Crossmint Launches Secure Visa Payment API for AI Agents

Stablecoin and wallet infrastructure provider Crossmint has announced the public launch of its agentic card payments API.

Built in collaboration with Visa Intelligent Commerce and Basis Theory, the new infrastructure allows developers to let eligible US-issued Visa credit and debit cardholders use their payment cards directly within AI agent systems.

Mitigating financial fraud

 A review of published OpenClaw skills revealed that card credentials were left exposed in 7.1% of cases – an unacceptable liability for corporate treasury and compliance departments.

Without standardised infrastructure, developers have relied on ad-hoc payment workarounds that invite corporate fraud and data breaches. 

Crossmint’s new API directly targets this vulnerability by embedding card-network-compatible security mechanisms directly into the agent transaction flow.

“The agentic economy has been missing its most basic piece of infrastructure: a secure, open payment layer that can work for every agent, on every platform,” says Crossmint Co-Founder Alfonso Gómez-Jordana Mañas.

 “Now developers can give their users the ability to equip agents with a payment method that’s scoped, under their control and built on trusted payments infrastructure.”

Institutional-grade compliance

From a corporate treasury perspective, the integration shields companies from the regulatory nightmare of handling raw financial data. 

End users access Visa Intelligent Commerce Connect to create tokenised credentials linked to existing accounts, which remain subject to explicit issuer approval and pre-set spending controls.

Crucially, the raw card numbers and CVC codes are locked away using advanced tokenisation and vaulting. 

By limiting the transaction scope, AI agents never actually see or store sensitive financial data.

This structural separation ensures that payment information is handled entirely within PCI compliance requirements, bypassing the steep operational costs and data-handling complexities that usually burden software builders.

"As consumers begin to delegate tasks to AI agents, maintaining control and security in payments is critical," says Tanner Riche, VP, Growth Products and Partnerships, Visa.

 "Visa Intelligent Commerce is designed to support these experiences by enabling solutions consumers can employ to authorise agent-driven payments with clear limits, without exposing their underlying card details.”

Scaling the B2B infrastructure

The technical foundation of the credential layer relies heavily on Basis Theory, which maintains PCI Level 1 compliance and SOC 2 certification. 

By anchoring the API to institutional-grade security benchmarks, Crossmint ensures that highly sensitive financial data is vaulted independently of the vulnerable AI agent environment itself.

"Secure agentic payments require the same PCI-compliant infrastructure that underpins the broader payments ecosystem,” says Colin Luce, Co-Founder and CEO of Basis Theory. “Crossmint is built on that foundation. Agents transact. Credentials stay vaulted. That's the standard every agentic payment layer should be held to."

Crossmint has already introduced the capability into its own AI payment tool, lobster.cash, which integrates into major developer and agent platforms including Claude Code, OpenClaw, Hermes, and Zo Computer. 

Alfonso notes that this provides immediate, real-world utility for businesses looking to safely operationalise autonomous spending. With Tanner and Colin aligning their respective payment giants behind the launch, the partnership establishes a standardised financial architecture for autonomous digital commerce.