Subscribe to the Non-Human & AI Identity Journal

How should merchants handle fraud risk when shoppers use AI to assist purchases?

Merchants should treat AI-assisted shopping as a trust classification problem, not a binary fraud flag. The right approach is to combine behavioural, account, device, and payment signals so fast, AI-shaped journeys do not automatically inherit full trust. Step-up verification should focus on high-risk moments such as account recovery, shipping changes, and disputed claims.

Why This Matters for Security Teams

AI-assisted shopping changes the shape of customer risk. A shopper may browse, compare, and place orders with unusual speed, reuse content generated by an assistant, or follow recommendations that compress the normal decision path. That does not automatically indicate fraud, but it does weaken the reliability of simple velocity checks and static trust rules. Merchants need to understand that the risk is not the use of AI itself, but the way AI can amplify account takeover, social engineering, coupon abuse, refund abuse, and synthetic identity signals.

Security teams that rely on a single indicator, such as device reputation or checkout speed, will miss the difference between legitimate automation and malicious automation. A better approach is to treat the journey as layered evidence, with trust adjusted at each stage. The control logic should also be consistent with baseline security governance such as NIST Cybersecurity Framework 2.0, especially where risk decisions must be defensible, repeatable, and tied to business impact.

In practice, many security teams encounter AI-shaped fraud only after chargebacks, account disputes, or failed deliveries have already created losses, rather than through intentional trust design.

How It Works in Practice

Merchants should build fraud controls around transaction context, not assumptions about whether a human or AI was involved. AI-assisted journeys often look efficient, so the core question becomes whether the surrounding signals are consistent with the claimed customer identity, payment method, and shipping pattern. This is where behavioural analytics, account history, device intelligence, and payment risk scoring work together.

A practical workflow usually includes:

  • Flagging abnormal account recovery, password reset, or email change activity before checkout trust is increased.
  • Comparing purchase intent signals, such as basket composition and item rarity, with prior account behaviour.
  • Checking shipping changes, gift-card usage, and address mismatch as higher-risk moments that deserve step-up verification.
  • Correlating device fingerprint, IP reputation, and session continuity rather than relying on one signal alone.
  • Recording why a transaction was allowed, challenged, or declined so fraud operations can tune thresholds later.

This is also where governance matters. Security and fraud teams should define which journeys are eligible for friction reduction and which require stronger verification. The control mindset from NIST SP 800-53 Rev 5 Security and Privacy Controls is useful here because it encourages consistent access, monitoring, and response controls across sensitive workflows.

Merchants also need to distinguish fraud from customer convenience. A shopper using an assistant to compare products is not the same as an attacker using automation to test stolen cards or drain loyalty balances. Best practice is evolving, but the most resilient programs validate the account state before they trust the speed of the session. These controls tend to break down in high-volume flash-sale environments because legitimate bursts and fraud bursts can look nearly identical to the same detection model.

Common Variations and Edge Cases

Tighter verification often increases checkout friction, requiring merchants to balance fraud prevention against conversion, customer support cost, and abandonment risk. That tradeoff is especially sharp when AI agents or browser assistants act on behalf of repeat customers, because overly aggressive challenges can block valid purchases while still failing to stop organised fraud rings.

There is no universal standard for this yet, but current guidance suggests separating “AI-assisted” from “high-risk” in the decision logic. A trusted customer using an assistant for product selection may only need normal monitoring, while a new account placing a high-value order with a changed address and expedited shipping may justify step-up verification. The important point is that the control decision should follow the risk profile, not the novelty of the shopping method.

Edge cases include family-shared devices, loyalty-program abuse, marketplace resellers, and automated replenishment flows where buyer intent is legitimate but behaviour is atypical. Merchants should also be cautious with disputed claims, because AI can make refund narratives more polished without making them more truthful. Where AI agents can complete purchases autonomously, merchants should treat delegated authority as a separate trust question and require stronger proof at sensitive steps. Fraud teams that do not recalibrate for these cases usually discover the problem after chargebacks, not during the transaction.

Standards & Framework Alignment

This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.

NIST CSF 2.0 provides the primary governance reference for this topic.

Framework Control / Reference Relevance
NIST CSF 2.0 GV.RM-01 AI-assisted shopping needs explicit fraud risk governance and repeatable decisioning.

Define fraud risk owners, thresholds, and review triggers for AI-shaped checkout journeys.