By NHI Mgmt Group Editorial TeamPublished 2026-03-03Domain: Identity Beyond IAMSource: Signifyd

TL;DR: AI referrals to merchants rose 1,247% year over year in October 2025, while account takeover grew 45% in apparel and 29% of online grocery accounts sat untouched for more than a year, according to Signifyd’s 2026 commerce analysis. The practical shift is clear: merchants now need trust decisions that work for both human shoppers and AI agents acting on their behalf.


At a glance

What this is: Signifyd’s 2026 ecommerce trends analysis argues that retail is moving toward agentic commerce, risk-based returns, and stronger account integrity as buying behaviour and trust signals fragment.

Why it matters: For IAM, fraud, and digital identity teams, the story matters because customer-facing access signals are now shaped by dormant accounts, delegated shopping, and account takeover pressure that can no longer be handled at checkout alone.

By the numbers:

👉 Read Signifyd’s report on the ecommerce trends reshaping retail in 2026


Context

Ecommerce security is no longer just about stopping fraudulent checkout attempts. The governance gap is moving upstream into account integrity, trust decisions, and whether merchants can distinguish human shoppers from AI agents that research, compare, and increasingly act on a customer’s behalf.

That shift has a direct identity dimension. Customer accounts are becoming higher-value access points, while dormant accounts, delegated sessions, and weaker behavioural signals create more room for abuse. In digital commerce, identity assurance and fraud prevention are now converging, and the starting point is clearly typical rather than niche.

The article’s broader point is that retail competition is moving from pure growth to efficiency and trust. For practitioners, that means account lifecycle controls, risk-based authorisation, and bot-aware decisioning are becoming part of the commerce stack rather than adjacent fraud concerns.


Key questions

Q: How should ecommerce teams handle AI agents shopping on behalf of customers?

A: Treat AI-assisted shopping as a trust and identity problem, not just a traffic source. Merchants should verify intent through product data quality, session risk, and downstream account behaviour rather than assuming all non-human activity is hostile. The goal is to separate legitimate delegated shopping from automated abuse without breaking conversion for valid buyers.

Q: Why does account takeover risk increase when customer accounts sit unused for long periods?

A: Dormant accounts often retain payment methods, loyalty points, gift cards, and saved addresses, which makes them attractive targets. If identity monitoring stops after registration, an attacker can revive an old account with little resistance. Continuous lifecycle controls are needed because the security problem is not creation alone, but whether the account stays trustworthy over time.

Q: What do merchants get wrong about fraud detection in agentic commerce?

A: They often over-rely on human behaviour cues such as click paths, page dwell, and browsing depth. AI agents can produce cleaner, faster, and less obvious journeys that still represent valid demand. Fraud programmes need to distinguish low-context but legitimate automation from abuse, rather than assuming any thin-session order is suspicious.

Q: Who is accountable when an AI agent or compromised account drives fraudulent purchases?

A: Accountability sits with the merchant programme that owns identity, fraud, and returns governance, because those controls determine whether the account was protected before the loss occurred. For regulated or high-risk sectors, the practical obligation is to prove that access, authentication, and exception handling were monitored across the full customer lifecycle, not only at payment.


Technical breakdown

Agentic commerce changes how trust is evaluated

Agentic commerce refers to buying journeys where an AI agent searches, compares, and sometimes initiates or completes purchases on a user’s behalf. That changes the trust model because a merchant may no longer see the same sequence of clicks, dwell time, and device continuity that traditionally helped separate legitimate buyers from fraud. The decision signal shifts from session familiarity to intent quality, catalog clarity, and whether the merchant can reliably interpret machine-originated demand. That is an identity problem as much as a commerce problem, because the actor behind the transaction is mediated by software rather than a direct human login.

Practical implication: merchants need decisioning that can score delegated shopping intent without relying only on human-session heuristics.

Account takeover risk starts before checkout

Account takeover happens when an attacker compromises a legitimate customer account and then uses that access to redeem stored value, payment methods, loyalty balances, or personal data. In ecommerce, the attack surface is the full account lifecycle, not the checkout page. Dormant accounts, reused credentials, sudden device changes, and profile edits create weak points that can be exploited long before a purchase is made. Once access is established, the fraud often looks like ordinary customer activity unless the programme monitors identity drift and account behaviour continuously. That makes account integrity a governance control, not just a detection task.

Practical implication: security teams should monitor login, profile, and payment changes as account compromise signals, not only transaction outcomes.

Risk-based returns reduce abuse without blocking every refund

Returns fraud grows when every request is treated the same, because legitimate buyers and abusers receive identical friction. A risk-based returns model assigns different outcomes based on customer history, claim quality, and behavioural signals so trusted requests can move quickly while suspicious ones are reviewed. This is increasingly necessary because generative AI can make fake receipts, photos, and explanations harder to distinguish from genuine complaints. The technical issue is not just fraud classification. It is whether the returns workflow can handle variable trust levels at scale without creating unnecessary customer friction or a broad abuse window.

Practical implication: build segmented returns workflows that apply friction only where the risk profile justifies it.


NHI Mgmt Group analysis

Identity in ecommerce is shifting from authentication to behavioural trust. Merchants can no longer assume that a verified login means a human is acting end to end, because AI-mediated shopping breaks the old link between account access and user intent. That weakens the value of session-centric fraud controls and pushes programmes toward lifecycle visibility, delegated authorisation logic, and bot-aware assurance. The practitioners who adapt fastest will treat identity as a decision context, not a one-time gate.

