Ovra is EU-native, API-first payment infrastructure for AI agents. We provide virtual Visa cards, programmable spending policies, and tokenized credentials so agents never see raw card data. GDPR-compliant with EU data residency.

How do I integrate Ovra with my AI agent?

The fastest way is to connect to our Model Context Protocol (MCP) server at https://api.getovra.com/api/mcp from Claude, GPT, Cursor, or any MCP-compatible agent. 10 tools are available out of the box. You can also use the REST API: a single call creates an agent with a virtual card and spending policy. No SDK install required.

Do AI agents see real card numbers when they pay?

Never. Ovra uses tokenized card credentials (DPAN, also known as Visa Network Tokens). When an agent needs to pay, we issue a scoped credential bound to the specific intent. Even if the agent's context is compromised, there is nothing useful to steal. Real PAN/CVV is encrypted server-side with AES-256-GCM and never reaches the agent.

Is Ovra GDPR-compliant?

Yes. Ovra is EU-native, built in Berlin, hosted in EU data centers, and engineered GDPR-compliant by design. Enterprise customers receive a Data Processing Agreement (DPA) and audit log access.

Is there a free tier?

Yes. The Free plan includes 1 agent, 1 virtual card, €150/month transaction volume, and full API and MCP access including sandbox mode. Paid plans start at €39/month for teams that need more agents and higher volume.

Which AI frameworks work with Ovra?

Any framework that speaks Model Context Protocol or HTTP. We test against OpenAI Agents SDK, Claude Desktop, Cursor, Vercel AI SDK, LangChain, LlamaIndex, and OpenClaw. The MCP endpoint is one URL: point your model at https://api.getovra.com/api/mcp with a Bearer token and 10 payment tools become available.

Where does Ovra operate and is the company a bank?

Ovra is a German company serving customers across the European Union (EUR-only, fiat). Ovra is not a bank. When our regulated card-issuer partnership ships, the licensed EMI (Electronic Money Institution) is the entity-of-record. Ovra is the developer-facing infrastructure layer.

What is a spending policy for an AI agent?

A spending policy is a declarative set of rules — per-transaction limits, daily/monthly caps, merchant allowlists, MCC restrictions, time windows, approval thresholds — that the payment infrastructure enforces before any card is issued. Unlike traditional expense management which flags unusual transactions after the fact, a true agent spending policy is evaluated synchronously in the critical path: if a rule fails, no credential is created and no money moves.

Why don't traditional expense management tools work for AI agents?

They were built for humans making 5–20 card decisions per day. AI agents make hundreds. Velocity rules tuned to humans either flag everything (false positives crater your workflow) or learn to ignore agent activity (which masks real failures). Traditional tools also enforce policy after the charge clears — for autonomous agents, that's already too late. You need pre-authorization, scoped credentials, and merchant-level enforcement at the network token layer.

What rules can an Ovra spending policy contain?

Per-transaction max, daily/weekly/monthly aggregate limits, per-agent budgets, merchant allowlists and blocklists, MCC (merchant category code) restrictions, country restrictions, time-of-day windows, cooldown intervals between transactions, max usage count, and approval thresholds for human-in-the-loop confirmation. Each rule has an enforcement level: hard block, hold for approval, or warn-and-log.

How are policies enforced — before or after the charge?

Before. Ovra's policy engine sits in the critical path of every payment: agent declares intent → policy evaluates synchronously → if any rule fails, the transaction is denied and no credential is created. There is no async 'check later' fallback. If the policy engine is down, no intents are approved (fail-closed). This is the only design that works for autonomous agents.

Can spending policies be updated programmatically?

Yes. Policies are managed via REST API or MCP — your own systems can dynamically adjust agent budgets based on business rules, seasonal patterns, real-time risk signals, or budget consumption. Policy updates apply immediately to all new transactions. Active grants from before the update remain valid for their TTL but cannot be re-issued under the old policy.

Are Ovra spending policies GDPR compliant for EU companies?

