Can You Take Card Payments on a Retell AI Voice Agent?
Short answer: yes, but not by capturing the card inside the Retell call. The card has to be taken in a secure, PCI-compliant payment layer that sits alongside Retell, so the card number never reaches your AI agent. Retell runs the conversation, a payment layer like Shuttle runs the secure payment.
If you are building on Retell and your flow ends in a payment, this is the question that decides whether you ship. Here is the honest version.
Why you cannot just capture the card in the call
It is tempting to let the customer read or key in their card while they are talking to your agent. Do not. Two reasons:
Retell is not a PCI DSS Level 1 certified payment processor. It is not designed to be one. It runs the voice and the language model.
Its PII redaction runs after the language model has already processed the input. So by the time anything is redacted, the card data has already passed through the AI pipeline.
If card digits enter the Retell call, your application, your call recordings, your logs, and Retell's infrastructure all fall into PCI scope. That is a compliance and cost problem you do not want. Building your own PCI DSS Level 1 capture is not realistic either: certification runs to hundreds of thousands of dollars upfront and again every year.
The secure pattern, which Retell itself recommends, is to take the card off-platform, before any card details are entered.
How it actually works
When it is time to pay, the card is captured in a secure, PCI DSS Level 1 call at the point of capture. The customer enters their card on their keypad inside that secure environment, so the digits never touch Retell or the language model. The payment is routed to your gateway, and the result comes back to your application.
With Shuttle, today this runs over Twilio Pay, with Shuttle as the certified capture and gateway connector. A few specifics founders ask about:
Any gateway, including Stripe. Shuttle connects to 30+ gateways. You configure yours; it handles the routing. Multi-tenant products can run a different gateway per customer.
Pricing is $0.20 per successful transaction. No setup fees, no monthly minimums.
Your PCI scope drops to SAQ-A, the simplest tier, because you are never storing, processing, or transmitting card data.
What is possible today, and what is coming
This is where most write-ups overpromise, so here is the straight version.
Available now: the secure capture at the point of payment. The customer pays, your application gets the result, and the card never passes through Retell.
Not yet turnkey: cleanly returning the caller to the same Retell agent and call after payment. Retell's own call transfer is largely one-way today, and the payment layer is not yet riding the full call to hand control back. If your flow depends on the agent picking the conversation straight back up after payment, ask about the current state rather than assuming it is seamless.
On the roadmap: the payment layer being present for the entire call, or being dialed in at exactly the right moment. That is where the carrier-agnostic version is headed, landing later in 2026.
What this means for your build
If you are a founder or PM scoping this, the takeaway is simple. You can add real card payments to your Retell agent now, without taking on PCI certification and without putting your stack in scope, by handing the card to a secure payment layer at the point of payment. The capture is production-ready today. The fuller in-call experience, where the agent seamlessly resumes after payment, is in progress.
For the technical walkthrough, the integration architecture, and the step-by-step flow, see the full guide: How to take PCI-compliant payments on Retell AI voice agents.
Want to talk through your specific flow? Book a call and we will give you the honest current state, not a roadmap pitch.