We Wrote About AI Making Payments Smarter. Here's the Other Side.
Earlier this year we covered Visa's Agentic Ready program and what it means for merchants when AI starts shopping autonomously on behalf of consumers. The technology driving that shift — large language models, generative AI, deepfakes, automation at scale — is the same technology now being deployed on the other side of every transaction. Fraudsters have the same tools. And they've been using them longer than most merchants realize.
The Numbers First
The scale of what's happening is not abstract. Global ecommerce fraud losses reached $48 billion in 2025 — a 16% increase from the year before — and Juniper Research projects that figure will rise to $107 billion by 2029. That's a 141% increase in five years, driven primarily by AI-powered attacks and the structural shift toward online and card-not-present transactions.
For US merchants specifically, LexisNexis Risk Solutions' 2025 True Cost of Fraud study puts the real cost at $4.61 for every dollar of fraud lost — up from $3.00 in the prior year. That multiplier captures fees, lost product, shipping, and the operational overhead of fighting disputes. Chargeback volume is projected to hit 337 million transactions globally in 2026, up 42% from 2023 levels. Card-not-present fraud alone is forecast to reach $28.1 billion this year.
Generative AI-enabled fraud — the category that includes deepfakes, synthetic identities, AI-written chargeback claims, and automated attack tooling — surged 1,210% in 2025 according to Vectra AI's March 2026 analysis. Traditional fraud, by comparison, rose 195% over the same period. The gap between AI-assisted and traditional fraud isn't narrowing. It's widening.
What AI Has Actually Changed
Fraud has always existed. What AI has changed is the economics of running it, and the difficulty of detecting it. Three developments in particular are reshaping the threat landscape for merchants.
Synthetic identity fraud at industrial scale. Synthetic identity fraud — where criminals build entirely fictitious identities by blending real and fabricated personal data — is now the fastest-growing financial crime globally. Synthetic identity document fraud surged 311% between Q1 2024 and Q1 2025 according to Sumsub's Identity Fraud Report. Businesses lose an estimated $20 billion to $40 billion annually to synthetic identity fraud, with detection significantly delayed because no real victim exists to report it. Gartner predicts that by 2026, 30% of enterprises will no longer consider standalone identity verification solutions reliable — because AI-generated synthetic identities can now defeat the majority of single-layer verification systems.
Deepfakes moving from novelty to operational tool. Deepfake usage in biometric fraud attempts surged 58% year-on-year according to AiPrise, while injection attacks — where fraudsters inject pre-recorded deepfake footage into identity verification flows — rose 40%. Gartner's 2026 CISO survey found that 62% of organizations experienced a deepfake attack in the prior 12 months. The average per-incident loss from deepfake fraud hit $450,000 according to a 2024 survey cited by BNY. The most widely documented single incident — Arup's Hong Kong office losing $25 million after a fraudster used deepfake video to impersonate a CFO on a multi-person video call — was not an outlier. It was a preview.
AI-generated chargeback claims. This is the development most directly relevant to merchants, and the least discussed. Fraudsters are now using large language models to generate convincing, grammatically perfect, emotionally calibrated chargeback dispute claims at scale — claims that bypass bank filters precisely because they read nothing like the amateurish fraud attempts that fraud systems were trained to catch. In March 2026, multiple merchants reported waves of 20 or more consecutive disputes that appeared to come from different customers with different order values and different reason codes, but were written in identical patterns — a signature of LLM-generated batch fraud. Friendly fraud already accounts for approximately 75% of all chargebacks and costs merchants an estimated $132 billion annually according to LexisNexis. AI is making it faster, cheaper, and harder to fight.
The High-Risk Merchant Problem
Every merchant with an online presence is exposed to AI-enabled fraud. But high-risk merchants face a specific compounding problem: the fraud trends described above feed directly into VAMP ratios at a moment when the thresholds have never been tighter.
