This article is provided by BRC Associate Member, Ravelin.
__________________________
Like innovations that have gone before - the Internet, virtual reality, mobile payments - agentic commerce is touted to cause seismic shifts in online commerce.
While not all have delivered, agentic commerce, they say, really will be different. The ability of AI agents to search for, compare, and purchase products on a customer's behalf could radically shake up shopping.
Ravelin recently polled ecommerce merchants to find out how they see agentic developing and what they’re doing about it. It revealed that merchants expect agentic to account for between 6% and 30% of their transactions within three years, and they’re moving fast for fear of being left behind.
Nearly half (44%) of merchants say they are already integrating agentic protocols, with a further 32% set to follow within six months. Just 6% of respondents say they have no plans to integrate agentic AI protocols. Meanwhile, 42% are going further, planning to build their own custom agents.
This swift movement raises a critical concern, however: could the focus on speed of adoption compromise security? A rushed implementation driven by fear of obsolescence could create new vulnerabilities that sophisticated fraudsters and malicious consumers can quickly exploit for abuse.
While agentic commerce promises increased market reach and more opportunities to sell products and services, it also introduces new avenues for crime and fraud.
Fraudsters and opportunists will, without a doubt, take advantage. We’ve seen fraudsters adapt in lockstep with other ecommerce innovations, like BNPL (buy now pay later), automated checkouts and AI, time and again.
With agentic, the threats will be a mixture of existing and new fraud techniques, often executed on a greater scale, at greater speed, and with higher levels of sophistication.
Techniques could range from fraudsters taking over or intercepting AI agents, programming them to mimic legitimate agents, to deploying legitimate agents to defraud merchants or charge stolen cards.
Fraudsters are now quickly and easily creating fake websites or servers to fool agents into handing over consumer information or card details, or use agents and agent-enabled online shops for promo abuse and refund fraud.
There remains much uncertainty about agentic fraud types, the extent and speed of adoption, the dominant protocols, and the final form that agentic might take. No wonder fewer than a third (29%) of merchants agree they feel “very” prepared to handle the security and fraud implications of agentic commerce.
Among this uncertainty, what we do know is that merchants must act now. They must prepare for AI agent fraud, even if they don't plan to roll out agent models for themselves.
To stop fraud in the agentic commerce era, merchants need to consider whether a transaction is from a good or bad agent, and a good or bad user. The only transactions they want to allow are those carried out by a trusted agent, on behalf of a legitimate customer.
Merchants already have access to a great deal of data to help them make the right call. In their own ecommerce data, there are plenty of clues about agentic fraud, including AI agent protocol, items ordered, basket value, payment method, agentic tokens, and billing and shipping addresses.
The good news is that, while agentic commerce presents new risks and new spins on old risks, how merchants address these remains focused on data and scale - just as it always has.
Merchants still need to understand and make the best possible use of the information and data already available to them. And using sophisticated AI-native fraud solutions adds scale, so merchants can respond swiftly to fraud and spot emerging patterns.
Finally, consumers also recognise the need for protection. 54% of consumers say that if merchants have strong fraud protection, it builds trust and reassures them to shop with AI - a positive business case for investing in fraud prevention as a conversion driver.
While agentic commerce may represent a commercial opportunity, merchants must take a balanced and considered approach. Fraud has consistently evolved alongside innovation, so without the right safeguards, businesses risk embedding new vulnerabilities into the next generation of ecommerce.
Read Ravelin’s latest Agentic Commerce and Fraud Report here.
