Stripe's Link Wallet Hands AI Agents One-Time Cards So Yours Never Leaks
Stripe launched Link for AI agents at Sessions 2026 on April 30, issuing a fresh virtual card for every agent purchase so users grant OAuth access without exposing real payment credentials. The mechanism makes Stripe's new Issuing for agents platform the default rail for agent commerce, while Mastercard's Verifiable Intent protocol pushes a cryptographic audit trail as the rival trust layer. Users approve each spend request with context before any funds move.
What Link for agents actually does
Link is a wallet that sits in front of cards, banks, crypto wallets, and BNPL accounts. The agent-facing piece is built on Issuing for agents, which spins up a virtual card scoped to a single transaction. The agent never sees the underlying card number, expiration, or CVV. According to Stripe's Sessions 2026 launch summary, "your real payment details are never exposed to the agent."
The workflow looks like this. Users grant the agent access through an OAuth flow, similar to giving a third-party app limited Google Drive access. The agent creates a spend request, attaches the context (what's being bought, where, how much), and waits for approval. Once the user signs off, Stripe issues a one-time-use card with real-time authorization and spending controls. Agentic tokens, stablecoins, and approval-free actions are all on the roadmap, per TechCrunch's coverage of the launch.
This is a meaningful design choice. Most agent commerce schemes I've seen handle authorization with persistent keys or shared credentials, which is roughly the same trust model as letting your kid borrow your debit card. Stripe's version is closer to a barista handing you a fresh receipt slip every time, which is harder to abuse but also harder to retrofit if your stack assumes a stable card-on-file.
Why this matters more than the 288 launches headline
Stripe announced 288 product launches at Sessions 2026, which is the kind of number designed to make the agent piece sound like one of many. It isn't. Will Gaybrick, Stripe's president of technology, told the room that "agents are autonomous economic actors responsible for most internet transactions, and just as agents work faster than we do, they're going to spend money a lot faster too." Read that as a positioning statement, not a sound bite. Stripe is angling to be the rail for that flow.
The supporting evidence is the Google partnership. Stripe and Google announced businesses can now sell directly inside AI Mode and the Gemini app, with Quince, Fanatics, and JD Sports as launch participants, Payments Dive reported. Stripe already had agentic commerce integrations with OpenAI, Microsoft Copilot, and Meta. Add Wix, BigCommerce, and WooCommerce as platform partners and the rail starts to look like default infrastructure rather than a feature.
Patrick Collison framed it as "the entire economy is re-platforming." Stripe was last valued at $159 billion in a February 2026 tender offer, so the upside they're underwriting is real money, not theory.
For marketers, the implication is the harder version of what Anthropic's 186 agent-to-agent deals experiment surfaced earlier this month. If agents end up doing meaningful purchasing, the merchants whose sites work for agents will quietly compound while everyone else's CAC keeps climbing. Stripe just made the merchant side of that easier.
Where Mastercard's Verifiable Intent disagrees
There's a parallel standards fight underway, and Stripe's launch makes it more visible.
On March 5, 2026, Mastercard and Google announced Verifiable Intent, an open-source cryptographic framework that produces a tamper-resistant proof tying a user's identity, their specific instructions, and the eventual transaction outcome into a single record. It uses a technique called Selective Disclosure so each party in the chain only sees the data they need. Mastercard pulled launch commitments from Fiserv, IBM, Checkout.com, Basis Theory, and Getnet.
The Stripe and Mastercard models aren't doing the same thing. Stripe is solving "the agent shouldn't see my real card." Mastercard is solving "if a transaction goes wrong, you need a cryptographic audit trail of who told whom to do what." From what I've seen, these are complementary on paper. In practice, the merchant integrations look different enough that whichever standard wins the next 12 months gets to define what "the agent had permission" actually means in a chargeback dispute.
Mastercard's framing on this, which we covered separately in our piece on Verifiable Intent and brand signals, suggests dispute resolution is where the real trust battle gets decided. Stripe's choice to bury that piece under issuing-side controls is a bet that merchants would rather not deal with the cryptography at all and just want a clean refund path. I think that bet is right for the next 18 months and probably wrong after that, once the first big chargeback case forces the question into the open.
The fraud number Sessions skipped over
One disclosure from the announcement deserves more attention than it got. Stripe's Radar team said one in six attempted sign-ups now involves bad actors, free trial abuse roughly doubled over six months, and Radar blocked over 3.3 million risky sign-ups across eight high-growth AI businesses in a single month. Those are real numbers, and they're worse than I expected.
Pair that with Anthropic's recent finding that across 186 agent-to-agent negotiations, the losing agents typically couldn't tell they had lost. That gives you the actual problem with agent commerce. Once an agent is authorized to spend, neither the agent nor the merchant has good signal on whether the transaction made economic sense for the buyer. The one-time card design helps with credential theft. It does very little for the "agent paid 22% over fair price because the seller's agent gamed the negotiation" failure mode.
From what I've seen of the early agent commerce demos, the next year of stories will be less about whether agents can pay and more about whether anyone can prove the price was reasonable. Stripe's roadmap mentions agentic tokens but not adversarial pricing, and that's a meaningful gap.
What to audit on your stack this week
If you sell anything through a website that an agent could plausibly reach, three checks are worth running before this gets bigger.
First, verify whether your checkout actually accepts Link for agents tokens or one-time virtual card numbers without flagging them as fraud. Stripe's own Radar handles that for Stripe merchants. If you're on a non-Stripe processor, your fraud rules probably weren't tuned for one-time cards from an agent IP, and the false-positive rate will hurt you before the upside does. The benchmark to watch is decline rate on first-time card numbers above the 3-4% range you'd normally tolerate.
Second, look at how your platform identifies agent traffic versus human traffic in analytics. If your stack treats agent purchases the same as human ones for retargeting, you'll burn ad spend chasing agents back to your site. Most of the marketers I've talked to assume their analytics handles this. From what I've checked, almost none of them do, and the user-agent strings agents send aren't standardized yet.
Third, decide your stance on agentic tokens before they ship. Stripe says support is coming "soon," which usually means the integration window is shorter than the planning cycle most marketing teams run. If you're a CMO, the question to put on the next ops review is whether your team has a default stance ("we accept them," "we route them through manual review," "we block them") or whether you'll find out the day a finance audit flips the script.
The wallet launched. The card numbers are now disposable. The harder questions are about what happens after the charge clears, and Stripe's pitch is that you should not have to think about them. From what I've seen, that's true until the first chargeback case where the audit trail matters, and then it really isn't.
Notice Me Senpai Editorial
