July 2, 2026
Last Updated: June 2, 2026
For acquirers, PayFacs, and payment facilitators, ecommerce fraud doesn't stay at the checkout. Every fraudulent merchant inside a portfolio generates chargebacks that flow back to the organization that onboarded them.
These 20 statistics, drawn from regulatory bodies, government agencies, and independent research firms, map where that exposure is concentrating and why the cost of managing it manually keeps rising.
eCommerce fraud, from the perspective of acquirers and payment facilitators, extends well beyond what happens at an individual checkout. It encompasses the fraud generated by merchants inside your portfolio, and when those merchants disappear before chargebacks arrive, the liability sits with you, not them.
That exposure takes several forms. Fraudulent merchants process high volumes of legitimate-looking transactions, collect settlement, then vanish before cardholders raise disputes.
Merchants claiming to sell low-risk goods route payments for illegal activities through their accounts, exposing acquirers to card network fines. Card-not-present fraud generates chargeback flows that move back through the acquiring chain regardless of which merchant triggered them. Authorized push payment fraud adds a further layer, triggering reimbursement obligations that fall on the wallet providers and instant payment networks processing those transfers.
That risk is more common than most acquirers anticipate. Fraudio's data across its acquirer and PayFac customer base finds approximately 3% of newly digitally boarded merchants turn out to be fraudsters, a small share that generates disproportionate chargeback exposure and, in transaction laundering cases, card network fines that fall on the acquirer weeks after settlement has already cleared.
Not all payment companies face ecommerce fraud equally. Four carry disproportionate exposure, and in each case the risk flows from the merchant portfolios they're liable for.
CNP fraud, ecommerce's primary attack vector, accounts for 70% of UK card fraud losses and has grown 11% year on year (FICO/UK Finance, 2024). In H1 2024, CNP cases rose 26% in the UK alone (UK Finance).
The pattern holds in US ecommerce, where 53% of fraud costs originate from online purchases. When CNP fraud clears, card issuers absorb the chargebacks directly; acquiring banks absorb them when fraudulent merchants disappear.
The ECB/EBA ecommerce fraud statistic speaks directly to this. With 71% of EEA card fraud involving cross-border transactions, and fraud rates ten times higher outside the EEA, any acquirer or processor whose merchant portfolio includes significant international transaction volume carries disproportionate risk.
The domestic SCA controls that reduce fraud on European-issued cards stop applying the moment the counterpart steps outside the regulatory boundary.
LexisNexis's Financial Services edition (separate from the e-commerce study) found that 44% of North American financial institutions primarily rely on manual processes for fraud prevention.
For acquirers and PayFacs, that creates a specific blind spot. Manual review scores individual transactions but doesn't profile merchants across time, so a fraudulent merchant running clean volume through a portfolio won't trigger an alert until chargebacks arrive and the settlement funds are already gone.
Manual-process organizations face a compounding disadvantage, including higher cost per incident, slower response to emerging fraud patterns, and direct exposure to bust-out losses that cleared undetected.
Mobile fraud costs are growing, with LexisNexis finding they account for 33% of US ecommerce fraud costs and 41% in Canada. P2P payments, digital wallets, and QR codes are behind much of this, and since 72% of authorised push payment fraud in the UK starts online (UK Finance, H1 2024), APP fraud is an ecommerce-channel problem for wallet and instant payment providers.
Stats are grouped by source. Each source URL is linked once on first mention; subsequent statistics from the same publication reference the source by name.
1. eCommerce fraud losses will rise from $44 billion in 2024 to $107 billion by 2029, a growth of 141% over five years. (Juniper Research, October 2024)
2. Cumulative merchant losses from online payment fraud between 2023 and 2027 are projected to exceed $343 billion. (Juniper Research, July 2022)
3. eCommerce fraud losses grew from $41 billion in 2022 to exceed $48 billion in 2023, a 16% increase in 12 months. (Juniper Research, October 2022)
4. North America accounts for over 42% of global eCommerce fraud by value, despite representing less than 7% of banked individuals globally. (Juniper Research, October 2022)
Stats 5–9 are drawn from the LexisNexis True Cost of Fraud Study: Ecommerce and Retail Report, US and Canada Edition, 15th edition, published April 2, 2025. This study surveyed 569 fraud and risk executives across US and Canadian retail and ecommerce companies.
