Ecommerce fraud prevention in 2026 has a counterintuitive problem at its center: the most expensive failure is not the fraud you miss — it's the good customers you wrongly turn away. Industry studies attributed to Javelin suggest false declines cost merchants roughly 13 times more than actual fraud, yet only about 64% of merchants even track the false-decline rate.
The threat landscape has also shifted. First-party (friendly) fraud now reportedly represents around 36% of all reported fraud, up from roughly 15% in 2023. Account takeover, card testing, and synthetic identities keep climbing. And agentic commerce — AI shopping agents transacting on a customer's behalf — adds a brand-new surface that 3DS2, AVS, and CVV were never designed to handle.
This playbook covers the false-decline paradox, what the 2026 fraud mix actually looks like, the layered defense stack that beats rules-only systems, how 3D Secure 2 and SCA shift liability, the real chargeback-recovery math (gross win rate is not net recovery), the emerging agentic-payments risk, and a KPI self-score you can run against your own numbers this week. Every figure below is sourced or qualified — fraud statistics are notoriously vendor-aggregated, so treat them as directional.
- 01False declines are the costliest leak in the stack.Industry studies attributed to Javelin put the cost of false declines at roughly 13× actual fraud, with 30–70% of merchant-declined orders estimated to be good customers — yet only ~64% of merchants track the rate.
- 02Friendly fraud is now the dominant dispute type.First-party misuse reportedly reached ~36% of all reported fraud (up from ~15% in 2023), and Chargebacks911 projects 61% of disputes will stem from friendly fraud by 2026. The MRC found 64% of merchants reporting rising first-party misuse.
- 03Layered defense beats rules alone.AVS/CVV and velocity rules are table stakes. Adding 3DS2 liability shift, ML scoring, device fingerprinting, and pre-dispute alerts is what vendors say can cut losses 60–80% versus rules-only systems — treat the range as vendor-aggregated.
- 043DS2 shifts chargeback liability to the issuer.3D Secure 2 transmits 100+ data points per transaction and delivers a full liability shift to the issuer — even on frictionless flows. Only ~32.4% of merchants currently use it, so there is meaningful headroom.
- 05Agentic payments are the new risk surface.Without agent-identification standards, existing fraud detection can treat agent-initiated transactions as bot attacks and trigger mass false declines. GR4VY estimates agentic traffic rose ~450% in 2025; the MRC found ~63% of merchants exploring agentic payments.
01 — The Real Cost CenterThe false-decline paradox.
Start with the number that reframes everything. Industry studies attributed to Javelin estimate that false declines — legitimate orders wrongly rejected as fraud — cost merchants roughly 13 times more than the fraud they prevent. Globally, false-decline losses have been set to exceed $443 billion, dwarfing the roughly $48 billion in actual ecommerce fraud. Those figures originate in a 2021 Javelin study and later citations are largely estimates, so treat the headline as directional rather than precise — but the order of magnitude is the point.
The damage compounds. Riskified's analysis suggests that for the average merchant, issuers decline roughly one in every ten ecommerce dollars at authorization, and a large share of those declines are good customers. Signifyd's data points to 30–70% of merchant-declined orders being false positives, around 27% of loyal customers never returning after a false decline, and a sharp drop in order frequency among affected repeat buyers. A declined customer rarely complains — they just leave, and often tell others.
"For the average merchant, issuers decline one in every 10 ecommerce dollars during payment authorization — and 70% of these declined orders are from good customers qualified to make the purchase."— Riskified, True Cost of Declined Orders (vendor-stated)
Here is the original analysis worth sitting with: most fraud teams are optimized in exactly the wrong direction. Fraud losses are visible — they show up as chargebacks, refunds, and stolen merchandise on a dashboard. False declines are invisible — they show up as revenue that never existed and customers who silently churned. So teams over-invest in tightening rules (which raises false declines) and under-invest in measuring the far larger cost of those declines. The fix is not to fight less fraud; it is to stop using blunt rules where probabilistic scoring would approve more good orders. That is the entire case for the layered stack below, and it ties directly into checkout optimization — friction you add to stop fraud is friction you add to conversion.
02 — The 2026 Threat MixWhat ecommerce fraud actually looks like now.
The fraud mix in 2026 is dominated less by classic stolen-card abuse and more by misuse of legitimate accounts and identities. The Merchant Risk Council's 2026 Global eCommerce Payments and Fraud Report — a survey of 1,278 merchants across 37 countries — found 64% of merchants reporting increasing first-party misuse, with roughly a quarter seeing increases of 25% or more. Several distinct threat types now run in parallel.
