- The merchant accepts cards but not stablecoin
- You need chargeback rights (disputes protected by network rules, not just platform policy)
- Settlement in the merchant’s local currency without FX round-trip
- Card-issuer rewards / rebates matter for your agent’s economics
How it fits
/v1/cards— network configuration + Web Bot Auth verification/v1/cards/vault— tokenized card storage per agent
Supported networks
| Network | Program | Status |
|---|---|---|
| Visa | Intelligent Commerce (VIC) | GA |
| Mastercard | Agent Pay | GA |
| Amex | — | Not yet |
| Discover | — | Not yet |
Web Bot Auth verification
Both VIC and Agent Pay require agents to authenticate with a signed bot-identity token on each transaction. Sly verifies these on your behalf:{ verified: true, network_ref: "visa_vic_abc..." } or a specific rejection reason.
On success, the network_ref can be used as an authorization token for the card transaction.
Vault a card
Agents can’t carry raw PAN. Instead, a card is vaulted (tokenized) through your connected payment processor (Stripe / Adyen / etc.), and the agent references the vault entry:card_vault_id. Cards are stored tokenized at your processor — Sly never sees PAN or CVV.
Set spending limits per card
Separate from agent-level wallet policies, you can cap usage on a specific vaulted card:List vaulted cards
last_four, brand, expiry, label, and current spend counters against limits.
Per-card transaction history
paymentMethodId, type, status, amount, merchantName, cardLastFour, isDisputed.
Remove a card
Endpoints
| Endpoint | Purpose |
|---|---|
GET /v1/cards/networks | List configured networks + status |
POST /v1/cards/verify | Verify Web Bot Auth signature (VIC / Mastercard Agent Pay) |
POST /v1/cards/vault | Tokenize + store a card |
GET /v1/cards/vault | List vaulted cards |
POST /v1/cards/vault/:id/limits | Set per-card spending limits |
GET /v1/cards/vault/:id/transactions | Per-card history |
DELETE /v1/cards/vault/:id | Remove vault entry |
GET /v1/card-transactions | Aggregate card transactions |
Disputes on card rails
Card transactions dispute through the card network, not Sly’s own dispute flow. Partners get a window (typically 120 days from the transaction) to respond with evidence. See handle disputes for the Sly-side workflow. Sly surfaces network-originated disputes ascard.dispute.opened events on your webhooks.
When not to use card rails
- Micropayments under ~$1 — card interchange makes them uneconomic; use x402 or MPP stablecoin instead
- Cross-border payouts — card networks charge FX margins; UCP with stablecoin settlement is cheaper
- Agent-to-agent — no card-network support; use A2A with stablecoin
Prerequisites
- Active merchant account with either Stripe or Adyen (connected via OAuth — see e-commerce onboarding)
- Agent at KYA Tier 1 or higher (card networks reject Tier 0 for identity reasons)
- Enrolled in VIC and/or Agent Pay programs (check
/v1/cards/networksstatus)
