AI-driven applications are set to reshape the cybersecurity and fraud landscape for retailers and e-commerce businesses, with Gartner predicting that by 2028, half of all enterprise incident response efforts will focus on threats linked to custom-built AI systems.
The forecast highlights a growing challenge for anti-fraud professionals as organisations rapidly deploy AI tools, often without fully understanding the associated risks. According to Gartner VP Analyst Christopher Mixter, many of these applications are “complex, dynamic and difficult to secure over time,” leaving security and fraud teams without clear processes to manage incidents effectively.
For the retail and e-commerce sectors, where AI is increasingly used across payments, customer service, and personalisation, this shift introduces new fraud vectors. Threats such as prompt injection, data leakage and manipulation of AI decision-making systems could directly impact transaction integrity and customer trust.
Gartner advises that security and fraud leaders become involved earlier in AI development projects to ensure controls are built in from the outset. This is particularly relevant for retailers integrating AI into checkout flows, fraud detection engines, and supply chain systems, where vulnerabilities could be exploited at scale.
The firm also predicts that by 2028, over half of enterprises will adopt dedicated AI security platforms. These tools aim to centralise oversight of both third-party and in-house AI systems, enabling organisations to enforce policies, monitor behaviour and reduce exposure to emerging risks. For fraud teams, this could mean greater visibility into how AI systems are being targeted or manipulated.
Data quality remains another critical concern. Gartner estimates that through 2030, a third of IT effort will be spent addressing “AI data debt”, a significant issue for retailers managing vast volumes of customer and transaction data. Poorly structured or insecure data not only weakens AI performance but increases fraud risk.
Meanwhile, regulatory pressure is intensifying. By 2027, 75% of organisations relying on manual AI compliance processes could face fines exceeding 5% of global revenue. For UK businesses navigating evolving AI and data regulations, automated governance and risk management will become essential.
As AI adoption accelerates, anti-fraud professionals must adapt quickly, balancing innovation with robust controls to safeguard both revenue and customer trust.
Photo by Hitesh Choudhary on Unsplash
