| Control layerBank-linked virtual cardsPrivacy.com | Full KYC, US bank account, issuing-bank records | High: merchant locks, spend limits, pause/close, API and webhooks | Checking account or card rails | Strong for capped SaaS tasks, weak for identity privacy | Mainstream subscriptions, API credits, short-lived research tools | Anonymous spend, sanctioned geography, or separating from bank identity |
|---|
| Prepaid merchant creditCrypto gift-card bridgesBitrefillCoinCardsCryptoRefills | Email, order, coin, merchant and region dependent | Medium: fixed value, no open card reuse, limited reversibility | BTC, Lightning, XMR, stablecoins or other crypto by provider | Good when the agent only needs one merchant balance | Retail credits, eSIMs, vouchers, account top-ups, small recurring needs | Merchants that later demand card verification or durable billing |
|---|
| Low metadata spendMonero-first merchant creditXMR CardsAnon Shop | Low if OPSEC, delivery and merchant redemption are clean | Medium: balance or order constrained, weak post-issuance recovery | Monero | Good for low-balance workflows with human receipt review | Private low-value online purchases and merchant-specific credit | High-value orders, fragile delivery, or refund-sensitive purchases |
|---|
| Card network bridgeCrypto or stablecoin virtual cardsSolvoCardTrocador Prepaid CardsCake Pay | Issuer, program, country and activation dependent | Medium: card balance and issuer controls, weaker than true policy APIs | Crypto, stablecoins or prepaid card programs | Useful test rail, but issuer and chargeback risk stays unresolved | Disposable card-style spend where merchant only accepts Visa/Mastercard | Critical accounts, large balances, unclear issuer terms or blocked regions |
|---|
| Native settlementDirect crypto merchantDirectory search | Depends on coin, wallet hygiene, account identity and network layer | Low by default: build policy, approvals and wallet separation yourself | Self-custodied crypto | Safe only when the agent proposes and a wallet/human signs | Crypto-native services, hosting, VPNs, wallets, private AI credits | Giving the agent wallet keys or exchange sessions |
|---|
| Human-in-loopSelf-hosted approval walletThreat model | Depends on funding source, wallet, logs, network and merchant account | High if policy engine approves, wallet signs, and balances stay tiny | Self-custodied crypto, internal credits, or scoped hot wallets | Best pattern for high-value or repeatable agent workflows | Agent drafts payment, human or policy service signs after checks | Untrusted browsing in the same runtime as keys or seed material |
|---|
| Do not defaultRaw bank card in agent runtime | Maximum: cardholder, bank, merchant, device and agent logs | Low unless wrapped by an external policy and issuer controls | Personal or business bank/card account | Poor default because compromise becomes direct money movement | Avoid except throwaway, low-risk personal automation | Anything sensitive, recurring, high-limit or hard to dispute |
|---|