Yes. Ovra is German-incorporated, EU-native, and processes all transaction data within EU jurisdiction. Card data is encrypted with AES-256-GCM. The audit trail is the compliance artifact for GDPR data access logging, AML transaction monitoring, and the upcoming PSD3/PSR consent and authorization framework (provisional agreement Nov 2025; PSR application around Q1 2028).

Spending Policies for Autonomous AI Agents: Control Without Micromanagement

Bottom line: Giving an AI agent a card is easy. Controlling how much, where, and when — that's the real problem. Traditional expense tools flag unusual transactions after the fact; for autonomous agents, by then the money is gone. Ovra enforces declarative spending policies in the critical path of every payment — per-transaction limits, MCC restrictions, time windows, approval workflows — before any credential exists. The agent cannot bypass these controls regardless of what instructions it receives.

Giving an AI agent the ability to spend money is easy. Controlling how much, where, and when — that's the real problem.

Traditional expense management tools were built for human employees. You set a monthly limit, maybe restrict some merchant categories, and review receipts at the end of the month. That works when your team is five people with corporate cards.

It doesn't work when your team includes AI agents that can make hundreds of transactions per day.

Why do AI agents need different controls?

Human spending follows predictable patterns. People buy lunch, book flights, subscribe to software. The amounts are normal. The frequency is low. When something looks off, a human reviewer catches it.

AI agents break every one of these assumptions:

Volume — an agent can make 50 purchases in a minute.
Unpredictability — agents may interpret instructions creatively, buying things outside their intended scope.
No self-regulation — an agent doesn't pause and think "this seems expensive."
Prompt vulnerability — a compromised prompt can redirect spending to unintended merchants.

Per Fenwick's April 2026 analysis, "existing financial and consumer protection laws built around human-decisioned transactions may not appropriately address the challenges raised by agentic payments." Without infrastructure-level controls, the gap between "the agent can buy" and "the agent is buying everything" is one bad prompt away.

What can an Ovra spending policy enforce?

Ovra enforces spending policies at the infrastructure layer — before any card is issued, before any money moves. The agent cannot bypass these controls regardless of what instructions it receives.

Per-transaction limits

Set maximum amounts per individual transaction. An agent trying to charge more than the limit is simply denied.

Max per transaction: €500
Agent requests: €750
Result: Denied

Daily and monthly aggregate limits

Cap total spending across all transactions within a time window.

Daily limit: €2,000
Spent today: €1,800
Agent requests: €400
Result: Denied (would exceed daily limit)

Per-agent budgets

Each AI agent gets its own independent budget. Your travel agent has different limits than your procurement agent.

agent_travel: €5,000/month
agent_procurement: €20,000/month
agent_subscriptions: €1,000/month

Merchant category codes (MCC)

Restrict which types of merchants an agent can pay. A subscription manager should only pay software companies, not restaurants.

Allowed MCCs: [5734, 5817, 7372]  // Software, SaaS, Computer services
Blocked MCCs: [5812, 5813]         // Restaurants, Bars

Time-window restrictions

Limit when agents can transact. No purchases outside business hours, no weekend spending, no transactions during maintenance windows.

Approval workflows

For high-value transactions, require human confirmation before the card is issued. The agent submits the request, the human approves or denies it, and only then does the transaction proceed.

How is policy enforcement architected?

Traditional expense tools apply policies after the fact — flagging unusual transactions for review. By the time you see the flag, the money is already gone.

Ovra's architecture is different:

Agent requests a transaction.
Policy engine evaluates all active rules.
If any rule fails → transaction denied, no card issued.
If all rules pass → scoped virtual card created with exact amount and merchant lock.
Card is used and immediately invalidated or scoped to expiry.
Full audit log captured for the compliance trail.

The key difference: policies are enforced before the money moves, not after. This is the same pre-authorization pattern Google's AP2 protocol standardized via verifiable Cart and Intent Mandates, and the same scope-and-burn approach Stripe's Shared Payment Token uses in ACP — implemented at the application layer in Ovra's private beta, with the same interface ready to flip to real Visa rails on our regulated EMI partnership.

