TL;DR: Agentic commerce can let shoppers buy through chat interfaces while merchants receive only basic transaction data, reducing fraud visibility and shifting liability to the merchant even when the customer never visits the store, according to Riskified. The control problem is not just fraud detection but preserving enough identity and device context to make defensible approvals in an agent-mediated checkout flow.
NHIMG editorial — based on content published by Riskified: agentic commerce, fraud liability, and policy abuse
By the numbers:
- According to a recent Riskified survey, shoppers are embracing AI assistants like ChatGPT for product ideas (45%), to summarize reviews (37%), and to compare prices (32%).
- This photo showing a wall of 1,250 smartphones running scams at one facility in Cambodia illustrates how organized fraud can be operationalized at scale.
- 80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems, inappropriately sharing sensitive data, and revealing access credentials.
Questions worth separating out
Q: What breaks when agentic commerce does not provide enough identity context?
A: The merchant loses the evidence needed to distinguish legitimate shoppers from compromised accounts, stolen payment credentials, and coordinated abuse.
Q: Why do AI-mediated checkout flows increase fraud and policy abuse risk?
A: Because they reduce the merchant’s visibility into the buyer while preserving enough payment validity to pass authorization.
Q: What do security and fraud teams get wrong about valid payment tokens?
A: They often treat a valid token or approved wallet transaction as proof of trustworthy intent.
Practitioner guidance
- Define a separate risk model for agentic checkout Classify AI-mediated purchases separately from standard web and app orders, then weight device, velocity, account age, and shipping consistency more heavily because conversational flows provide less behavioural context.
- Require upstream identity evidence for dispute defence Preserve the session, account, device, and payment evidence needed to distinguish legitimate shoppers from compromised or fraudulent actors after chargeback claims arrive.
- Add policy abuse checks to commerce workflows Monitor for reseller-style behaviour, repeated low-value basket creation, unusual quantities, and clustered shipping patterns that indicate automated policy circumvention rather than classic payment fraud.
What's in the full article
Riskified's full article covers the operational detail this post intentionally leaves for the source:
- Merchant-side fraud response considerations for agentic commerce and chargeback exposure.
- How data-sharing gaps affect order review, dispute handling, and abuse prevention.
- The practical implications of policy abuse, reseller behaviour, and refund exploitation in AI-assisted checkout.
- Why fraud teams may need to change escalation and review workflows as agent-mediated commerce expands.
👉 Read Riskified’s analysis of fraud and policy abuse in agentic commerce →
Agentic commerce fraud and liability: what merchants must prepare for?
Explore further
Agentic commerce creates an identity deficit at the point of payment: the merchant can receive a valid transaction while losing the behavioural and device context needed to judge who is actually buying. That breaks a long-standing fraud assumption that authorization context and purchaser context can be correlated. For IAM and fraud programmes, the consequence is that identity confidence must extend across delegated shopping flows, not stop at account login. Practitioners should treat the checkout channel as part of identity governance.
A question worth separating out:
Q: Who is accountable when AI-assisted purchases lead to chargebacks or abuse?
A: The merchant remains accountable for most downstream business impact, including chargebacks, refunds, support costs, and inventory loss, unless the payment rail or wallet contract explicitly shifts liability. That means merchants, fraud leaders, and platform owners need governance controls before enabling agentic commerce at scale.
👉 Read our full editorial: Agentic commerce shifts fraud liability to merchants and strips context