Payment platforms are caught in a never-ending tug-of-war: approve more transactions to drive merchant revenue, or tighten fraud controls to prevent fraud losses. To navigate this tension, some have turned to AI-powered fraud detection models; however, these tools rely on noisy, spoofable, and siloed data, creating a paradox where the systems are simultaneously too aggressive and not effective enough. The result? An increase in false declines that cost merchants $81 billion annually, while sophisticated fraudsters slip through undetected.

Meanwhile, regulators have responded with stricter Know Your Customer (KYC) and Anti-Money Laundering (AML) requirements, as well as steeper penalties for non-compliance. However, current verification processes create friction that drives away legitimate customers while missing hard-to-detect threats, like synthetic identities.

To address these challenges, payment platforms must incorporate richer, real-time signals that work across checkout, authentication, and onboarding flows — enabling AI models to approve more legitimate transactions while catching fraud and staying compliant.

The cost of imperfect fraud detection

FICO estimates that by 2030, card-not-present fraud will reach $49 billion annually. As platforms try to solve this problem, they’ve unintentionally created another one: false declines, where legitimate transactions are flagged as fraudulent. Meanwhile, fraudsters who understand how to game traditional detection methods continue to slip through, compounding losses on both sides.

False declines are too high.

False declines represent a substantial cost to merchants. The Merchant Risk Council’s 2024 Global eCommerce Payments & Fraud Report found that merchants reject 6% of all e-commerce orders, but between 2 and 10 percent of those are actually legitimate orders placed by good customers. As a result, merchants have lost $81 billion in revenue.

To combat this problem, payment platforms have evolved their fraud detection systems to incorporate AI alongside traditional rules-based approaches to determine if a transaction is legitimate. While these AI models are good at spotting anomalies, they often lack consistent, granular signals that persist across sessions, making it difficult to understand why these anomalies are occurring. As a result, they often flag a legitimate transaction as fraudulent.

For example, a traveler making a purchase from a new location, a returning customer using private browsing, or a shopper switching devices may all appear “suspicious” to an AI model that doesn’t have access to the right behavioral or contextual signals.

Without proper labeling and correction of these false declines, models never learn what legitimate variation looks like, reinforcing patterns that create friction for real customers. The cost is immediate: customers abandon purchases, merchants lose revenue, and trust erodes. In fact, 33% of customers who experience a false decline will either stop shopping with that merchant entirely or significantly reduce their spending.

Sophisticated fraud is slipping through.

Fraudsters are using AI-driven automation to launch large-scale, coordinated attacks like bot-driven card testing and multi-account abuse. In some cases, these campaigns coincide with infrastructure-level incidents such as distributed denial-of-service (DDoS) attacks, which strain web services and divert attention from fraud response teams. While DDoS attacks target system availability rather than financial gain, they can indirectly aid fraud operations by overwhelming monitoring systems and masking bursts of automated activity. An FS-ISAC and Akamai report confirmed that the financial industry remains the top target for such disruptions, noting a 23% increase in application-layer DDoS attacks between 2023 and 2024.

But the bots that aren’t launching DDoS attacks are just as dangerous — quietly running credential stuffing, card testing, and synthetic account creation at scale. These are the types of automated behaviors that device and interaction-level signals can uncover. Yet those signals are often siloed and not shared across transaction touchpoints. As a result, when these fraudsters are caught in one flow, they can simply move to another merchant or channel on the same platform, reusing the same devices and infrastructure to repeat the attack.

To address this distributed fraud, payment platforms need a way to reliably detect and disrupt coordinated fraud across multiple channels. Tools like 3D Secure (3DS), a protocol implemented by card issuers, rely on risk assessment systems that use signals, such as device fingerprinting, to recognize trusted devices and determine when additional verification is required. However, 3D Secure is not a cure-all: its signals are limited to activity within the 3DS flow, and even when risk is identified, those insights aren’t typically shared across other flows, such as checkout or login, creating blind spots that fraudsters can exploit. For instance, a fraudster can test stolen cards at checkout and then use the same device to create accounts or request payouts elsewhere.

