Last week I wrote about MPP and x402 solving the internet’s original sin: the inability of machines to pay machines without a human in the loop. This week, Visa made that argument a lot easier to make.
Visa Crypto Labs quietly launched Visa CLI, a command line tool that gives AI agents a wallet. One npm install. One setup command. And your agent can pay for anything on the internet, charged to a real Visa card, without an API key, without a pre-funded crypto wallet, without human intervention.
I got beta access this week and tested it. Here’s what I learned, and why I think the CLI is the most important signal yet that the incumbent payment networks are serious about the agentic commerce era.
CLI: Agents Have a Wallet
The core insight behind Visa CLI is deceptively simple: AI agents need to spend money, and the current infrastructure makes that unnecessarily hard. You either pre-fund a crypto wallet, manage API keys for each service, or require a human to approve every transaction. None of those work at agent scale.
Visa CLI removes all three friction points. Install it, authenticate with GitHub, add a card and your agent has a wallet. From that point on, any service that returns an HTTP 402 “Payment Required” response can be paid automatically. The agent sees the charge, the amount, and the merchant name. Payment completes. The agent gets what it paid for.
That’s the same flow I described in my MPP post and also the described as the “skinny master account” by Simon Taylor as the future of agentic spend. A human grants intent (a budget, a card, a daily limit). The agent executes autonomously within those guardrails. No human in the loop for each transaction. Visa CLI is that model, shipped as a developer tool, running on card network rails.
CLI Is Your Agent’s Wallet — Not Yours
This is the framing worth sitting with: Visa CLI is not a payment tool for humans. It’s a wallet for agents.
The MCP server that ships with it registers directly in ~/.claude.json — the config file for Claude Code and other AI coding environments. When your agent needs to pay for something, it doesn’t ask you. It calls the pay tool, reads the merchant’s 402 response, shows you the charge, and completes the transaction. The agent is the economic actor. You’re the cardholder setting guardrails.
I tested this against Ask Tom, my own payments intelligence endpoint that speaks MPP/x402. The agent hit Ask Tom, received a proper 402 challenge with amount and merchant name, and Visa CLI processed the payment — $1.00, charged to the enrolled Visa card, no human intervention required. Ask Tom answered the query. The full loop closed (my CLI wallet paid my Stripe account). No API keys. No crypto. Just HTTP 402 and a card on file.
Governance: The Hidden Value of Networks
Stablecoins could certainly also play here, BUT they are final, irreversible, and carry no qualification of either party to the transaction. There is no certification of the agent making the payment, no certification of the merchant receiving it, and no ruleset governing what happens when something goes wrong.
Visa CLI changes that calculus entirely. By sitting between the agent and the merchant, Visa certifies both the enrolled agent identity (authenticated via GitHub and biometric) and the registered merchant endpoint. More importantly, Visa brings its existing operating ruleset to agentic commerce. For consumer-enabled payments, Visa will likely specify a minimum form of consumer authentication (the Touch ID prompt is the current expression of this) and a minimum form of consumer authorization, including the necessary data elements that must be present for a transaction to be valid. That governance layer is invisible when everything works and it enables SCALE, because you don’t want to try to bring a chain of mandates into small claims court. Stablecoins have no equivalent because there is no commercial agreement governing all parties to the transaction. The card network has been solving this problem for fifty years.
Visa and Stripe Both Bet on x402 — In the Same Week
The timing here is not a coincidence. On April 2nd (the same week Visa CLI launched) the x402 Foundation was announced under the Linux Foundation, with Coinbase contributing the protocol and a founding governing body that includes Cloudflare, Stripe, and Visa.
The full founding member list reads like a who’s who of internet infrastructure: AWS, American Express, Circle, Fiserv, Google, KakaoPay, Mastercard, Microsoft, Polygon Labs, Shopify, Solana Foundation, Adyen, and more. This is not a crypto sideshow. This is the internet’s payment layer being rebuilt in the open, by the people who run the internet.