Programmatic policy management

Policies are managed through Ovra's API or MCP server, so they can be updated programmatically:

await ovra.policies.update("agent_travel", {
  maxPerTransaction: 50000,
  dailyLimit: 200000,
  allowedMCCs: [3000, 3001, 3002, 4511, 7011],
  requireApprovalAbove: 100000,
  activeHours: { start: "06:00", end: "22:00", timezone: "Europe/Berlin" }
});

Your own systems can dynamically adjust agent budgets based on business rules, seasonal patterns, or real-time risk signals. Policy updates apply immediately to all new transactions.

Automated expense reporting

Every transaction through Ovra includes full context:

Which agent made the request
What spending policy was applied
Whether approval was required (and who approved)
The purpose/reason for the purchase
Merchant details and category
Timestamp and amount

This creates an automatic expense report — no manual receipt collection, no missing context, no "I don't remember why I bought this." This is also the audit-trail layer that maps directly to the consent and authorization framework codified in PSD3/PSR (provisional political agreement November 27, 2025; application expected around Q1 2028).

EU-native compliance

For EU operators specifically, Ovra provides:

GDPR-compliant data handling — all transaction data processed within EU jurisdiction.
German + English dashboard — bilingual visibility for German operating teams.
Euro-native ledger — no FX overhead on EUR-denominated activity.
PSD3/PSR-aligned audit trail — built for the consent and authorization regime arriving in 2027–2028.
DORA-aligned operational resilience — designed in, not retrofitted.

Getting started

Define your spending policies before your agents start transacting. Ovra's policy engine is configured through the API or dashboard, and applies immediately to all new transactions. The standard policy is workspace-level by default, with per-agent overrides for specialized workflows.

Ovra is in private beta today on a sandbox card issuer; the same interface ships to real Visa rails when our regulated EMI partnership lands. Join the waitlist.

Frequently asked questions

What is a spending policy for an AI agent?: A spending policy is a declarative set of rules — per-transaction limits, daily/monthly caps, merchant allowlists, MCC restrictions, time windows, approval thresholds — that the payment infrastructure enforces before any card is issued. Unlike traditional expense management which flags unusual transactions after the fact, a true agent spending policy is evaluated synchronously in the critical path: if a rule fails, no credential is created and no money moves.
Why don't traditional expense management tools work for AI agents?: They were built for humans making 5–20 card decisions per day. AI agents make hundreds. Velocity rules tuned to humans either flag everything (false positives crater your workflow) or learn to ignore agent activity (which masks real failures). Traditional tools also enforce policy after the charge clears — for autonomous agents, that's already too late. You need pre-authorization, scoped credentials, and merchant-level enforcement at the network token layer.
What rules can an Ovra spending policy contain?: Per-transaction max, daily/weekly/monthly aggregate limits, per-agent budgets, merchant allowlists and blocklists, MCC (merchant category code) restrictions, country restrictions, time-of-day windows, cooldown intervals between transactions, max usage count, and approval thresholds for human-in-the-loop confirmation. Each rule has an enforcement level: hard block, hold for approval, or warn-and-log.
How are policies enforced — before or after the charge?: Before. Ovra's policy engine sits in the critical path of every payment: agent declares intent → policy evaluates synchronously → if any rule fails, the transaction is denied and no credential is created. There is no async 'check later' fallback. If the policy engine is down, no intents are approved (fail-closed). This is the only design that works for autonomous agents.
Can spending policies be updated programmatically?: Yes. Policies are managed via REST API or MCP — your own systems can dynamically adjust agent budgets based on business rules, seasonal patterns, real-time risk signals, or budget consumption. Policy updates apply immediately to all new transactions. Active grants from before the update remain valid for their TTL but cannot be re-issued under the old policy.
Are Ovra spending policies GDPR compliant for EU companies?: Yes. Ovra is German-incorporated, EU-native, and processes all transaction data within EU jurisdiction. Card data is encrypted with AES-256-GCM. The audit trail is the compliance artifact for GDPR data access logging, AML transaction monitoring, and the upcoming PSD3/PSR consent and authorization framework (provisional agreement Nov 2025; PSR application around Q1 2028).