Account takeover is now a commerce infrastructure problem, not just a fraud problem. When dormant accounts hold stored value and loyalty balances, they become access reservoirs rather than inactive records. That changes the governance question from how to block bad checkouts to how to prevent legitimate accounts from becoming reusable attack assets. In practice, this means customer identity controls and fraud controls need shared visibility, shared risk scoring, and shared response thresholds.

Agentic commerce introduces a new trust boundary between discovery and execution. Search, comparison, and purchase may now be split across different actors, different systems, and different evidence trails. That creates a verification trust gap: the merchant may know what was ordered but not have the same confidence in who, or what, initiated it. Programmes that keep evaluating only the final transaction will miss the point where machine-driven intent first enters the workflow.

Returns governance is becoming an identity signal problem. A refund request is increasingly a claim about relationship, history, and credibility, not just logistics. The more generative AI improves the realism of fabricated evidence, the more merchants must use customer identity history, account behaviour, and claims consistency as part of the control set. The field should expect returns fraud to look more like identity abuse over time.

What this signals

The operational signal for merchants is that commerce programmes now need a shared view of identity, fraud, and customer lifecycle risk. A checkout-only model will miss dormant account abuse, delegated shopping, and the trust gaps created when AI agents influence purchase paths before a shopper reaches the site.

Verification trust gap: identity proof at signup does not guarantee trustworthy behaviour at purchase time. That gap becomes wider when automation can mimic legitimate buying patterns, so teams should align fraud controls with continuous account monitoring and policy decisions rather than one-off authentication events.

Practitioners should expect the governance conversation to shift toward evidence quality, account age, and behavioural drift. The relevant benchmark is no longer whether the account exists, but whether it can still be trusted to spend, return, or redeem without human intervention or abuse.


For practitioners

  • Expand account monitoring beyond checkout Track new-device logins, repeated failed attempts, shipping or email changes, payment additions, and loyalty balance checks so compromised accounts are detected before value is extracted.
  • Segment trust decisions for agent-led traffic Use separate scoring for human shoppers, known automation, and ambiguous agentic sessions so clean machine-driven demand is not treated as abuse.
  • Treat dormant accounts as high-risk assets Review inactive accounts with stored payment methods, gift cards, or loyalty balances and apply step-up verification before high-value actions are allowed.
  • Calibrate returns by risk tier Route loyal low-risk customers to fast resolution, moderate-risk claims to review, and clearly abusive claims to denial using evidence quality and account history.

Key takeaways

  • Ecommerce risk in 2026 is moving upstream, where identity, intent, and account integrity shape outcomes before checkout happens.
  • Signifyd’s data shows the scale of the shift, with AI referrals up 1,247% year over year and account takeover rising sharply in multiple verticals.
  • Merchants need lifecycle monitoring and risk-based decisioning because human-session signals alone will not reliably distinguish legitimate automation from abuse.

Standards & Framework Alignment

This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.

OWASP Agentic AI Top 10 address the attack surface, NIST SP 800-63, NIST CSF 2.0 and NIST AI RMF set the technical controls, and GDPR define the regulatory obligations.

FrameworkControl / ReferenceRelevance
NIST SP 800-63SP 800-63BCustomer authentication and session assurance matter when AI agents and dormant accounts shape commerce risk.
NIST CSF 2.0PR.AC-1Access control and identity proofing are central to stopping account takeover and delegated abuse.
GDPRArt.32Commerce accounts often process personal data, making security of access and misuse prevention relevant.
NIST AI RMFMANAGEAgentic commerce introduces AI-mediated trust decisions that need governance and risk treatment.
OWASP Agentic AI Top 10NHI-04Agentic shopping depends on delegated actions and tool use, which maps to agentic abuse and privilege risk.

Apply Art.32 by protecting personal-data-bearing accounts with proportionate access and monitoring controls.


Key terms

  • Agentic Commerce: A buying model where an AI system can research, compare, and sometimes execute purchases on behalf of a person. The security challenge is that the merchant may see machine-mediated intent rather than a traditional human browsing session, which changes how trust and abuse are assessed.
  • Account Takeover: The compromise of a legitimate customer account so it can be used to spend stored value, access personal data, or make fraudulent changes. In ecommerce, the risk extends beyond login because attackers often act after the account has been dormant and appears normal at first glance.
  • Verification Trust Gap: The difference between proving a user was legitimate at one point in time and proving their subsequent actions are still trustworthy. This gap becomes wider when AI agents, delegated workflows, or stale accounts are involved, because initial authentication no longer guarantees safe downstream behaviour.
  • Risk-Based Returns: A returns model that applies different review and refund outcomes based on customer history, request quality, and fraud indicators. It reduces abuse by avoiding one-size-fits-all processing, while preserving speed for low-risk customers whose behaviour fits expected patterns.

What's in the full report

Signifyd’s full report covers the operational detail this post intentionally leaves for the source:

  • Vertical-by-vertical breakdowns of ecommerce trend impact across retail categories
  • Transaction-level evidence behind AI referral growth and agentic shopping patterns
  • Detailed returns and refund handling examples for risk-based decisioning
  • Account integrity indicators merchants can use to tune upstream fraud controls

👉 Signifyd’s full report adds the transaction evidence and category-level detail behind these 2026 retail shifts.

Deepen your knowledge

NHI Foundation Level course, the industry's only accredited NHI security programme, covers NHI governance, machine identity security, and secrets management. It helps security and identity practitioners align lifecycle controls with the broader trust decisions their programmes need to make.
NHIMG Editorial Note
Published by the NHIMG editorial team on 2026-03-03.
NHI Mgmt Group — the independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org