TL;DR: AI referrals to merchants rose 1,247% year over year in October 2025, while account takeover grew 45% in apparel and 29% of online grocery accounts sat untouched for more than a year, according to Signifyd’s 2026 commerce analysis. The practical shift is clear: merchants now need trust decisions that work for both human shoppers and AI agents acting on their behalf.
NHIMG editorial — based on content published by Signifyd: Top 5 Ecommerce Trends that are Reshaping Retail in 2026
By the numbers:
- ATO fraud grew 45% year over year in apparel, 31% in grocery and 31% in electronics in 2025.
- 29% of online grocery accounts haven’t been touched in over a year.
- Half of all Cyber Week orders in 2025 arrived with a discount code.
Questions worth separating out
Q: How should ecommerce teams handle AI agents shopping on behalf of customers?
A: Treat AI-assisted shopping as a trust and identity problem, not just a traffic source.
Q: Why does account takeover risk increase when customer accounts sit unused for long periods?
A: Dormant accounts often retain payment methods, loyalty points, gift cards, and saved addresses, which makes them attractive targets.
Q: What do merchants get wrong about fraud detection in agentic commerce?
A: They often over-rely on human behaviour cues such as click paths, page dwell, and browsing depth.
Practitioner guidance
- Expand account monitoring beyond checkout Track new-device logins, repeated failed attempts, shipping or email changes, payment additions, and loyalty balance checks so compromised accounts are detected before value is extracted.
- Segment trust decisions for agent-led traffic Use separate scoring for human shoppers, known automation, and ambiguous agentic sessions so clean machine-driven demand is not treated as abuse.
- Treat dormant accounts as high-risk assets Review inactive accounts with stored payment methods, gift cards, or loyalty balances and apply step-up verification before high-value actions are allowed.
What's in the full report
Signifyd’s full report covers the operational detail this post intentionally leaves for the source:
- Vertical-by-vertical breakdowns of ecommerce trend impact across retail categories
- Transaction-level evidence behind AI referral growth and agentic shopping patterns
- Detailed returns and refund handling examples for risk-based decisioning
- Account integrity indicators merchants can use to tune upstream fraud controls
👉 Read Signifyd’s report on the ecommerce trends reshaping retail in 2026 →
AI agents in ecommerce: what it means for fraud and trust?
Explore further
Identity in ecommerce is shifting from authentication to behavioural trust. Merchants can no longer assume that a verified login means a human is acting end to end, because AI-mediated shopping breaks the old link between account access and user intent. That weakens the value of session-centric fraud controls and pushes programmes toward lifecycle visibility, delegated authorisation logic, and bot-aware assurance. The practitioners who adapt fastest will treat identity as a decision context, not a one-time gate.
A question worth separating out:
Q: Who is accountable when an AI agent or compromised account drives fraudulent purchases?
A: Accountability sits with the merchant programme that owns identity, fraud, and returns governance, because those controls determine whether the account was protected before the loss occurred. For regulated or high-risk sectors, the practical obligation is to prove that access, authentication, and exception handling were monitored across the full customer lifecycle, not only at payment.
👉 Read our full editorial: Ecommerce is splitting into human and AI agent buyers in 2026