OpenAI and Visa Partner to Embed Payments in AI Agents

OpenAI and Visa have announced plans to work together so AI agents may be able to make payments using Visa's system. The companies describe this as a secure and controlled experiment, not a full launch. Users might control payments with spending limits and approval steps, but the project appears to still be in the development stage. Experts warn there may be risks around fraud and who is responsible if something goes wrong. No launch date or locations have been confirmed yet.

The news that OpenAI and Visa partner to embed payments in AI agents marks a major step toward transactional AI. A Visa press release outlines a strategic collaboration to embed its payment network and security tools directly within OpenAI, allowing AI agents to initiate purchases for users. The companies describe this as a tightly controlled experiment in "agentic commerce" rather than a full consumer launch.

This move represents a practical first step in enabling conversational AI for real-world transactions. By leveraging Visa's established infrastructure for credentialing and risk, OpenAI can explore agent-based commerce without building a new payments framework from scratch. Analysts suggest this model could become a blueprint for other LLM providers seeking to integrate with established financial networks for settlement and compliance.

How the Collaboration May Work in Practice

The partnership will allow AI agents to make purchases using tokenized Visa credentials under strict user controls. Users can set spending limits, filter merchant types, and require manual approval for transactions. Visa's existing infrastructure for real-time authorization and fraud analysis will secure every payment.

Visa has detailed several user-controlled safeguards to ensure security and prevent unintended purchases:

Daily or per-transaction spending caps defined by the user
Mandatory confirmations for purchases above a chosen amount
Whitelists or blacklists of merchant categories
Session-based agent permissions that expire automatically
Continuous monitoring for anomalous agent behavior

As no launch date has been announced, observers believe the integration is still in an early development phase. Visa categorizes the initiative as part of its wider Intelligent Commerce program, which provides enterprise APIs and developer tools adaptable for agent-based applications.

Security and Liability Questions Under Discussion

Despite the planned safeguards, industry experts highlight significant unresolved risks. A brief from NASCUS warns that agent-driven payments introduce complex challenges in "authentication, authorization, fraud, and responsibility" when software acts for a person (NASCUS report). To counter fraud, cryptographic logs may be needed to prove user intent, especially as fraudsters are reportedly already testing AI agent vulnerabilities.

The question of liability also remains unanswered. The US Payments Forum notes that disputes could easily arise if an AI agent misinterprets a user's request and buys the wrong product, potentially increasing merchant chargeback risks until clear, standardized consent protocols are established.

Regulatory Expectations for Agentic Commerce

Legal experts affirm that existing payment regulations - such as the EU's PSD2, the UK's Consumer Duty, and US Reg E - will apply to AI-initiated transactions. Firms will be required to maintain immutable audit trails and provide transparent customer disclosures when an AI agent has purchasing authority. According to legal analysis, payment providers could be held liable for transactions later deemed unauthorized.

While an IMF note suggests agentic systems could one day automate compliance, it also identifies correlated agent behavior as a potential systemic risk. Currently, no specific privacy policy has been released for the joint effort, meaning data handling will likely fall under each company's existing terms of service.

While Visa and OpenAI have defined the project's initial scope and security framework, key details like a pilot launch date and available regions have not yet been confirmed.

What exactly will OpenAI and Visa deliver together, and when will users see it?

The two companies announced a strategic collaboration to let secure Visa payments run inside OpenAI experiences, focusing on agentic commerce. The stated scope covers Visa's global network, tokenized credentials, real-time authorization and fraud monitoring, all subject to user-defined spending limits, merchant categories and required approvals. No specific consumer launch date or phased rollout calendar has been released, so the exact moment buyers will first see the feature remains unknown.

How will an AI agent know what it is allowed to buy on my behalf?

Each transaction will be pre-approved through user-set permissions and spending rules. Examples given include spending caps, merchant category restrictions and the option to require final human approval before the agent completes checkout. The system is explicitly designed so that authorization, consent and audit trails are machine-readable and retrievable, giving users a way to challenge or reverse agent actions.

What happens if the agent makes a purchase I did not expect?

According to industry reports, a significant portion of consumers don't expect to bear the blame for an unauthorized or mistaken agent-led purchase. Many consumers would blame the AI platform while others point to the merchant. Industry guidance published by Taylor Wessing and Linklaters makes clear that existing PSD2 and AI Act rules already require clear liability mapping between customer, issuer, merchant and platform before any agentic service can go live. In practice, Visa and OpenAI will need to publish explicit dispute allocation terms describing who absorbs the loss when an agent misreads intent.

How will fraud be stopped if the shopper is no longer human?

Industry security experts warn that rogue agents, credential hijacking and "intent drift" are real threats. The announced architecture responds with tokenized Visa credentials, step-up authentication and continuous fraud monitoring, but the largest unresolved gap is lack of industry-wide standards around per-transaction authentication for non-human actors. Until standards arrive, every participating issuer and acquirer will apply its own risk model, so fraud acceptance rates and chargeback levels are still a moving target.

Are regulators ready for AI agents to move money?

The short answer is no new AI-payments rulebook exists yet, but every existing regime still applies.
- In the EU, PSD2, DORA and the AI Act already capture agent-initiated payments if they make consequential financial decisions.
- In the UK, regulators have identified agentic payments as a regulatory priority.
- In the US, sector guidance confirms that consumer protection and payments rules still need to be satisfied, and regulators are actively assessing how human-driven statutes map to machine-driven transactions.
For development teams, the minimum compliance checklist is explicit authorization design, immutable audit logs, transparent agent disclosure and mapped liability terms before launch.