Stripe’s quote from the announcement: “Stripe is building financial infrastructure for the agentic commerce era, and open protocols are an important part of creating that.”
Cloudflare’s: “By moving the x402 protocol under the stewardship of the Linux Foundation, we are ensuring that the future of agentic commerce remains neutral, interoperable, and accessible to everyone.”
This is convergence. Stripe has MPP (Machine Payments Protocol) on its Tempo blockchain. Visa has CLI. Both are implementing x402 as the merchant-facing standard. The “internet’s original sin” is being fixed in real time, and the card networks are leading the charge.
Why Card Networks Win This Race
In my MPP post I argued that the winner in agentic payments WILL NOT be the most decentralized protocol it will be the one that most effectively manages trust and permissioning. Stripe and Visa, as the incumbent trust layers of the internet, are better positioned to solve the agentic spend problem than a pure-crypto protocol.
Visa CLI makes that case in concrete terms:
- Dispute resolution exists. When an agent makes a bad purchase, a Visa chargeback is a known, trusted mechanism. There’s no equivalent in a pure crypto payment rail.
- Consumer protection travels with the card. Liability protections, fraud monitoring, cardholder agreements — all of it comes with the Visa card. The agent inherits those protections automatically.
- Merchants already accept Visa. A merchant that adds x402 support doesn’t need a new payment rail — Visa CLI charges to a card the merchant’s acquirer already settles.
- Spending controls are first-class. Max per transaction. Daily limits. Biometric approval. Enterprise-grade controls for agent wallets, not afterthoughts.
The crypto-native protocols (Circle’s Nanopayments on x402/USDC, Coinbase’s Base) solve the micropayment problem elegantly for sub-cent transactions where card economics don’t work. But for dollar-denominated services — API calls, expert queries, data feeds, content access — Visa CLI on x402 rails is the path of least resistance for both agents and merchants.
What This Means for Merchants
If you run a service — an API, a data feed, an expert Q&A, a content paywall adding x402 support is now worth doing. The merchant-side integration is three steps:
- Return HTTP 402 with a JSON body containing
amount,currency, andmerchantNamewhen an unauthenticated agent hits your endpoint - Handle the credential the agent presents on retry — verify it with the payment provider’s backend
- Serve the response
No SDK required on the merchant side. No new payment rail. The x402 Foundation’s mission — neutral, interoperable, open — means a merchant who implements x402 today will be compatible with Visa CLI, Stripe’s MPP, Circle’s Nanopayments, and whatever wallets emerge next. One standard, many wallets. That’s how open protocols win.
The Bigger Picture
The question I asked in my MPP post was: who manages trust and permissioning in a world where agents spend money autonomously? The answer emerging this week is: the same entities that manage it today Visa, Stripe, and the open protocols they’re jointly stewarding.
Visa CLI is a beta product. It’s early. But the architecture is right agent wallet, card network rails, x402 standard, spending controls baked in. The infrastructure for agentic commerce is being built in the open, by the incumbents who know how to run it at scale.
Your agent is getting a wallet. And Visa is one of the companies handing it to them.
Related reading: MPP and X402 — Solving the Internet’s Original Sin · UCP Enables a New Economy · Governance in Payments
Agree on the signal. The interesting part is not just that incumbents are taking agentic payments seriously, but that players like Visa and Stripe are trying to move up the stack into agent identity, delegated authority, controls, and trust, which may be the bigger prize.
The real question is where that stack consolidates. In some cases, incumbents may successfully bundle both payment rails and the trust layer above them, especially where merchant acceptance, dispute rights, liability frameworks, and consumer protection matter. In other cases, they may remain the payment layer while identity, policy, delegation, and evidence sit with enterprise-side or middleware players. And in internet-native, high-frequency, low-value environments, they could still lose share to players better suited to micropayments, programmable settlement, and non-card-native economics.