Friendly fraud
First-party misuse — customers falsely claiming an unauthorized transaction to get a refund while keeping the goods. Up from ~15% in 2023. Chargebacks911 projects 61% of disputes will be friendly fraud by 2026.
Account takeover
Sift's Q3 2025 index puts ATO losses at a projected $17B (up from $13B in 2023), an attack rate of 2.5% in Q2 2025, and a 122% surge in the fintech/finance sector. 83% of organizations saw at least one ATO incident.
Card testing
Attackers validate stolen card numbers with small transactions before larger fraud. Chargebacks911 reports 85% of merchants have experienced it, and it represents roughly a third of payment-fraud incidents — the most common single method.
Synthetic identity
Combining real and fabricated identity elements to create accounts that pass standard KYC. The +311% growth figure comes from a secondary aggregator (Ringly.io) and should be treated as an industry estimate pending a primary source.
One demographic detail is worth flagging for any consumer brand: the Chargeflow aggregation reports that 84% of customers prefer filing a chargeback over requesting a refund from the merchant, 52% bypass the merchant entirely and go straight to their bank, and Gen Z reportedly files around 60% of chargebacks — often citing impulse purchase regret. That last figure appears in vendor aggregation without a clear original study, so treat the Gen Z share as an industry estimate. Either way, the behavioral pattern matters: when disputing is easier than asking, friendly fraud scales. If you offer buy now pay later risk considerations, this cohort overlap is especially worth modeling.
03 — Defense In DepthThe layered defense stack.
No single control stops modern fraud without collateral damage to good customers. The blessed pattern is defense in depth: cheap, blunt controls at the edge; probabilistic scoring in the middle; liability-shifting authentication on the riskiest transactions; and recovery tooling after the fact. Vendors cite that a layered stack can cut losses 60–80% versus rules alone — treat that range as vendor-aggregated and directional, not a guarantee. The bars below order the layers from foundational to advanced.
The fraud-prevention stack · foundational → advanced
Sources: Stripe, Visa/Mastercard, Signifyd, Chargeflow — ordering is illustrative, not a single-source rankingThe middle layer is where most of the leverage lives. ML fraud scoring — Stripe Radar, Signifyd, Riskified and peers — replaces brittle if-then rules with models trained on network-scale data. Stripe states Radar reduces fraud by about 32% on average, trained on over $1 trillion in annual payment volume, and that roughly 92% of cards it processes have been seen before on its network, which powers velocity and pattern signals. Signifyd similarly says its 7,000+ merchant Commerce Network identifies 15–20% more fraud than a single-merchant model and lets merchants approve 5–9% more orders. These are vendor-stated figures, but the mechanism is sound: more data, fewer false declines.
04 — Authentication3DS2, SCA, and the liability shift.
3D Secure 2 is the single highest-leverage control most merchants under-use. Per Stripe's 3DS2 guide, the protocol transmits 100+ data points per transaction — device ID, IP, shipping address, prior transaction history — to the issuing bank, which then risk-scores the authentication. Low-risk transactions clear via a frictionless flow with no customer action; higher-risk ones trigger a challenge flow (biometric or one-time-passcode verification).
The decisive benefit is liability. 3DS2 delivers a full liability shift to the issuer for authenticated transactions — even on frictionless flows where no customer challenge was presented. That means fraud chargebacks on those transactions become the issuer's problem, not yours. And yet only about 32.4% of merchants currently employ 3DS as a fraud-prevention tool, which is a large pool of unclaimed liability protection.
Signals sent to the issuer
3DS2 passes device ID, IP, shipping address, and prior transaction history to the issuing bank, enabling risk-adjusted authentication rather than a blanket password prompt.
To the issuer, even frictionless
Authenticated 3DS2 transactions shift fraud-chargeback liability to the issuer — including frictionless-flow transactions where the customer never saw a challenge. This is the core merchant benefit.
Of merchants use 3DS today
Only about a third of merchants currently deploy 3DS for fraud prevention, leaving most of the available liability protection on the table. Under EU PSD2, SCA effectively requires 3DS2 for card-not-present.
