This article answers some of the most frequently asked questions (FAQ) about Payhawk’s security strategy for its AI agents.
How secure is the Payhawk platform when using AI agents?
Payhawk’s AI Agents are operated under the same security framework and controls as the rest of the Payhawk platform. This includes segregated environments to limit potential impact and role-based access controls (RBAC) to ensure AI agents’ permissions are restricted to their intended function.
How are confidential team communications and sensitive data safeguarded?
The communication is transmitted over TLS-encrypted channels.
Sensitive request data is logically segregated per customer account and user, preventing cross-tenant data access.
Access to the service is authenticated using existing identity and access management controls.
What level of security is implemented for the Travel AI Agent?
The Travel AI agent is implemented using a defense-in-depth approach. It operates as a standalone service that is logically and technically segmented from the cardholder data environment (CDE). The AI Agent does not process, store, or transmit payment card data.
All payments are securely handled by a trusted PCI DSS-compliant third-party payment provider, ensuring alignment with industry standards. Access controls, authentication, and data segmentation are applied to ensure that requests remain isolated per customer account and per user.
Is there any risk of data leakage when using the Travel AI Agent?
As with any system that processes user-submitted text, there is a residual risk if controls are misused or if users intentionally or unintentionally provide information beyond what is required.
That said, multiple safeguards are in place to minimize this risk:
Purpose-limited access - The AI Agent operates strictly within a defined and restricted scope, limited to handling travel-related requests only.
No access to sensitive financial data - The AI Agent has no access to cardholder data, payment credentials, or internal financial systems.
Data minimization - Only the minimum information necessary to fulfil a travel booking request is processed.
Isolated payment processing - All payments are handled by a PCI-DSS-compliant third-party payment provider, ensuring that payment data is never exposed to or processed by the AI Agent.
These controls are designed to reduce the likelihood and impact of data leakage while supporting secure and efficient travel order processing.
Does Payhawk store my portal passwords when fetching online receipts and invoices?
No. The Financial Controller AI Agent never sees, stores, or transmits your credentials. You log in directly through a secure browser viewer, and the Agent only retains an encrypted session profile (cookies, local storage) to continue working on your behalf.
How long does an online receipts or invoice fetching session last?
Session duration is determined by the provider portal, not by Payhawk. Most sessions last roughly a month, though regular activity can extend them. When a session expires, you need to log in again.
Can the AI Agent access my account settings or make purchases during online document fetching?
No. The Financial Controller AI Agent's instructions explicitly prohibit interacting with account settings, payment methods, or any functionality beyond document retrieval. While it may navigate past such pages, it is constrained by prompt design not to take actions outside its defined scope.
What happens if the AI Agent encounters a CAPTCHA or two-factor authentication?
The Financial Controller AI Agent pauses and asks you to complete the verification. Once you do, it resumes the retrieval task.
Is my data used to train AI models?
No. Payhawk uses Google Gemini 3.0 Flash via Vertex AI's enterprise API, which does not use customer data for model training.
Can I stop online document fetching for a specific provider?
Yes. You can revoke the Financial Controller AI Agent's access to any provider at any time, which deletes the session profile and stops all future automated retrieval for that provider.
Who can use AI features in Payhawk?
AI features are available to all users based on their role and permissions. Payhawk Administrators can enable or disable features workspace-wide and control who has access.
What is the AI literacy requirement for users?
Payhawk recommends 30–45 minutes of enablement training for Support and Finance Administrators covering AI capabilities, known limitations, failure modes, and when to escalate to human review.