Fraud Risks & Prevention - UK Retailers Insights
Are you confident your fraud prevention capability can support growth — and the rise of agentic commerce?
Introduction
Fraud risks, especially those driven by evolving technology, are never far from the headlines. With the rapid rise of artificial intelligence and autonomous agents, it is more true now than ever. The imperative to invest continuously and improve is not optional — allowing fraud systems and strategy to stagnate creates risks that reach well beyond direct financial losses.
Increasingly, card scheme fines along with a negative impact on authorisation and conversion rates can be as damaging — if not more so — than the fraud losses themselves. To compound the challenge, it is not only attackers that merchants are competing against. Every time a competitor improves its fraud defence then fraudsters migrate towards merchants that have not kept pace.
This paper sets out the key areas of focus for UK retail fraud teams, covering structural foundations, authentication strategy, the emerging threat landscape from AI and agentic commerce, and the growing impact of Visa's VAMP programme.
1. Get the Basics Right
Before addressing the sophisticated threat vectors, it is essential to establish the right foundations. Even incremental hygiene improvements can significantly reduce the noise from opportunistic fraud, and signal to Organised Crime Groups (OCGs) that you are not an easy target.
Organisational Structure and Operating Model
Fraud teams should be embedded as an integral part of the payments strategy — not consulted after decisions are made but involved from the outset in the development of new payment types, products, services, and channels. This applies across all fraud methodologies: payments fraud, account takeover (ATO), and returns fraud as a minimum. This should also include policy and procedures to ensure that the firm meets the requirements of the Economic Crime and Corporate Transparency Act (ECCTA) avoiding the ‘failure to prevent fraud’ offence.
The goal should be to shift the culture from one of refusal or post-incident remediation, to one where fraud teams actively help the business find ways to say yes — safely. That means building the right controls in from the start rather than retrofitting them later.
Fraud Systems and Intelligence
A modern fraud solution should be capable of ingesting multiple data sources and applying AI-based models across the full customer journey — not just at checkout. Key considerations include:
- Deploy a strategic fraud system capable of taking multiple data signals and applying AI or machine learning models.
- Extend coverage beyond payment events to include non-payment interactions: account creation, login events, and changes to account details.
- Implement email and phone number verification and build trust in customer identities — particularly where high-value items are being shipped or where repeat customer relationships exist.
- Ensure non-fraud and fraud dispute teams are aligned and that all dispute data feeds back into fraud tooling. Fraudsters increasingly exploit the seam between fraud and non-fraud channels.
- Establish regular communication between information security and fraud teams to share intelligence on bot activity and attack patterns, and to create effective feedback loops.
2. Changing the Narrative on Authentication
3DS authentication has historically been deployed either as a high-risk filter or, worse, as a substitute for a properly developed fraud strategy. Neither approach is adequate in the current environment.
The shift required is from a reactive, high-risk-only model to a holistic authentication strategy that uses fraud risk signals to apply the right level of friction at the right point in the journey — and shares that intelligence with issuers to improve risk management across the ecosystem.
Reducing MOTO Exposure
Mail Order / Telephone Order (MOTO) transactions represent a disproportionate fraud risk given their inherent inability to support strong customer authentication. Merchants still operating significant MOTO volumes should be actively working to reduce them, for example by:
- Expanding eCommerce availability for products or services currently sold over the phone.
- Deploying payment links to digitise telephone-initiated journeys.
- Adopting a risk-based approach to remaining MOTO volume — reserving true MOTO for only the lowest-risk transactions, with all other transactions routed through 3DS enabled channels, payment links, or 3RI Delegated Authentication.
Moving Beyond Passwords
Passkeys and non-SMS multi-factor authentication (MFA) should now be the standard for securing customer accounts. Reliance on passwords and SMS-based one-time passcodes (OTPs) creates unnecessary exposure to credential stuffing, phishing campaigns, and SIM-swap attacks. Migration to passkeys also reduces friction for legitimate customers, supporting conversion alongside security.
3. AI Threats and Agentic Commerce
The emergence of Large Language Models (LLMs) and agentic commerce introduces a new category of fraud risk that most merchants have not yet fully incorporated into their threat models. These risks operate at two levels: the use of AI by fraudsters to enhance existing attack vectors, and the structural vulnerabilities introduced by non-human buyers acting within commerce environments.
AI-Enabled Fraud Attacks
Fraudsters are already exploiting LLMs to increase the sophistication and scale of their attacks. This includes automated generation of phishing content, real-time social engineering scripts, and the use of AI agents to conduct high-volume credential testing or account takeover attempts at speeds that overwhelm traditional rule-based defences.
Agentic Commerce: Emerging Fraud Vectors
As agentic commerce — where AI agents transact autonomously on behalf of consumers — moves from concept to commercial reality, it presents a distinct set of challenges for fraud teams:
- Higher fraud risk: Changes in attack vectors and increased sophistication of attackers.
