Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

2025 fraud trends: what the benchmark data means for risk teams


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 10965
Topic starter  

TL;DR: A 3.15% average payment fraud attack rate, 0.99% account takeover rate, and only 2.7% average manual review in Q4 highlight how precision controls are replacing broad rejection strategies, according to Sift’s 2025 Fraud Industry Benchmarking Resource. The data suggests fraud teams now win by tuning governance, not by widening the net.

NHIMG editorial — based on content published by Sift: Looking Back on 2025 Fraud Trends with Sift’s Fraud Industry Benchmarking Resource

By the numbers:

Questions worth separating out

Q: How should fraud and IAM teams handle account takeover risk together?

A: They should treat account takeover as an identity control problem that becomes a fraud problem downstream.

Q: Why do leaked credentials often drive account takeover spikes?

A: Leaked credentials matter because they let attackers present valid authentication data without proving legitimate user intent.

Q: What do security teams get wrong about manual review in fraud programmes?

A: Teams often assume more manual review means better fraud control.

Practitioner guidance

  • Separate fraud detection from rejection metrics Track false positives, fraud capture, and customer rejection as distinct controls so policy changes do not hide deteriorating detection quality.
  • Tie login telemetry to account recovery workflows Alert on leaked-credential patterns, anomalous device changes, and rapid recovery attempts so takeover can be interrupted before stored value is accessed.
  • Tune manual review to high-signal exceptions Use risk tiers, payment method context, and historical dispute patterns to keep the review queue focused on cases that actually need analyst judgment.

What's in the full report

Sift's full report covers the operational detail this post intentionally leaves for the source:

  • Industry-by-industry benchmark breakdowns that show where fraud pressure diverged across verticals.
  • Order-value, payment-method, and chargeback-reason analysis for teams tuning detection rules.
  • Deeper console-level context on how Sift customers adjusted review and authentication controls.
  • Seasonal trend detail that helps fraud and identity teams compare peak-period behaviour against baseline risk.

👉 Read Sift's 2025 fraud trends and benchmarking analysis →

2025 fraud trends: what the benchmark data means for risk teams?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 10520
 

Fraud benchmarking is becoming an identity governance signal, not just a merchant KPI. The article shows that payment fraud and account takeover are shaped by authentication quality, review discipline, and operational context. That means fraud programmes increasingly overlap with IAM, verification, and access governance. Teams that treat fraud data as separate from identity telemetry will miss the control connections that actually reduce loss.

A question worth separating out:

Q: Who is accountable when fraud and account takeover controls fail?

A: Accountability usually sits across fraud, IAM, and customer operations, because the failure is lifecycle wide. Fraud teams own detection and dispute handling, IAM teams own authentication and recovery, and product or operations teams often own the user experience that shapes false positives. The control question is whether those functions share the same risk signals and escalation rules.

👉 Read our full editorial: Fraud benchmarking in 2025 shows precision beats blanket rejection



   
ReplyQuote
Share: