Merchant fraud leaders are being urged to rethink traditional prevention strategies as new research highlights a fundamental shift in how fraud is being executed, and why current approaches are falling short.
A new report from payments platform Ecommpay, Beyond the Black Box, argues that fraud is increasingly driven by human manipulation rather than technical exploitation, exposing gaps in existing technology, regulation and operational models.
Drawing on insights from fraud, compliance and regulatory experts, the report identifies three key challenges facing the sector: fraud prevention frameworks creating competitive imbalance, technology and regulation failing to address human vulnerabilities, and structural conflicts within regulatory systems that limit effective action.
For merchants, the findings point to a growing disconnect between evolving fraud tactics and legacy prevention models. While organisations have invested heavily in detection tools and compliance processes, these are often designed to counter technical threats, leaving them less effective against social engineering, account takeover and other human-centric attack vectors.
Ecommpay warns that this misalignment is contributing to rising fraud losses and operational inefficiencies, with prevention efforts sometimes distorting the market or placing disproportionate burden on individual players.
The report calls for a more collaborative, ecosystem-wide response, bringing together merchants, payment service providers, fintechs and regulators. Without greater coordination, the industry risks continuing to react to threats rather than proactively addressing root causes.
However, the research also outlines immediate steps merchants can take to strengthen their defences. These include closer engagement with payment providers, regular auditing of internal systems, staff training to identify fraud attempts, and proactive monitoring for brand misuse across digital channels.
Customer education is also highlighted as a critical component, reflecting the increasing role end users play in either enabling or preventing fraud.
Tackling modern fraud requires more than incremental improvements to existing tools. As attack methods continue to evolve, organisations must adopt a more holistic approach, combining technology, human awareness and cross-industry collaboration to build more resilient defences.
