TL;DR: Merchants are increasingly using agentic AI for chargeback documentation and refund review, while passkeys are moving from pilot to practice as credential stuffing and phishing continue to drive account takeover, according to Sift and cited FIDO Alliance and NIST guidance. The governance challenge is no longer authentication alone, but trust, measurement and identity resolution across the customer journey.
At a glance
What this is: This merchant meet-up summary argues that agentic AI, passkeys and account takeover are now tightly linked to digital commerce trust and revenue outcomes.
Why it matters: It matters to identity, fraud and security teams because customer trust is being enforced through authentication choices, risk scoring and lifecycle controls that increasingly resemble broader IAM governance.
By the numbers:
- According to the FIDO Alliance, 87% of companies in the U.S. and U.K. are piloting or deploying passkeys.
- The FTC reported $12.5 billion in consumer fraud losses in 2024, with account takeover a major driver.
- Gartner projects that more than 40% of agentic AI initiatives will be abandoned by 2027 for failing to deliver results.
👉 Read Sift's analysis of agents, passkeys and identity trust in merchant operations
Context
Digital commerce now depends on more than preventing fraud at login. Merchants are trying to balance customer experience, approval rates and loss prevention while account takeover, credential stuffing and automated decisioning reshape how trust is established across the customer journey.
That creates a genuine identity governance problem. Passkeys address phishing-resistant authentication for customers, while agentic AI adds a new layer of operational decision-making that still needs human oversight, auditability and clear boundaries. For teams that manage IAM, fraud or customer identity, the question is no longer whether to automate, but how to keep trust measurable and accountable.
Key questions
Q: How should security teams use passkeys without assuming account takeover is solved?
A: Use passkeys as a phishing-resistant layer, but keep recovery, device trust and step-up verification under strict control. Attackers often move from password theft to recovery abuse, session hijack or device compromise, so the surrounding lifecycle matters as much as the authenticator itself.
Q: Why do account takeover controls need to involve both fraud and IAM teams?
A: Because takeover is rarely limited to authentication. Fraud teams see transaction abuse, while IAM teams see login, recovery and session anomalies. When those signals are separated, organisations miss the full attack chain and end up with inconsistent decisions across sign-up, access and payment activity.
Q: What breaks when customer identity signals are fragmented across tools?
A: Detection becomes partial, false declines rise and legitimate users are harder to distinguish from attackers. A fragmented view also weakens remediation because the organisation cannot connect onboarding, authentication and downstream transactions into one identity state.
Q: Who is accountable when agentic AI makes a fraud decision that affects customers?
A: The business owner remains accountable, even if the agent executes the workflow. Teams need clear approval thresholds, audit trails and escalation rules so automated decisions can be explained, reviewed and reversed when the outcome is wrong.
Technical breakdown
Agentic AI in merchant operations depends on bounded decision loops
In this context, agentic AI means systems that plan and act toward a goal, such as triaging refunds or assembling chargeback evidence. The operational risk is not the model itself, but the delegation boundary. If the workflow lacks explicit approval thresholds, audit trails and rollback points, the system can optimise for speed while degrading trust quality. The merchant use case is strongest where the agent performs narrow, repeatable work and humans retain final accountability for exceptions and high-value actions.
Practical implication: define decision boundaries, logging and human override points before allowing agents into revenue-sensitive workflows.
Passkeys shift the fraud problem from secret theft to device and session trust
Passkeys reduce exposure to phishing and credential stuffing because they replace reusable passwords with phishing-resistant authentication tied to a device or authenticator. That changes the attacker path from secret capture to account recovery abuse, session hijack or device compromise. In practice, this means passkeys improve the front door but do not eliminate the need for step-up risk checks, trusted-device rules and recovery governance. The stronger the authenticator, the more important the surrounding identity controls become.
Practical implication: treat passkeys as one layer in a broader customer identity control stack, not as a standalone fraud control.
Account takeover is an identity resolution problem as much as a fraud problem
Account takeover becomes harder to contain when organisations cannot reliably connect sign-up, login, payment and loyalty activity back to the same customer identity. That is why fraud, payments and loyalty teams increasingly share signals. Identity resolution here is the ability to recognise legitimate continuity across sessions and channels while spotting takeover patterns, synthetic accounts and anomalous device behaviour. Without that linkage, detection is fragmented and false declines rise alongside fraud loss.
Practical implication: align identity signals across onboarding, authentication and transaction monitoring so takeover detection works across the full lifecycle.
Threat narrative
Attacker objective: The attacker seeks monetisable access to customer accounts, payment flows or loyalty balances while remaining indistinguishable from legitimate activity.
- Entry often begins with credential stuffing, phishing or automated recovery abuse against customer login flows.
- Escalation follows when the attacker gains a valid session or resets credentials through weak recovery paths, then uses trusted access to change account details or initiate fraudulent actions.
- Impact occurs when the compromised account is used for chargeback abuse, refund fraud, loyalty theft or model contamination that distorts risk decisions.
NHI Mgmt Group analysis
Identity trust is becoming a commercial control, not just a security control. The article shows merchants linking authentication decisions to approval rates, headcount hours and retention, which means identity is now part of revenue governance. That is a useful shift, but it also raises the bar for assurance because a fast decision is not the same as a trustworthy decision. Practitioners should treat identity signals as commercial risk inputs, not just login telemetry.
