Stripe is trying to own the approval layer before AI agents start shopping

As AI shopping assistants get closer to real checkout, the hard question is not whether a model can click "buy." It is who gets to hold payment authority when software starts spending on a person's behalf. Stripe, the payments company, wants to sit in that slot with a wallet that lets users approve each purchase request and release a one-time-use card, instead of handing an agent the underlying credential.

That matters because Stripe is no longer talking about agentic commerce as a future protocol problem. In launch materials tied to its Sessions event, the company said Link, its consumer wallet with more than 250 million users globally, can now give agents programmatic access to request payment while keeping the real card or bank details hidden. TechCrunch reported that users connect an agent to Link through a standard sign-in and permission flow, then review a spend request before approving it.

The useful part here is the trust plumbing underneath the demo. In a post on giving agents the ability to pay, Stripe said Link's wallet for agents sits on top of Issuing for agents, a card product that can approve or deny transactions in real time through webhooks. The same launch also gives agents access to either a one-time-use card or a Shared Payment Token, a limited payment credential that can be scoped to a merchant, capped by amount, and revoked later.

That is a more concrete answer to agent checkout than the usual "just let the bot pay" hand-waving. Stripe wrote last year that trust in agentic commerce has to be "explicitly granted, scoped, and enforced in code," and the current product reflects that caution more than any autonomy pitch. Each request currently requires a person's review before the credential is shared with the agent. The agent can ask. The human still says yes.

That also clarifies what Stripe is actually selling here. The company has been assembling a control surface with Link as the wallet, Shared Payment Tokens as the scoped credential, and Issuing as the authorization rail underneath. The fight is not over whether software will shop. It is over who mediates the payment credential when it does.

The liability problem explains why that layer matters. In March, PYMNTS reported that liability remains a sticking point for agentic commerce adoption, citing Stripe president John Collison's argument that the market still needs clearer rules around who is responsible when an AI agent makes a purchase. An independent analysis at Fintech Wrap Up made the same point more bluntly: scoped tokens may protect consumer credentials, but they do not automatically settle merchant disputes over whether the purchase matched the buyer's intent.

Stripe's own public posture has been careful on that front. In February, Payments Dive reported that the Collison brothers expected agentic commerce to arrive in "small chunks," not as one clean leap to autonomous checkout. Link for agents looks like exactly that: less a robot shopper set loose on the web than a permissioned wallet flow that makes delegated spending legible.

That is why the current limits matter as much as the launch itself. TechCrunch reported that Stripe plans future controls for spending limits and cases where an agent could act without asking each time. For now, though, the product is making the opposite argument. Autonomous commerce does not get trusted by hiding the approval layer. It gets trusted by turning approval into infrastructure, then seeing whether users, merchants, and rival payment networks accept Stripe in the middle.