As AI shopping agents remove friction from online commerce, they are also erasing the behavioral signals retailers rely on to detect fraud — creating a visibility gap that could trigger the largest friendly-fraud wave since e-commerce began.
According to Kevin King, VP of credit risk at LexisNexis Risk Solutions, friendly fraud is the fastest-growing threat retailers do not see coming. Agentic shopping is turning that blind spot into a prevention nightmare.
Also known as first-party misuse, friendly fraud has become a global crisis, now accounting for approximately 75% of all chargebacks and costing merchants an estimated $132 billion annually. Agentic shopping is becoming a black box that could push these numbers even higher.
“This moment mirrors the early days of e-commerce when fraud outpaced security,” Conrad Kennington, VP of AI at digital risk management platform firm Accertify, told the E-Commerce Times.
Friendly Fraud Drives a Two-Fold Retail Crisis
Table of Contents
Some commerce experts claim that customer fraud, in which customers dispute legitimate transactions, is now the top global fraud category. Others urge digital security teams to reassess what prevention actually looks like, leveraging identity insights, behavioral analytics, stronger dispute evidence, and smarter issuer–merchant collaboration.
E-commerce experts suggest that the liability chain for those disputes is entirely unclear. The bigger issue is data loss. Each stage of digital commerce has stripped away fraud signals. Agentic transactions reduce that visibility to near zero.
However, Kennington noted that if purchases are made using one-time tokens with no behavioral context, fraud teams could be left to assess risk based on a single data point: the shipping address.
He explained that for friendly fraud, historical context is critical. A customer with years of clean behavior then disputes a single purchase and subsequently returns to normal behavior, likely made an accidental agent- or child-triggered purchase.
“A customer whose behavior turns bad and stays bad is more indicative of intentional first-party abuse. First-time offenders remain the hardest to detect because there is no behavioral baseline yet,” he said.
Why Agentic Shopping Leaves No Fraud Trail
Unlike human shoppers or fraudsters, AI agents will make purchases with almost no footprint. AI shopping assistants need no browser data, no device signals, no form fields, and often no memory from the consumer who delegated the task.
Security experts warn that this autonomous freedom opens the door for both large-scale abuse by fraudsters and a wave of friendly fraud when people dispute charges made by agents they forgot about or that a child accidentally activated.
Kennington reasoned that retailers need a world in which autonomous agents must authenticate themselves before transacting. He countered that this problem is largely solved for humans.
“We now authenticate ourselves via multifactor authentication and passkeys, as an example. The agent ecosystem needs to catch up to that same standard,” he urged.
How Identity Data Replaces Lost Fraud Signals
According to Andy Mortland, VP of product and development at Accertify, autonomous agents reduce traditional telemetry. Still, merchants can gain meaningful, actionable identity insights.
“The order form itself continues to carry valuable data: payer name, email, payment method, SKU patterns, and any information tied to delivery or fulfillment. Those data points help provide context to assess whether a transaction reflects legitimate purchasing behavior or elevated fraud risk,” he told the E-Commerce Times.
In his view, historical context remains one of the strongest indicators of a transaction’s legitimacy. A shopper’s long-term reputation, including purchase history, dispute behavior, fulfillment outcomes, and return or refund patterns, is highly predictive and is unaffected by the disappearance of browser-level signals.
Additionally, Accertify can already distinguish between bots and humans, so that is not the issue, Kennington added. The real question is how to distinguish good bots from bad bots.
“In this context, behavioral analytics is less about page scroll gestures and more about long-term historical transaction patterns such as prior buying patterns, average spend, category consistency, and dispute outcomes rather than session-level behavioral signals,” he said.
For example, if someone who reliably shops low- to mid-priced retail suddenly purchases a luxury watch, that anomaly matters regardless of whether a human or an agent initiated the transaction.
Why Legacy Fraud Tools Miss Friendly Fraud
According to Jeffrey Feinstein, global head of data science at LexisNexis Risk Solutions, fraud focus has historically been on third-party types, which are easier to predict due to identity anomalies. For fraudsters to succeed, they need to control at least one element of an identity — like a phone number, email address, device, or address.
“This creates an identity change signal that is easier for lenders to prevent with notifications and alerts, such as a notice to the consumer of an address change, which is easier for data providers to identify based on a data signal,” he told the E-Commerce Times.
By comparison, first-party fraud comes in at least three varieties, each with its own warning flags. First, consumers are engaging in fraudulent transactions under their own identities. The second type is synthetic identities created by another person to commit first-party fraud in the synthetic identity’s name. Third is a scam or mule behavior, in which a third party convinces consumers to engage in a transaction that is not in their best interest.
Feinstein observed that cybersecurity teams often do not segment fraud so cleanly into categories such as first-, third-, and synthetic fraud. They do not want to create a walled-in set of criteria.
“Fraudsters don’t specialize in specific tactics. They think creatively about how to steal funds from institutions. They use a variety of tools to evade classification,” he offered, adding that focusing on anomalies using broader definitions, in addition to classic definitions, can often classify fraud more completely.
The Fraud Risks No One Will Quantify
Feinstein deflected from discussing how fraudulent disputes contaminate the financial system beyond the merchant. Clearly, the steady rise in consumer fraud impacts credit files, issuer risk models, and lending decisions. This risk is still massively underpriced.
“This is a dangerous question because if I answer it, I’d be informing fraudsters on how to commit fraud,” he replied.
Feinstein added that information gaps ultimately can be empowering to fraudsters. That is why LexisNexis Risk Solutions encourages its customers to provide as much information as possible to corroborate transaction information.
When Shoppers Forget Their AI Bought Something
Retail experts predict a wave of disputes from consumers who forgot they authorized an agent to make a purchase. That will require new forms of compelling evidence to prove a consumer delegated a task to an AI.
Accertify’s Kennington agreed with that viewpoint. Multiple groups are developing protocols to get payment information, he revealed. But most are not yet considering the implications of fraud risk.
He emphasized that payment networks will eventually have to agree on a single protocol to match merchants with buyers. For example, with a single-use token, if there is a dispute, the token can show that the person tasked the agent with making the purchase.
“For Accertify, it is important that we actively engage with industry groups to help shape what these new evidence standards will look like,” he said.
Mark Michelon, Accertify’s president, further confirmed that his company’s technology is helping address fraud issues.
“Accertify’s consortium scale data helps give merchants the ability to detect the truly fraudulent or abusive so they can target interventions precisely and avoid those draconian, trust-damaging rules,” he told the E-Commerce Times.