Agentic AI in fraud operations creates governance debt when outcome metrics are the only success measure. If a system only needs to reduce review time or improve chargeback throughput, teams can miss drift in auditability, exception handling and control ownership. The named concept here is trust-performance gap: a state where automation improves efficiency faster than governance catches up. Practitioners should require controls that track both business lift and decision integrity.
Passkeys reduce password compromise, but they do not close the identity lifecycle gap. The article is right to frame passkeys as a move toward phishing-resistant authentication, yet account recovery, device binding and trusted-session handling remain attack surfaces. This is where identity verification and IAM meet. Teams should view passkeys as a control that shifts risk, not one that removes the need for lifecycle governance.
Account takeover is increasingly a shared failure across fraud and IAM teams. The discussion of identity resolution across sign-up, transaction and rewards shows that siloed ownership no longer fits the threat. Customer identity now spans onboarding, access, transaction monitoring and loyalty, so governance has to follow the full journey. Practitioners should build a single view of identity state across those touchpoints.
The merchant model is moving toward measurable trust operations. The most mature organisations in this article are not treating fraud controls as isolated safeguards. They are instrumenting trust, connecting it to KPIs and using it to guide where automation is allowed. That approach is likely to spread, and it will expose teams that cannot explain how a control affects both security and customer experience.
What this signals
The practical signal for merchants is that identity controls are moving closer to fraud operations, not further away from them. As passkeys reduce password dependency, the real differentiator becomes whether organisations can govern recovery, device trust and session continuity across the full lifecycle.
Trust-performance gap: the next governance challenge is keeping automation measurable after it starts improving business metrics. Teams that adopt agentic AI in customer operations need controls that measure not only speed and cost, but also reversibility, auditability and exception drift.
For identity and fraud leaders, this pushes programme design toward shared telemetry and shared accountability. If your authentication stack cannot explain how a trusted session becomes a fraudulent one, your control model is still too fragmented for modern digital commerce.
For practitioners
- Define agent boundaries for fraud automation Restrict agentic AI to narrow tasks such as chargeback document assembly or refund triage, and require human approval for exception handling, payout changes and customer-impacting reversals.
- Harden passkey recovery paths Review account recovery, trusted-device binding and step-up verification so a phishing-resistant authenticator does not become a weakly governed back door to the account.
- Correlate identity signals across the customer journey Link onboarding, login, payment and loyalty telemetry so takeover patterns can be seen as one identity narrative rather than isolated events in separate tools.
- Measure trust quality alongside efficiency Track fraud loss, false declines, review time and override rates together so automation gains do not conceal control drift or growing exception risk.
- Align fraud and IAM ownership Create shared operating metrics and escalation paths between fraud, payments and identity teams to close the gap between authentication controls and downstream loss prevention.
Key takeaways
- Merchants are treating identity trust as a revenue control, which changes how passkeys, fraud rules and customer authentication should be governed.
- Agentic AI can improve operational throughput, but without human oversight and audit trails it creates governance debt that business metrics alone will not reveal.
- Account takeover now spans onboarding, login, payment and loyalty, so the control model has to follow the customer identity lifecycle end to end.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
NIST SP 800-63, NIST CSF 2.0 and NIST AI RMF set the technical controls, while GDPR define the regulatory obligations.
| Framework | Control / Reference | Relevance |
|---|---|---|
| NIST SP 800-63 | SP 800-63B | Passkeys and phishing-resistant authentication map directly to digital identity assurance. |
| NIST CSF 2.0 | PR.AC-1 | The article is about access decisions, identity trust and fraud-relevant authentication controls. |
| GDPR | Art.32 | Customer identity and authentication controls process personal data and require security safeguards. |
| NIST AI RMF | GOVERN | Agentic AI in fraud workflows needs accountability, oversight and clear decision ownership. |
Use SP 800-63B to shape authenticator choices, recovery rules and session protections for customer identity flows.
Key terms
- Agentic AI: Software that can plan and carry out tasks toward a goal with some degree of independent decision-making. In merchant operations, it may assemble evidence, route work or trigger next steps, but it still needs bounded authority, monitoring and human accountability.
- Passkey: A phishing-resistant authentication method that replaces reusable passwords with cryptographic credentials tied to a device or authenticator. It reduces secret theft and credential stuffing risk, but recovery, device binding and session handling still require governance.
- Account Takeover: A fraud pattern where an attacker gains control of a legitimate customer account and uses that trust to commit abuse. It often begins with credential theft or recovery abuse and then spreads into payment fraud, loyalty theft or data misuse.
- Identity Resolution: The process of linking events, sessions and transactions to the same customer so organisations can recognise continuity and anomalies. Strong identity resolution helps distinguish legitimate behaviour from takeover patterns across onboarding, login and downstream activity.
What's in the full article
Sift's full blog post covers the operational detail this post intentionally leaves for the source:
- How merchants are using agentic AI for chargeback documentation, refund review and transaction routing in live operations
- The specific passkey adoption patterns discussed for returning customers, trusted devices and mobile login flows
- How teams are tying ATO metrics to approval rates, false declines and customer retention outcomes
- The practical ways merchants are combining device fingerprinting with identity resolution across the customer journey
Deepen your knowledge
The NHI Foundation Level course, the industry's only accredited NHI security programme, covers NHI governance, identity lifecycle and secrets management. It is useful for practitioners who need to connect access control, lifecycle oversight and operational accountability across modern identity programmes.
Published by the NHIMG editorial team on July 11, 2026.
NHI Mgmt Group — the independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org