- Reduced intelligence signals: Weakened identity and authentication signals as human behavioural patterns disappear from transaction data.
- Malicious agent activity: Malicious agents operating within the ecosystem may exploit the same infrastructure as legitimate buyers.
- Prompt injection attacks: Agentic systems can be manipulated via adversarial inputs, redirecting transactions or extracting sensitive data.
Beyond direct fraud, agentic commerce raises complex liability and consent questions that will generate disputes and reduce recovery rates:
- Can consent to purchase and acceptance of terms and conditions by the customer be evidenced when an agent has transacted on their behalf?
- Has the agent acted within the intended scope of the customer's instruction, or has it overreached?
- Where an agent has misrepresented a product — whether through hallucination or misinterpretation — what are the merchant's liability obligations?
- Elevated return and refund rates as agent-driven purchases diverge from actual customer intent will impact margins and dispute ratios.
|
|
Investment priority Merchants who move earliest on agentic fraud defence tooling particularly:
will have an advantage as agentic commerce volumes grow through 2026 and beyond. |
4. VAMP: A Growing Compliance Imperative
Visa's Acquirer Monitoring Programme (VAMP) consolidates fraud and dispute monitoring into a single ratio and represents one of the most significant scheme-level developments affecting UK merchants in recent years. It warrants dedicated attention from fraud teams
How VAMP Works
The VAMP ratio is calculated as reported fraudulent transactions plus total disputes, divided by total settled transactions. Critically, only card-not-present (CNP) transactions are included in the calculation. Merchants are required to maintain a ratio below 1.5% from April 2026; however, in practice the operational threshold is considerably lower, as acquirers apply internal limits — often as tight as 50 basis points at the portfolio level — and do not typically share these with merchants.
Why This Is Particularly Challenging for Retailers
VAMP's scope creates challenges that differ from earlier monitoring programmes:
- Non-fraud disputes — including Item Not Received, and Significantly Not as Described, — count towards a merchant’s VAMP ratio. This means broader operational quality, not just fraud controls, is now a factor in scheme compliance.
- Even if a merchant is below Visa's published limits, its dispute activity contributes to the acquirer's portfolio ratio. Merchants that individually appear compliant may face pressure from their acquirer if the acquirer's aggregate exposure is elevated.
- Enumeration attacks (card testing) now carry a separate threshold. If 20% or more of transactions are flagged as potential card testing, the business is classified as high risk. Declined transactions count towards this threshold — meaning even unsuccessful fraud attempts can materially affect a merchant’s risk profile.
Where to Focus
Addressing VAMP requires a multi-layered approach spanning the full transaction lifecycle:
- Implement real-time visibility of your VAMP ratio by acquirer and payment descriptor.
- Map existing dispute resolution tools — including Verify RDR, Ethoca, and CE 3.0 — against VAMP-qualifying transaction categories to understand which disputes can be resolved outside the ratio.
- Invest in enumeration attack detection as a discrete capability, separate from general fraud scoring.
- Consider payment methods that structurally reduce dispute exposure — including Click to Pay and tokenised credentials — as part of a long-term VAMP management strategy.
5. Diagnostic Questions for Fraud Teams
The following questions are designed to help fraud and payments leaders assess their current position and identify priority areas for action:
- Is your fraud team involved at the design stage for new payment products and channels, or are they brought in to remediate after launch?
- Have you moved — or do you have a roadmap to move — away from passwords and SMS OTPs to passkeys and stronger MFA?
- What is your plan for authenticating and risk-scoring non-human (agentic) buyers as they emerge in your channel mix?
- Does your fraud framework extend beyond checkout into account creation, post-purchase events, and returns?
- Do you have real-time visibility of your VAMP ratio by acquirer and descriptor?
- Have you mapped your dispute resolution tools (Verify RDR, Ethoca, CE 3.0) against VAMP exclusions?
- Have you assessed your exposure under the Economic Crime and Corporate Transparency Act (ECCTA)? Are Failure to prevent fraud provisions in place and the policy and procedures documented?
Closing Observation
Fraud prevention has never been a purely defensive discipline, but the stakes have risen sharply. The introduction of VAMP, reducing customer friction, and the structural disruption posed by agentic commerce mean that fraud teams are now operating at the intersection of financial risk, regulatory compliance, and commercial strategy.
Merchants that treat fraud investment as a cost to be minimised will find themselves exposed; not only to direct losses, but to acquirer pressure, scheme penalties, and reputational damage. Those that invest in scalable, extensible fraud prevention infrastructure, and who move early on the emerging risks, will be better positioned to grow with confidence.
Retail Perspective #8 : Fraud Risks & Prevention
