Consider a moment most online shoppers have experienced: a legitimate purchase declined at checkout, no explanation offered. Behind that rejection is often a fraud detection system making a judgment call — and sometimes getting it wrong.
Online fraud used to announce itself. A burst of suspicious transactions, stolen cards being tested in quick succession, and accounts suddenly placing orders that did not match their history.
But the signals that once made fraud obvious are becoming less reliable. Sudden waves of stolen card purchases, strange locations, or clearly fake accounts are no longer the norm. Much of today’s fraud arrives looking almost ordinary. Accounts browse normally, identities appear legitimate, and purchases follow realistic patterns that don’t immediately raise suspicion.
For Signifyd, that shift has changed what fraud detection looks like in practice. A single order reveals very little on its own. What matters is whether the activity aligns with the customer behind the account and whether the behavior fits the identity that appears to be making the purchase.
“The objective is no longer speed. It’s credibility,” Xavier Sheikrojan, director of risk intelligence at fraud prevention company Signifyd, told The Infinite Loop. Attackers, he said, are increasingly engineering behavior rather than simply testing stolen payment data.
The false positive problem is costing merchants billions
Signifyd was founded on a premise that still shapes how the company approaches fraud today. Preventing losses is only half the problem. The other half is avoiding false positives, which occur when legitimate customers have purchases declined because a system has become overly cautious.
For merchants, a blocked legitimate order isn't just a lost sale — it's a lost customer who rarely comes back.
“Fraud prevention used to be framed purely as defense,” Sheikrojan said. “Reduce fraud, tighten controls, minimize risk.”
But rejecting legitimate customers comes at a cost. Block too aggressively and the customers you lose are real ones.
“Balancing fraud prevention with customer experience isn’t really a trade-off,” Sheikrojan said. “It’s a dynamic optimization problem.”
Signifyd's answer is to reframe the problem entirely: maximize legitimate approvals first, keep fraud within acceptable limits second.
“Reducing fraud by ten percent isn’t meaningful if it costs five percent in conversion,” Sheikrojan said.
In practice, the models weigh both the likelihood of fraud and the potential value of the customer, treating every order as a business decision, not just a risk calculation.
Xavier Sheikrojan, director of risk intelligence at Sygnifyd. Credit: private
“A fraud model that focuses purely on blocking bad transactions is inherently incomplete,” he added. “The real challenge is quantifying confidence.”
The objective, Sheikrojan said, is not zero fraud. It is sustainable growth under controlled risk.
A network that sees beyond a single store
Signifyd relies on breadth. Instead of analyzing activity from a single merchant, the platform draws on signals across a global network of retailers, giving it a view of identity behavior that no single store could build alone.
Every order produces signals: device fingerprints, browsing behavior, shipping details, purchase history. Viewed individually, those signals may appear harmless. When analyzed across multiple merchants, however, they can reveal a very different picture.
An identity that seems trustworthy at one store may have already triggered suspicious activity elsewhere.
“Every order is evaluated using behavioral signals, device intelligence, merchant context, and network-level data drawn from across our global merchant base,” Sheikrojan explained.
This broader perspective matters because modern fraud rarely arrives in obvious spikes. Instead, attackers aim to blend into normal traffic. Account takeover attempts, for example, often unfold gradually. Fraudsters observe how real customers browse, replicate the timing of their sessions, and wait before making meaningful changes.
Synthetic identities can develop in a similar way. A profile built from fragments of real personal data may accumulate a small transaction history before attempting a larger purchase that appears legitimate on the surface.
Promo abuse has also grown more sophisticated. Automated tools now test discount codes, referral incentives, and loyalty programs at scale, searching for combinations merchants never intended to allow. On a single site, that activity may resemble normal customer behavior.
Across a broader network, patterns begin to appear.
“The shift is from spotting anomalies to understanding intent,” Sheikrojan said.
Decisions that happen in milliseconds
Even as the analysis becomes more complex, fraud systems still operate under strict time constraints: the customer can't notice. A checkout that hesitates loses the sale. “Decision latency is typically well under a second,” Sheikrojan said. “Often it’s in the low hundreds of milliseconds, so there’s no noticeable impact on checkout flow.”
Achieving that speed requires infrastructure capable of handling enormous transaction volumes. Each order arrives with signals such as device information, browsing activity, and purchase history that must be evaluated immediately. During major shopping events, that load multiplies fast.
The systems behind those decisions don't stay static. Fraud tactics evolve, and models that don't keep pace lose effectiveness fast.
In many ways, running a modern fraud platform is as much a data engineering challenge as a machine learning one. Models retrain constantly — new data in, signals recalibrated, thresholds adjusted — because the alternative is falling behind.
The goal isn't zero fraud. It never was
Generative AI and automated attack tools have introduced new complications for fraud prevention teams. Fraudsters can now test systems more efficiently, imitate legitimate behavior, and refine tactics quickly. Many operations rely on patience and experimentation rather than brute force attacks.
The result is fraud that may not appear suspicious at first glance. Instead of obvious spikes in activity, merchants increasingly face subtle patterns that only reveal themselves over time.
For fraud prevention platforms, detection systems must evolve just as quickly. Models retrain, signals shift, and infrastructure expands to keep pace.
The industry, however, is not attempting to eliminate fraud entirely.
“The goal isn’t zero fraud,” Sheikrojan said. “The goal is sustainable, profitable growth under controlled risk.”
If that balance holds, attackers move on in search of easier targets.
