Why the next frontier of AI-driven payments will need a secure voice-native authentication layer
A live customer conversation is not the same as an e-commerce checkout.
When a customer is already speaking with a human agent — or, increasingly, with an AI-powered conversational assistant — forcing that customer to abandon the call and complete the payment through a separate web flow can create friction, confusion and abandonment.
That challenge becomes even more relevant as the payments industry moves into a new phase: Agentic Commerce.
Visa, Mastercard and other major players are already building the infrastructure for a future where AI agents can help consumers and businesses search, compare, decide and eventually execute transactions within trusted payment environments.
Visa has introduced Visa Intelligent Commerce Connect, designed to help businesses, agents and payment enablers participate in secure, transparent and authenticated AI-powered commerce journeys. Mastercard is also moving in the same direction with Mastercard Agent Pay, its infrastructure for secure, scalable and trusted payments in agentic commerce.
And the first real tests are already happening.
Santander and Mastercard announced Europe’s first live end-to-end payment executed by an AI agent in a regulated banking framework. Santander and Visa also announced controlled AI-agent-powered payment pilots across Latin America, powered by Visa Intelligent Commerce.
These initiatives confirm a major trend:
AI agents will not only recommend products or services. They will increasingly participate in the transaction itself.
But there is still one important channel that deserves specific attention.
The voice channel
Most discussions about agentic commerce today are still focused on digital environments:
websites, apps, merchant platforms, online checkout flows, tokenized credentials, issuer approval flows, agent identity and delegated consumer intent.
All of this is essential.
But millions of high-value transactions still begin in a phone conversation.
Travel bookings.
Hotel reservations.
Insurance payments.
Public administration payments.
Utilities.
Healthcare.
Debt collection.
Customer support renewals.
Call center assisted sales.
In these environments, the conversation itself is often the moment of highest purchase intent.
The customer is already engaged.
The agent — human or AI-assisted — is already guiding the process.
The decision has often already been made.
The only remaining step is payment.
And that is precisely where many current payment flows still break the experience.
Why Pay by Link is not always enough
Pay by Link is a valuable tool.
It works well in many remote payment scenarios.
But in a live voice interaction, it often introduces a channel switch:
the agent sends a link,
the customer waits for the SMS or email,
the customer opens a web page,
the customer completes authentication,
and the customer may need to return to the conversation.
This creates multiple points of friction.
The link may not arrive.
The customer may not trust it.
The authentication flow may interrupt the conversation.
The transaction may be abandoned.
In traditional customer service, this is already a problem.
In Agentic Voice Commerce, it could become a structural limitation.
Because if an AI-powered conversational assistant is guiding the customer inside a voice interaction, the payment layer must be able to operate inside that same secure conversational context.
The missing category: Secure Agentic Voice Commerce
Visa Intelligent Commerce and Mastercard Agent Pay are building the foundations of agentic payments.
But if agentic commerce also moves into the voice channel, a new category becomes necessary:
Secure Agentic Voice Commerce.
Secure Agentic Voice Commerce is the ability to allow human-assisted or AI-assisted voice interactions to become secure, compliant and authenticated payment journeys.
This is not just about allowing an AI agent to recommend a purchase.
It is about enabling a transaction to be completed securely inside a voice-based interaction, without exposing card data, without expanding PCI-DSS scope unnecessarily and without forcing the customer into a fragmented browser-based checkout.
And this is where a critical issue appears.
Secure Agentic Voice Commerce will need native SCA / 3D Secure in the voice channel
For Agentic Voice Commerce to become a serious category, it cannot rely only on simple MOTO exemptions or fragmented payment links.
It will need a way to authenticate transactions securely.
In Europe, this means Strong Customer Authentication — SCA.
In practical payment terms, this means 3D Secure.
And if the transaction is happening inside a voice journey, then the authentication layer should also be able to operate without forcing the customer to abandon the call.
This is why we believe Secure Agentic Voice Commerce will not be possible — at least not in a regulated, scalable and enterprise-grade way — without a native SCA / 3D Secure authentication solution for the voice channel.
Without this layer, the industry may have AI agents capable of guiding the conversation, PSPs capable of processing the payment and card networks capable of supporting agentic commerce.
But the voice transaction itself would still be missing the most important element:
secure, voice-native authentication.
That is the challenge Pay by Call is addressing with PBC 3DS.
PBC 3DS: native 3D Secure authentication inside the call
At Pay by Call, we have developed PBC 3DS, our patent-pending method to enable 3D Secure authentication natively within the voice channel.
The objective is simple:
make voice payments as secure as e-commerce, without converting the voice journey into a web journey.
PBC 3DS is designed to allow SCA / PSD2 authentication without forcing the customer to abandon the call, open a payment link or move into a separate browser-based checkout.
This is especially important for the future of AI-assisted and agentic voice interactions.
Because the moment an AI agent participates in a commercial conversation, the security model changes.
The AI agent should not freely handle cardholder data.
It should not become the uncontrolled point where sensitive payment information enters the enterprise environment.
It should not expand PCI-DSS scope across contact center systems, CRM platforms, call recordings or conversational AI layers.
The conversational layer should guide the interaction.
The secure PCIaaS layer should execute the payment.
The authentication layer should validate the transaction.
And the existing PSP, acquirer and card network infrastructure should continue processing the payment through the established financial rails.
Human agents today. AI agents tomorrow.
The immediate use case is already clear:
human-assisted contact center payments.
But the strategic use case is much larger:
AI-assisted and agentic voice payments.
Today, a human agent may guide the customer through a secure IVR payment.
Tomorrow, a conversational AI agent may help the customer complete a booking, renewal, reservation, public service payment or assisted sale inside a secure voice journey.
In both cases, the same principle applies:
The conversation should remain natural. The payment should remain secure. The authentication should remain compliant.
This is the foundation of Secure Agentic Voice Commerce.
Where Pay by Call fits
Pay by Call SL is a Spanish technology company specialized in Secure IVR Payments.
We are not a PSP.
We are not trying to replace acquirers, issuers, card schemes or existing payment processors.
We are a technology and compliance layer designed to help PSPs, BPOs, contact centers and enterprises process secure telephone payments without exposing agents, recordings or internal systems to cardholder data.
Our platform, PaybyCall, combines:
Secure IVR Payments
PCIaaS — Compliance-as-a-Service
PCI DSS Level 1 compliance
ENS High certification
cloud-native scalability on Google Cloud Platform
integration with existing PSPs and contact center platforms
optional native voice-channel 3D Secure through PBC 3DS
The objective is not to compete with the existing payment ecosystem.
The objective is to make the voice channel ready for the next phase of commerce.
Why this matters now
Visa Intelligent Commerce and Mastercard Agent Pay show that the industry is already preparing for a world where AI agents participate in commerce.
But agentic commerce will not only happen on websites.
It will not only happen inside apps.
It will also happen inside conversations.
And some of the most valuable conversations still happen by voice.
That is why the payment industry will need to answer a new question:
How do we make AI-assisted voice transactions secure, compliant and frictionless?
At Pay by Call, our answer is clear:
Secure Agentic Voice Commerce will require a specialized PCIaaS execution layer for the voice channel.
And it will require native SCA / 3D Secure authentication inside the call.
That is exactly the role we are building with PaybyCall and PBC 3DS.
Final thought
The next checkout may not be a page.
It may be a conversation.
And if that conversation becomes commercial, it must also become secure.
That is why Secure Agentic Voice Commerce will not be possible without a secure payment layer, PCI-DSS isolation and native voice-channel authentication.
Because AI may guide the journey.
But trust will decide whether the transaction can happen.