For EU and EEA traffic, this is not optional. Strong Customer Authentication (SCA) under PSD2 makes 3DS2 the primary card-not- present compliance path. SCA exemptions exist — low-risk transactions below €30, recurring fixed-amount payments, trusted beneficiaries, and corporate payments — so the implementation question is which transactions to exempt for conversion versus which to authenticate for protection. That tuning is exactly the conversion-versus-security balance the rest of this playbook is about.
05 — Recovery RealityChargebacks: the math nobody publishes.
The chargeback economy is large and growing. Chargeflow's aggregation projects global chargeback volume reaching 337 million transactions by 2026 — a 42% increase from 238 million in 2023 — at a cost to ecommerce merchants of $33.79 billion in 2025, projected to reach $41.69 billion by 2028. Note these are cross-source aggregations; the Nilson Report and Juniper Research publish their own divergent figures, so cite the source when you use them.
The number that trips up most teams is the win rate. There are two very different figures floating around, and they measure different things. The gross representment win rate — disputes you formally win — is often cited around 45–54%. But the net win rate, after second chargebacks and recovery costs, drops to roughly 8.1% (2024). Per Chargeflow, about 73.6% of disputes formally become chargebacks while 26.4% are resolved pre-chargeback. So the gross figure is roughly six times the net — fighting every dispute blindly is a losing strategy.
"Refund/Policy Abuse has retained its position as the most prevalent fraud type faced by merchants in the past 12 months."— Merchant Risk Council, 2025 Global eCommerce Payments and Fraud Report
The smarter move is to win before the dispute even files. Pre-dispute alert networks — Verifi (Visa) and Ethoca (Mastercard) — notify merchants within hours of a pending dispute so they can refund proactively and avoid the chargeback entirely. Verifi covers roughly 1,000 US-heavy issuers; Ethoca covers around 5,000 globally; most merchants run both for the broadest coverage. When a dispute does proceed, Visa's Compelling Evidence 3.0 (CE 3.0) applies to reason code 10.4 (card-absent fraud) and lets merchants submit two prior matching transactions — device ID, IP, account history — to shift liability back to the issuer.
Early adopters report a 30–40% improvement in dispute win rates for fraud-related chargebacks under CE 3.0 — but that is an early-adopter figure with no long-term data yet, so treat it as a promising early-stage signal rather than an established benchmark. The distinction between fraud chargebacks (where 3DS2 and CE 3.0 help) and genuine payment failures (where dunning helps) is real and operational; for the latter, see our failed payment recovery playbook.
Chargeback recovery · gross vs net win rate
Source: Chargeflow 2025 — gross and net win rates measure different things; cite which one06 — Emerging SurfaceThe agentic-payments surface.
Nearly every fraud playbook published before 2026 predates agentic commerce — AI shopping agents that browse, decide, and pay on a customer's behalf. GR4VY estimates agentic traffic rose around 450% in 2025 (the vendor does not name a primary source, so treat it as an industry estimate), and the MRC found roughly 63% of merchants exploring or planning agentic AI payment implementation, with 72% already using payment tokenization and 43% accepting real-time payments. This is the next attack surface — and most fraud stacks are not ready for it.
The core problem is identity. Without agent-identification standards, existing fraud detection treats agent-initiated transactions as bot attacks by default, triggering mass false declines — the exact failure mode this playbook opened with, now at machine scale. Tokenization is part of the answer: Visa's network alone had issued over 12.6 billion payment tokens by early 2025, tokenized transactions reportedly see about 40% less fraud, and Mastercard reports tokenization lifts authorization rates 3–6 percentage points. For the full merchant-readiness picture, see our guide to tokenized agentic commerce payments.
Here is the forward-looking call: in 2026, the merchants who win agentic commerce will be the ones whose fraud stack can distinguish a legitimate agent from a bot attack — because the alternative is declining a fast-growing, high-intent traffic source by default. That capability does not exist off-the-shelf in most rules-based systems today, which is why network-data ML scoring and tokenization move from nice-to-have to prerequisite. Expect agent-identification standards and processor-level agent signals to mature over the next 12–24 months; build the scoring foundation now so you can consume them when they arrive.
07 — Self-DiagnosticThe fraud KPI self-score.
