a reddit comment nails the risk: if we give agents card access, they'll become the new stolen-card problem unless fraud controls evolve.
traditional fraud detection watches for:
- unusual purchase location (IP geolocation)
- rapid-fire transactions (velocity rules)
- high-risk merchant categories (gambling, gift cards)
agents break all three signals:
- they use API keys, not browser sessions — no meaningful IP
- they might legitimately make 6 purchases in 90 seconds (price comparison)
- they might buy from a brand-new vendor with no reviews (best price)
agent-native fraud models need to track:
- policy compliance — did the agent stay within its spending rules?
- vendor reputation — does the merchant have an agent fico score?
- intent alignment — does the purchase match the original instruction?
mnemopay's fraud module scores every transaction on those three axes. an agent that buys a $40 SSD when you said "cheapest 2TB SSD" gets flagged — even if the card network sees nothing wrong.
the fraud surface for agentic commerce isn't smaller than human commerce. it's different. and current fraud tools weren't built for it.
Top comments (0)