By Daniel Stanbridge, Chief Risk and Compliance Officer at Kurv.
The intelligence layer for fintech professionals who think for themselves.
Primary source intelligence. Original analysis. Contributed pieces from the people defining the industry.
Trusted by professionals at JP Morgan, Coinbase, BlackRock, Klarna and more.
Join the FinTech Weekly Clarity Circle →
Artificial intelligence is transforming payments, making onboarding faster, fraud detection smarter, and customer experiences smoother. But there’s another side to that story: fraudsters are using the same tools.
For small and medium-sized businesses, that shift is huge. AI tools are becoming more accessible and cheaper, so the barriers to committing fraud are dropping. These attacks used to require time and skill, but now they can be accomplished in minutes. Large enterprises may be able to absorb the impact, but smaller merchants are operating on thin margins, so even a handful of fraudulent transactions can create serious strain.
There are two areas in particular where this shift is hitting hard: account takeovers through synthetic identity fraud and so-called “friendly fraud.”
The Rise of Synthetic Identity Fraud
In a new shift, fraudsters can now scrape publicly available information about legitimate businesses, like name, address, and owner details, and use AI tools to create convincing fake personas. By generating forged identification documents that match stolen data, they can open accounts, run transactions, and disappear.
This damage lands on the legitimate business owner. Their identity has been misused, their credit profile may be affected, and in some cases, they can be pursued for losses they didn’t actually create.
This fraud disproportionately affects smaller businesses, like convenience stores or auto repair shops. This is especially true in low-risk industries, as they most commonly have easily accessible public information. Unlike a global enterprise, a small, local merchant is far easier to impersonate and harder to verify at a single glance.
Identity verification must go beyond a single check. AI can fabricate one data point convincingly, but it struggles when confronted with multiple, layered controls.
Friendly Fraud Is Growing in Economic Strain
At the same time, “friendly fraud” is becoming more prevalent. This is when a legitimate customer falsely claims they never received goods or didn’t authorize a transaction, even though they did. In practice, this typically results in a chargeback, where the customer disputes the payment with their bank, and the funds are pulled back from the merchant while the claim is investigated.
Economic pressure plays a role. When consumers feel financial strain, friendly fraud disputes tend to increase. And once someone successfully receives a refund for a non-delivery claim, the barrier to repeating that behavior drops.
For a large online marketplace, friendly fraud may be an acceptable cost of doing business. For a small ecommerce business, shipping a limited number of high-value orders each week, a few chargebacks could mean the difference between profit and loss for the month.
Merchants often feel powerless here. They can’t always predict who will file a dispute. But they can control how prepared they are to respond.
Why Layered Controls Matter More Than Ever
There is no silver bullet in fraud prevention. The most effective defense is layered.
Layered controls combine multiple verification and monitoring techniques so that no single failure leads to a loss. These multilayered controls can include identity checks that validate government IDs and match them to a photo, along with website screenings that flag inconsistencies between trading history and domain age. They can also involve bank account verification, behavioral and biometric analysis, and transaction monitoring to identify patterns that don’t align with typical behavior. An example of this is when a high-value order is placed with a billing address in one country and a shipping address in another that has no prior connection to the customer.
Individually, each of these may only raise a small red flag, but together, they tell a story. When multiple anomalies appear at once, the likelihood of fraud increases significantly.
Layered controls should also be dynamic. AI-powered tools can help identify transactions likely to result in chargebacks before goods are shipped, giving merchants the opportunity to pause and reassess. Used properly, AI becomes a defensive asset.
Don’t Forget “Old School” Fraud
AI-driven scams may be the shiny new threat in payments, but merchants with tunnel vision on these risks may neglect traditional fraud tactics. When defenses shift, fraudsters pivot as well.
Phone-based social engineering, collusion fraud, and basic identity theft still occur. In some cases, these “old school” methods succeed because attention has moved elsewhere.
Strong fraud prevention balances innovation with experience. Historical controls that have worked for years shouldn’t be discarded in favor of new tools. They should be reinforced and enhanced.
Finding the Right Fraud Threshold
In the simplest terms, fraud is inevitable, and merchants shouldn’t question whether or not it will occur. They should be asking how much is tolerable for their business.
Every merchant has a different risk appetite. Tightening controls, like “know your customer” and velocity limits, reduces fraud but can introduce issues, driving away legitimate customers. Loosening them increases conversion, but raises fraud exposure.
The answer lies in proportionality. A global marketplace may accept a higher absolute level of fraud because of scale and technology investment. A small independent business may choose stricter policies because one loss has a greater impact.
Zero fraud at any cost isn’t a sustainable mantra or goal. Small businesses must focus on protecting their revenue without undermining customer experience.
Collaboration Is Essential
Luckily, fraud is not a competitive issue, because payment providers often share data through industry forums and monitoring systems to help identify bad actors and fraud rings more quickly. That collaboration strengthens the entire industry.
For merchants, working closely with payment partners is key. Share data early, ask for guidance, and lean on dispute support processes. It’s easier to prevent losses when potential fraud is identified.
While AI is changing the fraud landscape, it isn’t a one-sided issue, because the same technology helps equip businesses with better decision tools.
The path forward is practical. Invest in layered verification controls, preserve evidence for disputes, balance fraud prevention with excellent customer experience, stay alert to emerging and traditional threats, and collaborate actively. Partnering with a modern payment partner is critical for businesses, as payment providers can offer AI-driven tools to help mitigate fraud and manage chargeback disputes.
