Online fraud has officially evolved past isolated, opportunistic card theft into a highly industrialized threat landscape dominated by shared criminal infrastructure. Announcing a series of data findings live from the showroom floor at Money20/20 Europe in Amsterdam, AI-powered transaction risk platform Fraudio revealed that average payment fraud rates have jumped by approximately 25 per cent.
According to Fraudio’s tracking data, average fraud rates climbed from 0.036 per cent in 2024 to 0.045 per cent across the 2025–2026 period. The underlying metrics indicate that modern digital theft is no longer random. Instead, malicious activity is increasingly concentrated within coordinated payment networks, centralized IP pools, and multi-layered submerchant processing pipelines that easily obscure visibility for mainstream fraud controls.
The Weaponization of Shared Infrastructure and Submerchants
The most definitive trend identified in the dataset centers on the overwhelming reliance of modern fraudsters on centralized, high-volume digital environments. Fraudio discovered that 91.08 per cent of all observed fraud events were linked directly to shared technical infrastructure, defined as an individual IP address tied to 25 or more unique payment cards. When drilling into a node-level configuration, that correlation becomes even more absolute, with these infrastructure-sharing IPs accounting for 98.60 per cent of total observed fraud.
The expansion of decentralized digital marketplaces and multi-tiered payment service providers (PSPs) has also introduced significant systemic weaknesses into the global checkout journey. Fraudio’s research notes that transactions routed via submerchant accounts carry a fraud rate of 0.018 per cent, compared to just 0.004 per cent for direct merchants—representing a substantial 4.92-times escalation in overall risk. While submerchant models are essential to support modern digital platforms, they generate deep visibility blind spots if an enterprise’s underlying risk system lacks the capability to map connected transactional behavior across separate digital storefronts.
“Fraud is often treated as a transaction-level problem, but our proprietary data shows something more structural is happening,” stated João Moura, CEO and co-founder of Fraudio. “The strongest patterns are not isolated bad payments, they are shared infrastructure, repeated entities and coordinated routes across the payment ecosystem.”
The Failure of Standalone 3DS and the Cost of False Declines
A highly concerning baseline finding for digital treasury teams is the ongoing limitation of standalone authentication mechanisms. Fraudio tracked persistent fraud volumes across transactions where 3D Secure (3DS) protocols were successfully deployed and verified. Transactions executed without 3DS generated an overall fraud rate of 0.227 per cent, but transactions where 3DS was actively engaged and successfully completed still yielded a high fraud rate of 0.218 per cent. This marginal difference demonstrates that sophisticated criminal networks are successfully weaponizing automated session hijacking and device cloning to bypass multi-factor security walls.
Parallel vulnerabilities were identified within automated subscription setups, where initial recurring payment configurations carried an elevated fraud rate of 0.141 per cent, driven heavily by card-testing rings validating stolen credentials. Once that initial pipeline is cleared, the fraud rate drops sharply to 0.013 per cent for subsequent automated recurring billing cycles.
As corporate risk divisions scramble to contain these rising attack vectors, their defensive actions are inadvertently penalizing legitimate consumers. Fraudio’s global false-positive proxy has nearly doubled over the past few years, jumping from 12.088 per cent in October 2020 to a significant 23.479 per cent in May 2026. This metric suggests that almost a quarter of transaction declines are blocking valid, revenue-generating consumers due to rigid, outdated rules-based compliance matrices. After filtering out low-volume statistical anomalies, the weighted false-positive rates peaked within high-velocity, non-face-to-face commercial channels, with traditional e-commerce checkouts logging a false-positive rate of 23.701 per cent, closely followed by Mail Order/Telephone Order (MOTO) corridors at 15.234 per cent.
“The danger is that businesses respond to fraud pressure by simply becoming more aggressive with declines,” warned Gadi Erel, VP of product at Fraudio. “That may reduce some fraud, but it also risks blocking good customers and damaging approval rates. The real opportunity is precision by stopping coordinated fraud earlier, while protecting legitimate customers from unnecessary friction.”
Ultimately, the data revealed at Money20/20 points to an urgent transition phase for global transaction management. To safeguard expanding digital ecosystems, issuers, merchant acquirers, and cross-border platforms must move past static, reactive processing parameters. Long-term transactional security will instead be dictated by a platform’s capacity to detect shared technical infrastructure in real time, minimize false positives, and systematically neutralize payment disputes long before they escalate into the expensive merchant chargeback pipeline.
The post Fraudio Exposes 25 Percent Surge in Coordinated Payment Fraud Networks appeared first on The Fintech Times.