To detect sophisticated fraud patterns, platforms must link suspicious activity across all critical touchpoints, like checkout, 3DS, logins, and payout requests. Without this cross-channel visibility, coordinated fraud schemes will continue to evade detection.

Compliance is becoming a bottleneck.

Payment platforms that serve marketplaces and financial institutions must meet strict Know Your Customer (KYC), Know Your Business (KYB), and Anti-Money Laundering (AML) requirements. This requires them to verify a customer’s identity to prevent identity theft and money laundering before enabling sellers or users to accept payments or receive payouts.

Fraudsters are circumventing these requirements by crafting synthetic identities, which involve combining real and fabricated information to create identities that pass surface-level verification. These identities are used to commit fraud, costing financial institutions $33 billion in 2023, and are used to launder money undetected.

Regulators are responding by taking a tougher stance: increasing fines for AML and KYC non-compliance, and requiring stricter checks and monitoring. This places a bigger burden on ID verification, which is already slow, friction-filled, and resource-intensive. Challenges like ID consistency and language barriers drive up manual review queues, identity rechecks, and customer dropoff. Meanwhile, these processes fail to catch synthetic fraud; reportedly, standard onboarding processes miss synthetic identities 95% of the time. As a result, legitimate customers face frustrating delays before they can start transacting, while fraudsters using synthetic identities slip through.

To scale compliance without compromising fraud detection or customer experience, platforms must embed stronger signals that can accurately identify suspicious customers (including those using synthetic identities) for automatic rejection or further verification while auto-clearing low-risk customers.

Device intelligence is a force multiplier for AI-fraud models

Device intelligence enhances AI fraud models by providing additional granular, persistent, and real-time signals, which enable payment platforms to detect fraud and scale compliance without hurting legitimate transactions. Through device intelligence, platforms can:

Detect sophisticated fraud across multiple channels by connecting activity across checkout, 3DS, and payout flows to a persistent and stable device identifier. This allows models to uncover coordinated fraud rings that operate across multiple accounts or storefronts.

Scale compliance by differentiating low‑risk sign‑ups from suspicious ones. Low-risk customers can be auto-cleared and start transacting on the platform. Attempts from high-risk devices (e.g., those using tampered hardware, spoofing their location, or utilizing a proxy or virtual machine) can be automatically rejected or subjected to greater scrutiny.

Reduce false declines by using persistent device identifiers and tamper-resistant signals, which provide additional context to suspicious behavior. For example, a returning shopper using a trusted device should receive a lower risk score, while a device associated with known fraud patterns can be escalated.

Fingerprint is a device intelligence platform that uses more than 100 real-time device, network, and behavioral signals to generate a unique, persistent identifier for each visitor. This visitor ID remains stable even if cookies are cleared, IP addresses change, or private browsing is used. Fraudsters who try to reset their device still appear as the same visitor, making repeat abuse easier to detect and prevent. Beyond identification, Fingerprint also provides over 20 real-time Smart Signals for quick risk scoring and decisioning, such as device or browser tampering, bot detection, residential proxy, and velocity signals.

The platform is built with privacy in mind: it doesn’t collect or store any sensitive personal user data, maintains SOC 2 Type II certification, and complies with both the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) rules.

Boost growth while reducing fraud and scaling compliance

Today’s payment platforms have to balance approving more transactions without increasing fraud losses or losing sight of compliance. AI models can help with more robust fraud detection across all these layers, but only if they have granular, reliable data across all their channels.

Fingerprint can help payment platforms boost merchant revenue, enhance compliance, and improve fraud detection by providing additional signals to boost their existing AI fraud models. The result is a safer platform, stronger merchant economics, and an efficient, compliant platform that can scale with merchants.

If you’re ready to see how device intelligence can enhance your AI fraud models, talk to our sales team about your needs or explore our platform with a free trial.