CAPTCHA Everything: From Optimism to Pessimism and Back Again

There are two futures for agent-to-API transactions. In the optimistic one, agents identify themselves honestly and pay for what they use. In the pessimistic one, agents pretend to be humans to dodge per-usage pricing. Both futures end in the same place: you either build a billing layer, or you CAPTCHA everything.

Per-seat pricing is already broken

Consider a design team at a startup. Two designers, each managing a hundred AI agents that interact with the Figma API. Under the per-seat model, Figma charges for two users. But those two users are generating the API load of two hundred. The pricing doesn't reflect the reality of consumption.

This isn't hypothetical. Every SaaS company with an API is about to face this. The number of human users is becoming irrelevant — what matters is API calls, and agents make orders of magnitude more calls than humans ever did.

So the industry needs to move to per-usage pricing for agents. That much is obvious. The question is: what happens next?

The optimistic path: agents pay honestly

In the optimistic vision, agents announce themselves. They show up at an API, present credentials, and are billed per call. Organizations prepay for credits, agents consume them, and providers earn revenue proportional to actual usage. Everyone's incentives are aligned.

This is the world AgentTab is designed for. Organizations fund an account, issue virtual credit cards to their agents, set spend limits, and get full audit trails. Like a corporate expense card program — but for AI agents. Agents pay for what they use. No proxy, no middleman in the data path.

This is clean. It works. But it depends on agents wanting to identify themselves honestly. What if they don't?

The pessimistic path: agents pretend to be human

Here's the uncomfortable question: if an API charges $20/month per seat for humans but 2 credits per call for agents — and an agent makes 50,000 calls a month — the agent operator has a strong economic incentive to make the agent look like a human.

This isn't theoretical. It's already happening. Agents use browser automation tools, rotate residential proxies, and mimic human interaction patterns. From the API provider's perspective, the traffic looks like a regular user on a $20/month plan, consuming 100x the resources.

And it will get worse. As agent capabilities improve, the line between human and agent traffic becomes invisible. An agent that operates a browser, maintains session state, and interacts at human-like intervals is indistinguishable from a human user. The API provider has no way to know.

This is the exact same problem the early web had before HTTPS. How does the server know who it's talking to? The answer then was certificate authorities. The answer now is similar — but the twist is economic, not cryptographic.

The inevitable conclusion: CAPTCHA everything

If agents can pretend to be humans to avoid per-usage charges, every API provider is forced into the same response: verify that every user is human. CAPTCHA every session. Challenge every request that looks automated. Make bot detection a core part of the product.

We're already seeing this. Cloudflare's bot detection, reCAPTCHA v3, browser fingerprinting — all deployed to distinguish humans from machines. But this creates a terrible user experience for everyone. Human users get challenged constantly. Legitimate automation breaks. And sophisticated agents bypass the checks anyway.

This is the pessimistic equilibrium: an arms race between bot detection and bot evasion, where the API provider spends engineering resources on detection instead of on their actual product.

The escape hatch: charge for automation

There's a better equilibrium. Instead of trying to block agents, welcome them and charge them.

Think about it from the API provider's perspective. An agent making 50,000 calls a month is valuable. That's real demand. That's usage the provider should be capturing revenue from. The problem isn't that agents exist — it's that there's no billing infrastructure for them.

The choice becomes binary:

When the official path is easy and reasonably priced, agents have no incentive to pretend to be human. The economics flip. It's cheaper to pay 2 credits per call than to maintain browser automation, proxy rotation, and CAPTCHA-solving infrastructure. The legitimate path wins on cost, reliability, and latency.

Payment is proof of legitimacy

There's a growing industry around agent trust scores, safety compliance, and behavioral monitoring. The thinking goes: agents must prove they're safe before they get access. But consider the analogy to human users: you can be a malicious actor registering on a website right now. Nothing stops you. What prevents abuse isn't identity verification — it's that you paid with a credit card, and your identity is traceable through existing payment networks.

The same logic applies to agents. If an agent's organization buys credits to register, abuse is less of a concern. Payment creates accountability. The credit card is already an identity verification system. If an agent racks up fraudulent usage, the org that registered it is on the hook — just like a domain owner is on the hook for what's served from their domain.

You can either prove legitimacy through work (behavioral monitoring, trust scores, compliance audits) or prove legitimacy through payment. Payment is faster, simpler, and already understood by the entire financial system.

The HTTPS parallel

Before HTTPS, the web had a trust problem. How does your browser know the server it's talking to is actually your bank? Certificate authorities solved it: a trusted third party vouches for server identity, issues a certificate, and then gets out of the way. The CA doesn't sit between every request. It issues the certificate once, and the browser and server communicate directly.

AgentTab applies the same principle to agent spending. Fund an account once, issue cards, and agents pay directly. AgentTab isn't in the data path. It doesn't proxy requests. It controls the financial layer — spend limits, merchant restrictions, real-time authorization — so organizations stay in control without blocking agent autonomy.

HTTPS works because TLS is a protocol, not a product. Any CA can issue certificates. Any server can present them. Any browser can verify them. AgentTab takes a similar approach: the financial controls are standardized. Virtual cards, spend policies, and authorization rules work the same way regardless of which APIs your agents are calling.

Expense management, not protocol

The insight is simple: agents need to spend money, and organizations need to control that spending. This isn't a protocol problem — it's an expense management problem. The same problem that Brex and Ramp solved for employees, AgentTab solves for AI agents.

Virtual credit cards with per-agent spend limits. Real-time authorization that approves or declines every charge in under 2 seconds. Merchant category restrictions. Full audit trails. These are the primitives that let organizations deploy agents with confidence.

Blockchain is just a rail

In every conversation about the agent economy, someone asks: "So is this a crypto thing?" The answer determines which half of the room keeps listening. The crypto crowd wants on-chain settlement. The enterprise crowd wants Stripe invoices. Both assume you have to pick one.

AgentTab picks neither. For agent-to-agent transactions, blockchain has properties that are genuinely useful — programmatic settlement, no bank hours, micro-transaction economics, cryptographic proof. Agents are software. They can hold wallets, sign transactions, and settle autonomously.

But most organizations already have Stripe. Their finance team understands credit card statements. Telling them they need to buy ETH to let their agents call an API is a non-starter. Forcing crypto adoption would kill adoption of the protocol.

So the protocol operates in credits — an internal unit of account. Credits are the abstraction layer between how money comes in and how value is consumed. An org that paid with ETH and an org that paid with Visa both hold credits. Those credits are fungible within the system.

The thesis

Every API provider is about to face a choice. Agent traffic is coming — either honestly labeled or disguised as human. You can either:

1. CAPTCHA everything — fight automation, degrade your product, and lose the arms race.
2. Charge for automation — offer a per-usage API tier for agents, capture the revenue, and make the honest path easier than the dishonest one.

Option 2 needs infrastructure. It needs a protocol for registration, key vending, usage reporting, and settlement. It needs to be payment-provider agnostic — Stripe, crypto, bank wires — so it can become a standard. It needs to be a protocol, not a platform.

That's AgentTab.

The auth story will be solved eventually. Trust scores, agent certificates, behavioral monitoring — these will mature over years. But billing needs to work now. Every API provider is about to see their usage spike from agents, and they have two choices: block those agents, or bill them.

We're building the infrastructure for the second option.

AgentTab is expense management for AI agents. Get started and issue your first virtual card in minutes.