser yourself. This works anywhere, but it’s slow and expensive: with today’s frontier models a single checkout can burn several dollars in tokens, and a hand-rolled agent isn’t optimized for it.
Agent Checkouts unifies all three behind one API — and makes it cheap. Hand it a product and a spending cap, and it:
  • Picks the right rail per merchant — an agentic commerce protocol where one exists, and an optimized browser session as the universal fallback everywhere else. Crossmint runs and tunes that session, so you’re not paying frontier-model prices to drive a browser on every purchase.
  • Completes the payment, not just the cart — end to end, with any method the merchant accepts: a Crossmint Agent Card, another agent-card provider (Ramp, Link, …), a card already on file from a logged-in account, or a local method like Shop Pay, bank transfer, or Bizum.
  • Stays within your spending rules — you set a hard cap and the checkout never spends above it.
The result: your agent can buy anything, anywhere — without wiring up a separate integration per merchant, or burning dollars in tokens per checkout.

Choose your path

Cards quickstart

Build an agent paying with agent cards.

Wallets quickstart

Build an agent paying with stablecoins.

Checkouts quickstart

Buy from any merchant with a single API.