5. US merchants incur an average cost of $4.61 for every $1 of fraud. Canadian merchants face $4.52. (LexisNexis True Cost of Fraud Study: Ecommerce and Retail, 2025)
6. That $4.61 figure represents a 32% increase from the 2022 baseline of $3.16. (LexisNexis True Cost of Fraud Study: Ecommerce and Retail, 2025)
7. Mobile transactions (digital wallets, P2P payments, and QR codes) account for 33% of ecommerce fraud costs in the US and 41% in Canada. (LexisNexis True Cost of Fraud Study: Ecommerce and Retail, 2025)
8. In US ecommerce, 53% of fraud costs come from online purchases, with another 30% tied to mobile channels. (LexisNexis True Cost of Fraud Study: Ecommerce and Retail, 2025)
9. Up to 41% of US businesses identify identity verification as a major fraud challenge at new account creation, higher than the challenge rate at purchase transactions (36%) or account logins (37%). (LexisNexis True Cost of Fraud Study: Ecommerce and Retail, 2025)
Stat 10 is drawn from a separate publication, the LexisNexis True Cost of Fraud Study 2025 North America, Financial Services edition, published September 10, 2025. This study surveyed North American financial institutions, including banks, lenders, and payment companies, not ecommerce merchants. The figures are not directly comparable to Stats 5–9.
10. 44% of North American financial institutions primarily rely on manual processes for fraud prevention, hesitating to fully embrace automation and AI. (LexisNexis True Cost of Fraud Study: Financial Services, 2025)
11. US consumers reported losing $12.5 billion to fraud in 2024, a 25% increase over the prior year. (FTC Consumer Sentinel Network Data Book 2024, March 2025)
12. Online shopping was the second most commonly reported fraud category in the FTC's 2024 Consumer Sentinel data, trailing only imposter scams. (FTC Consumer Sentinel Network Data Book 2024, March 2025)
Stats 13–14 come from the joint ECB/EBA Report on Payment Fraud, December 2025 edition. Stats 15–16 come from the joint ECB/EBA Report on Payment Fraud, August 2024 edition. Both cover payment service provider data across the European Economic Area.
13. Total payment fraud across the EEA reached €4.2 billion in 2024, up from €3.5 billion in 2023. (ECB/EBA Joint Report on Payment Fraud, December 2025)
14. Card payment fraud losses for cards issued in the EU/EEA hit €1.329 billion in 2024, a 29% year-on-year increase. (ECB/EBA Joint Report on Payment Fraud, December 2025)
15. Card fraud rates in Europe are ten times higher when the transaction counterpart is located outside the EEA, where strong customer authentication is not legally required. (ECB/EBA Joint Report on Payment Fraud, August 2024)
16. 71% of EEA card fraud by value in H1 2023 involved cross-border transactions. (ECB/EBA Joint Report on Payment Fraud, August 2024)
Stats 17–19 come from the UK Finance Half Year Fraud Report 2024, covering H1 2024 data, published October 2024.
17. In H1 2024, card-not-present fraud cases, the primary e-commerce fraud vector, increased 26% in the UK. (UK Finance Half Year Fraud Report, 2024)
18. 72% of authorised push payment fraud in the UK originated online in H1 2024, with a further 16% starting via telecommunications. (UK Finance Half Year Fraud Report, 2024)
19. UK banks prevented £710.9 million in unauthorised fraud in H1 2024, a 13% increase in fraud prevention compared to the prior period. (UK Finance Half Year Fraud Report, 2024)
20. In 2024, card-not-present fraud accounted for approximately 70% of total UK card fraud losses, an 11% year-on-year increase. (FICO European Fraud Map 2024, July 2025, citing UK Finance 2024 annual data)
These 20 e-commerce fraud statistics don't exist in isolation. When you trace the data points across sources and years, three structural patterns emerge that explain the current state of e-commerce fraud better than any single headline figure.
Two Juniper Research reports place different numbers on the problem, and it's worth understanding why. The 2022 report forecast $48 billion in losses for 2023. The 2024 report, published by the same firm, sets the 2024 baseline at $44 billion. These two figures aren't directly comparable. The reports appear to cover different definitions of ecommerce fraud, and the 2024 report focuses specifically on merchant losses from the Global Merchant Fraud Prevention Market.
What doesn't fluctuate is the cost multiplier. LexisNexis has tracked it since 2016, when it was $2.40; by 2022 it had reached $3.16, and by 2025 it stood at $4.61, a 92% increase over nine years and a 32% rise in three.
Fraud volumes haven't grown 92% in that period. The cost per incident has grown because the operational overhead of managing fraud, including manual review hours, chargeback disputes, identity verification failures, and compliance overhead, has built up in ways that fraud volume figures don't show.
For years, the ECB's card ecommerce fraud statistics pointed in the right direction. Strong customer authentication, rolled out across the EEA under PSD2, produced consistent declines in card fraud rates from 2019 through 2021. The 2023 ECB/EBA report noted that SCA-authenticated transactions displayed lower fraud rates than non-SCA transactions.