Most merchants cannot answer the basic question "is our fraud program healthy?" because the KPIs and their network-specific thresholds live in scattered sources. The table below puts the seven that matter in one place, grouped by what they measure — core payment health, revenue leakage, and active attacks — with the healthy benchmark, the amber warning, the red flag, and the primary fix. Run your own numbers against it.
| KPI | Healthy | Amber | Red flag | Primary fix |
|---|---|---|---|---|
| Core payment health | ||||
| Chargeback rate | 0.5–1.0% | 0.65% (Visa early warning) | 0.9%+ (VDMP, fines apply) | 3DS2 liability shift + pre-dispute alerts |
| Representment win rate (net) | Track it at all | Confusing gross with net | Fighting everything blindly | CE 3.0 evidence + selective representment |
| Revenue leakage | ||||
| False decline rate | Measured + minimised | Not measured (most merchants) | 30–70% of declines are false | ML scoring replaces blunt rules |
| Acceptance rate | As high as risk allows | Rules-only suppression | Loyal customers churning | Network-data ML + manual-review tuning |
| Active attacks | ||||
| ATO incident exposure | Step-up auth on risk signals | Password-only login | 83% of orgs hit in the past year | Device fingerprinting + adaptive MFA |
| Card-testing exposure | Velocity + rate limits live | Unthrottled checkout/auth | 85% of merchants report it | Velocity rules + bot mitigation |
| First-party (friendly) fraud share | Tracked + evidenced | Rising, untracked | 61% of disputes projected by 2026 | Order evidence trail + CE 3.0 |
The chargeback-rate row is the one with hard network consequences. Visa's chargeback-monitoring early-warning threshold sits at 0.65%, escalating to 0.9%+ for the Visa Dispute Monitoring Program (VDMP) where fines apply; the broad industry benchmark for a healthy chargeback rate is 0.5–1.0%. Cross those lines and the cost is not just the disputes — it is program fees and, eventually, processing risk. Everything else on the list is about catching leakage and attacks before they push that one number into the red.
08 — ImplementationBuild your 2026 playbook.
How you sequence the stack depends on where you are today. The matrix below maps four common merchant profiles to the right next move — the goal is always to cut false declines and fraud together, not to trade one for the other.
High false declines, blunt blocking
Your biggest leak is good customers turned away. Add network-data ML scoring (Stripe Radar, Signifyd, or Riskified) before tightening anything else, and start measuring the false-decline rate this week.
Card-not-present in scope for SCA
3DS2 is your compliance path and your liability shield. Implement it with smart exemptions (low-value, trusted-beneficiary, recurring) so you authenticate the risky transactions and keep frictionless flows for the rest.
Disputes rising, recovery weak
Stop fighting blindly. Add Verifi + Ethoca pre-dispute alerts to refund before chargebacks file, and adopt CE 3.0 evidence for reason-code-10.4 disputes. Track net win rate, not gross.
Exploring agentic payments
Build the scoring + tokenization foundation now so agent traffic is not declined as bot attacks by default. Adopt network tokenization and a model that can be tuned for agent signals as standards mature.
For most mid-market merchants the practical order is: measure the false-decline rate, move from rules to ML scoring, enable 3DS2 for risky transactions (mandatory for EU SCA), wire up pre-dispute alerts, and adopt network tokenization to future-proof against agentic traffic. None of this is a one-time project — fraud adapts, so the program is continuous. If you want a partner to stand up and operate this stack on your store, our ecommerce growth engagements cover exactly this work, and you can ground the targets in our ecommerce fraud and payment statistics data hub.
09 — ConclusionStop fraud without turning away the customers you want.
The goal is not zero fraud — it's the highest acceptance rate your risk allows.
The 2026 fraud problem is not the fraud you can see. It is the invisible, far larger cost of declining good customers — reportedly 13× the cost of fraud itself — combined with a threat mix that has shifted toward friendly fraud, account takeover, and a brand-new agentic surface. Rules-only systems lose on both fronts: they let sophisticated fraud through and they wrongly reject good orders.
The answer is a layered stack — AVS/CVV and velocity at the edge, network-data ML scoring in the middle, 3DS2 liability shift on the risky transactions, and pre-dispute alerts plus CE 3.0 for recovery. Vendors put the combined effect at cutting losses 60–80% versus rules alone; treat that as directional and validate it against your own numbers, but the direction is not in doubt. Tokenization and that same scoring foundation are also what make you ready for agentic payments, where the failure mode is declining legitimate agent traffic as bot attacks.
Start with the one metric most merchants skip — the false-decline rate — then sequence the stack from where you are. The merchants who win in 2026 will be the ones who treat fraud prevention as a revenue problem, not just a loss-prevention one. The highest acceptance rate your risk tolerance allows is the number to optimize, and it is the number almost nobody is watching.