The 2026 VAMP Excessive merchant threshold is 1.5%. Chargeback volume is rising 42% globally. Friendly fraud — now easily scaled with AI tools — already accounts for the majority of disputes most online merchants receive. AI-powered friendly fraud is pushing merchants toward VAMP thresholds faster than traditional fraud ever did, because it generates higher volumes of more convincing disputes with less friction for the fraudster.
For merchants in High Brand Risk MCC categories — iGaming, adult content, nutraceuticals, travel, online lending — the situation is more acute. These merchants operate with no grace period under VAMP. A fraud-driven chargeback spike that would give a standard merchant 90 days to respond can begin generating fines in month one for a high-risk merchant. The fraud risk and the compliance risk are not separate problems. They are the same problem.
> First-party fraud jumped from 7.6% of all fraud cases in 2023 to 30.4% in 2024 according to LexisNexis Risk Solutions — effectively matching third-party fraud in prevalence in a single year. The MRC's 2026 report names refund and policy abuse the number one merchant threat for the first time, displacing payment fraud. Legacy fraud controls designed for third-party attacks are not calibrated for this shift.
5 Things Merchants Can Do Right Now
The good news is that AI is also improving fraud defense — and the most effective tools available to merchants right now are specifically designed for the AI-enabled fraud environment.
1. Move from static to dynamic identity signals. Static verification — checking a document once at onboarding — is no longer sufficient when AI can generate convincing synthetic documents in seconds. The 2026 Identity and Payments Summit consensus was clear: real-time, layered risk signals that include behavioral data, device fingerprinting, and transaction history are now the baseline for effective verification. If your fraud stack hasn't been updated since 2022, it was designed for a different threat environment.
2. Build your Compelling Evidence 3.0 infrastructure now. CE 3.0 is the most effective tool available for fighting AI-generated friendly fraud claims, because it requires fraudsters to defeat not just a single dispute but a pattern of prior transaction evidence. Merchants who retain IP addresses, device fingerprints, and historical transaction records — and who can produce them quickly when a dispute arrives — win significantly more representments. CE 3.0 also excludes successful cases from VAMP calculations, which makes it a direct ratio management tool, not just a revenue recovery one.
3. Watch for LLM-generated dispute clustering. AI-generated chargeback claims have a signature: they arrive in batches, they're grammatically uniform, and they use slightly different phrasing across claims that are structurally identical. Train your dispute review team to flag these patterns. A sudden spike in well-written, emotionally appropriate dispute claims across unrelated customers in a short window is a signal, not a coincidence.
4. Layer pre-dispute tools into your stack. RDR and CDRN resolve disputes before they become formal chargebacks — and critically, disputes resolved through these tools are excluded from VAMP ratio calculations. For high-risk merchants operating close to thresholds, this exclusion is worth more than the dispute value alone. If you're not using pre-dispute tools, you're absorbing ratio exposure that you could be avoiding.
5. Treat fraud prevention and compliance as one function. The separation between "fraud team" and "compliance team" is increasingly a liability. AI-powered fraud affects VAMP ratios, which are a compliance problem. CE 3.0 representments improve ratios, which benefits compliance. Pre-dispute tools reduce ratio exposure, which is both fraud prevention and compliance management. Merchants who integrate these functions — and who review fraud trends and VAMP ratios together in the same conversation — respond faster and more effectively than those who manage them in silos.
The Bottom Line
The same technological shift that is making payments more intelligent and more automated is making fraud more sophisticated, more scalable, and harder to detect with legacy tools. These are not separate trends. They are the same trend, running in both directions simultaneously.
For merchants — and particularly for high-risk merchants who already operate under tighter monitoring thresholds — the implication is straightforward: the fraud environment of 2026 requires a different response than the fraud environment of 2022. Static verification, reactive dispute management, and siloed fraud and compliance functions are not calibrated for what's happening now.
At MMG, we work with high-risk merchants who face this environment every day. If you want to talk through your current fraud stack, your VAMP exposure, or how the trends described here apply specifically to your vertical, we're glad to help.