That changed with the December 2025 ECB/EBA report. Total EEA payment fraud rose from €3.5 billion in 2023 to €4.2 billion in 2024, with card payment fraud alone jumping 29% year on year. The ECB notes that payer manipulation is among the new fraud types on the rise, confirming that organized criminals have adapted their methods now that SCA has closed off direct technical attacks on card credentials.
They're now engineering authorized payments rather than unauthorized ones, moving fraud inside the authentication barrier rather than attacking it from outside.
The August 2024 ECB/EBA report is unambiguous. Card fraud rates are ten times higher when the counterpart is outside the EEA, where SCA doesn't apply. And 71% of EEA card fraud by value involves cross-border transactions. These two facts together confirm that the EU's domestic fraud controls have pushed fraud toward the unregulated boundary rather than eliminating it.
For acquiring banks, processors, and payment facilitators with cross-border merchant portfolios, this isn't an abstract regulatory finding. It's an active liability gap. The merchants generating the most fraud risk are, by definition, the ones whose counterparties sit outside the regulatory perimeter.
These aren't predictions; they're conclusions drawn directly from the ecommerce fraud statistics. Each one points to something the raw numbers alone won't tell you.
Fraud volumes have grown, but the $4.61 multiplier tells a more important story. LexisNexis has tracked this since 2016, when it was $2.40; it's now $4.61.
In those nine years, ecommerce transaction volumes haven't come close to growing 92%. What's grown is the operational burden around every fraud incident, including manual review processes, identity verification friction, chargeback dispute handling, and compliance overhead. For payment companies whose fraud teams are still running largely manual workflows, this multiplier will keep rising regardless of whether fraud volumes stabilize.
Card-not-present fraud is ecommerce fraud. The FICO/UK Finance data showing CNP at 70% of UK card losses isn't an anomaly; it reflects a structural reality. Every online transaction is, by definition, a card-not-present transaction. The 26% rise in UK CNP cases in H1 2024 and the 11% growth in CNP's share of total losses both confirm that this category is accelerating, not stabilizing.
The question for issuers and acquirers isn't whether CNP fraud will affect their portfolio; it's whether their detection operates at the transaction level, the account level, or both.
From 2019 to 2022, ECB card fraud data showed consistent decline, attributed partly to PSD2's SCA requirements. The December 2025 ECB/EBA report shows that ceiling. Total EEA fraud rose from €3.5 billion to €4.2 billion in 2024, with card fraud alone jumping 29%.
The ECB explicitly notes that payer manipulation is among the new fraud types on the rise. SCA blocks technical attacks on card credentials but doesn't stop social engineering that leads the legitimate cardholder to authorize the payment themselves. European payment companies that built their fraud strategy primarily around SCA compliance now face an exposure that their controls weren't designed to catch.
71% of EEA card fraud involves cross-border transactions, and fraud rates are ten times higher outside the EEA. The ECB has confirmed this ratio across multiple reporting periods. For any European acquiring bank, processor, or PayFac whose merchant portfolio includes international sales or cross-border counterparties, domestic SCA compliance is necessary but not sufficient. The highest-risk transactions in the portfolio are, by the ECB's own data, the ones that cross the regulatory boundary.
LexisNexis's Financial Services edition found that 44% of North American FIs still primarily rely on manual fraud processes, and the e-commerce edition tells a similar story on the merchant side, with 41% of US businesses flagging identity verification at new account creation as a major fraud challenge. These two figures, from different survey populations in the same research series, point to the same root cause. The cost multiplier rising from $3.16 to $4.61 in three years isn't a mystery when nearly half the industry is still routing fraud management through human review queues.
Organizations that have moved to automation and AI report lower cost multipliers, and that gap is widening every year.
Those five verdicts point to three questions worth asking before you compare vendors or sit through demos.
CNP fraud at scale doesn't show up in individual transaction scores. It shows up in behavioral patterns across accounts, merchants, and time windows. If your current fraud detection tool only scores single transactions, it won't catch the merchant who has built three weeks of clean history before executing a bust-out.
The ECB/EBA data makes the answer concrete, with fraud ten times more likely when the counterpart is outside the EEA. For any acquirer or processor with international merchant portfolios, that's a direct risk figure, not an abstraction. Review the best fraud detection software options with specific attention to cross-border transaction coverage, data residency compliance, and network-level detection.
44% of FIs are running primarily on manual processes. If your organization sits in that group, the LexisNexis data suggests your cost multiplier is measurably higher than it needs to be. A parallel test using historical data, with no integration commitment, is the most direct way to quantify that gap. For acquirers specifically, merchant-initiated fraud detection running alongside your existing controls can surface the merchant-level behavioral patterns that transaction-level scoring misses.
The ecommerce fraud statistics tell a consistent story. The cost multiplier has risen 32% in three years, and nearly half of North American financial institutions still run on manual review. This isn't about fraud volume growing; it's about dispute handling, review hours, and chargebacks stacking up around every incident.
