Unlocking Agentic Payments on Kite: Native Identity, Trust, and Payments for AI Agents

At ETH Denver 2026, Vikas Pandey from Kite AI kept coming back to one practical question: what happens when an agent finds the right API, has the right permissions, and still gets stuck because a human has to click “approve” on the payment? That is the point where a lot of “agentic” products quietly turn back into workflows with a person in the middle.

That’s why Kite’s argument matters. The agentic web does not become real because we made prompts better. It becomes real when an agent can prove who it is, get trusted by a service, and complete a payment end to end without a human babysitting every step. We have all seen the demo that works once and the production flow that falls apart on retries, rate limits, fraud checks, or a failed receipt callback. That gap is the actual product problem.

Kite’s core argument: identity comes before commerce, not after it

Pandey’s framing works because it treats identity as infrastructure, not as a nice-to-have label. A human can get by with a browser session and a saved card. An agent cannot. If an API, merchant, or protocol cannot tell whether the caller is a legitimate agent, we end up with brittle allowlists, manual review queues, and a lot of “please log in as a human” dead ends.

We already know what good developer plumbing looks like. Stripe made payments usable for builders by making the API predictable. Anthropic’s tool use works because the model emits structured calls that systems can validate. Kite is pushing that same idea one layer down: if an agent is going to spend money, its identity and permissions need to be machine-readable too. Otherwise, nobody knows whether the caller is authorized, whether the transaction is safe, or whether the payment should be honored.

The real bottleneck is not intelligence; it is settlement

The agentic web is still mostly plumbing, and payments are the part we keep underestimating. We talk about agents discovering services and taking actions, but the moment money changes hands, the hard questions show up fast: who approved this, what is the spend limit, what happens on a retry, how do refunds work, and where is the audit trail? I do not think we have solved this well yet for autonomous agents.

A concrete example: say an agent is booking a last-minute designer for a landing page refresh, or buying burst compute from an API marketplace because traffic spiked. If it cannot prove its identity, stay inside a preset budget, and reconcile the payment after the fact, the workflow breaks. That is not a prompt problem. It is a trust and settlement problem.

The other piece that matters is discovery. If an agent cannot find a service in a machine-readable way, it cannot buy it. If it can find the service but cannot pay safely, it still cannot use it. That is why the boring stack matters so much: authentication, authorization, payment rails, fulfillment, and receipts. The teams that make those pieces reliable will probably matter more than the teams with the flashiest agent demo.

The Bottom Line

Kite’s ETH Denver talk points to the real frontier of the agentic web: not smarter agents, but agents that can prove who they are and pay for what they use. Until identity and settlement are boring, reliable, and machine-readable, agent commerce will stay stuck in prototype land.