As of June 2026
Stripe Shared Payment Tokens are the agentic-commerce headline. Anyone who designed a card tokenization rollout in 2014 saw the pattern in five seconds. It is a broker sitting between a fragile credential and a stable interface, and payments has been building it for twelve years.
A Shared Payment Token is a scoped surrogate credential. The buyer authorizes once, the agent receives a token, and Stripe brokers fraud, authorization, and spend caps down to the real rails. New label, old shape.
Shared Payment Tokens
Scoped token
authorize once, the agent gets a token, and Stripe brokers fraud, auth, and spend caps to the real rails.
Visa Token Service
2014
the same shape twelve years earlier - tokenized PAN out front, real account number locked behind the network.
Tokens issued
10 billion+
Visa alone has issued more than 10 billion network tokens since 2014 (Visa, 2024).
The pattern, stated plainly
Visa Token Service launched this exact mechanic in 2014: a tokenized PAN at the front, the real account number locked behind the network, and scoped tokens the consumer can revoke. Visa alone has issued more than ten billion of those tokens since. The shape is a thin stable interface at the front, brokered complexity behind it, and credentials the user can scope and kill. That is what an SPT is, one layer up.
Same shape, different layer
I recently open-sourced mcp-broker, which is the same pattern applied to AI tooling rather than payments. Four tool names sit at the front, every upstream MCP server is brokered behind them, and the agent never sees a raw schema until it asks for one. The credential being protected is different. The architecture is identical.

Every new primitive in AI agent commerce is going to look like a payments primitive. Payments has been brokering credentials longer than any other domain has had to.