Legacy tools don't fix that. They score individual transactions but don't profile merchants across time, so the merchant who runs three weeks of clean volume before a bust-out clears every threshold until the chargebacks arrive.
Fraudio's patented Network Effect AI learns from transaction patterns across all connected customers, not only your isolated history, an advantage that helped Viva Wallet catch fraud three weeks earlier than legacy tools, delivering 8x ROI. Integration takes days, not months, with no enterprise budget, no setup fees, and no hidden charges.
Global ecommerce fraud losses exceeded $48 billion in 2023, up from $41 billion in 2022, a 16% increase in 12 months, per Juniper Research. The same firm's 2024 report sets the baseline at $44 billion for 2024 and forecasts $107 billion by 2029. Cumulative merchant losses between 2023 and 2027 are projected to exceed $343 billion. US merchants incur $4.61 for every $1 of fraud, per the 2025 LexisNexis True Cost of Fraud Study, a multiplier that includes the chargebacks that flow back through the acquiring chain.
eCommerce fraud costs more per incident than the direct loss because each event triggers a chain of secondary costs, including chargeback processing, dispute handling, manual review hours, and compliance overhead. The LexisNexis True Cost of Fraud Study has tracked this multiplier since 2016, when it was $2.40; by 2025 it had reached $4.61, a 92% increase over nine years. The 32% jump in the three years from 2022 to 2025 confirms that managing fraud is getting more expensive, not less.
Card-not-present fraud occurs when stolen card credentials are used for a transaction without the physical card, which describes every online purchase. FICO's 2024 European Fraud Map, citing UK Finance data, found CNP accounts for 70% of total UK card fraud losses, up 11% year on year. UK Finance's own H1 2024 report shows CNP cases rose 26% in that period. The pattern holds in the US, where LexisNexis found 53% of ecommerce fraud costs come from online purchases.
Yes. The ECB and EBA's December 2025 joint report found total EEA payment fraud rose from €3.5 billion in 2023 to €4.2 billion in 2024, with card payment fraud up 29% year on year. SCA has been effective against the technical attacks it was designed to stop, and fraud rates are ten times lower within the EEA than in cross-border transactions where SCA doesn't apply. The new threat is social engineering that leads cardholders to authorize payments themselves, bypassing SCA entirely.
Cross-border ecommerce carries higher fraud risk because strong customer authentication is only legally required within the EEA. The ECB and EBA's August 2024 joint report confirmed that card fraud rates are ten times higher when the transaction counterpart is located outside the EEA. The same report found that 71% of all EEA card fraud by value involves cross-border transactions. For acquiring banks, processors, and PayFacs with international merchant portfolios, this means their highest-risk transactions are outside the rules that cover their domestic transactions.
LexisNexis's 2025 True Cost of Fraud Study for North American financial institutions found that 44% of FIs primarily rely on manual processes, with only 20% mostly or fully automated. This is from the Financial Services edition of the study, which surveys banks, lenders, and payment companies, not ecommerce merchants. The Ecommerce and Retail edition found that up to 41% of US businesses identify identity verification as a major fraud challenge at new account creation. Taken together, these findings show that heavy reliance on manual review runs through both merchants and financial institutions alike.
APP fraud fits into ecommerce fraud statistics because the majority of it originates on digital channels. UK Finance's H1 2024 data found that 72% of APP fraud started online and 16% via telecommunications. APP fraud carries a higher cost because victims authorize the payment themselves, which removes the standard unauthorized-transaction protections that card issuers provide. For digital wallet providers, instant payment networks, and banks offering real-time account-to-account transfers, APP fraud is the primary threat they need to monitor at the behavioral level, not only at the transaction level.
The Juniper Research finding that North America accounts for over 42% of global ecommerce fraud value, despite representing less than 7% of banked individuals globally, comes down to two factors. First, North American ecommerce transaction volumes and average order values are among the highest in the world. Second, the US hasn't adopted SCA requirements comparable to Europe's PSD2, leaving card-not-present transactions less protected at the authorization layer. For payment companies with US-facing merchant portfolios, North America isn't only the largest market; it's also the highest-risk one per capita.
When a fraudulent merchant collects settlement funds and disappears before chargebacks arrive, the acquirer or PayFac that onboarded them absorbs those chargebacks because there is no merchant left to recover from. Bust-out fraud works this way precisely; the acquiring organization is legally responsible for refunding cardholders when the merchant can't. In Fraudio's experience across its acquirer and PayFac customer base, approximately 3% of newly digitally boarded merchants turn out to be fraudsters, generating chargeback exposure and, in transaction laundering cases, card network fines that fall on the acquirer. Detection has to happen before settlement clears, not after.
How about trying our solution and experiencing the next generation for yourself?