The Agent Did It: Why Agentic Commerce Changes the Chargeback Equation

Since the chargeback system was first introduced through the Consumer Protection Act of 1968, consumers have found creative ways to dispute transactions. First came the rise of “friendly fraud”—also known as first-party or illegitimate fraud—where customers dispute valid purchases they regret, or forgot. Then came social media tutorials coaching consumers on how to game the system. Now comes agentic commerce, and with it, a new and more complicated chapter in the story of chargebacks that should never have been filed.

AI agents can now browse, compare, fill carts, and complete purchases on behalf of consumers—all flowing from a single moment of consent granted to the agent at the outset. The infrastructure for autonomous shopping is no longer theoretical. It’s operational. And that’s precisely where the problem begins.

When One Click Becomes Five

Consider a scenario playing out in homes right now: a consumer asks their AI assistant to find a highly-rated vitamin C serum. The agent searches, compares reviews, identifies a top-rated option, and presents it. The consumer approves with a tap.

The product page clearly disclosed that this was a subscription - monthly shipments, cancel anytime. The agent processed that information. But did the consumer fully absorb it? In the speed of the interaction, with the agent handling the details, the subscription terms may have been clearly displayed by the merchant, yet never truly registered with the consumer…

A month later, a second shipment arrives. The consumer doesn’t remember signing up for ongoing deliveries. They file a chargeback.

Here’s the question that will define the next era of disputes: was the consumer bound by the consent they provided to the agent to make a payment on their behalf? Is this a valid chargeback—a genuine case of an agent executing beyond the boundaries the consumer intended? Or does it fall into the realm of friendly fraud, where the consumer is using the agent as cover for buyer’s remorse?

This is the new grey zone. Not outright fraud. Not a clear mistake. Something murkier: a purchase made with reduced cognitive intent, where the consumer’s agency was diluted by the speed and efficiency of the agent acting on their behalf.

**The The Lines Converge **

There will be legitimate times when an agent makes a purchase that was genuinely not sanctioned by the consumer. There will be other times when it’s unclear

• the consumer approved something but didn’t fully define the scope. And there will be times when the consumer knows exactly what happened and is practicing chargeback fraud, using the agent as cover.

All of these scenarios are about to blur together more than ever before.

According to LexisNexis Risk Solutions’ analysis of over 104 billion global transactions, first-party misuse/friendly fraud, jumped from 15 percent of all fraud in 2023 to 36 percent in 2024, representing a significant swing in global fraud.

Now add a new variable: when an AI agent sits between the consumer and the merchant, the psychological distance increases. The consumer didn’t visit the merchant’s website. They didn’t scroll through product pages. They didn’t manually enter payment details. The transaction happened somewhere else, orchestrated by something else.

This further distance of the cardholder from the merchant will create both more cardholder confusion of the descriptors on their credit card statement, and less remorse to falsely claim,  ‘I didn’t authorize that’ or ‘I didn’t receive what I expected.’

The Evidence Challenge

For merchants, fighting chargebacks has always required evidence: proof of delivery, records of customer communication, documentation of authorization. In traditional e-commerce, that trail exists in server logs, email confirmations, and checkout flows.

In agentic commerce, the evidentiary landscape fragments. The consumer’s intent is expressed to an AI assistant. The browsing happens through a protocol layer - Google’s Universal Commerce Protocol, Microsoft’s Copilot Checkout, Shopify’s multi-protocol infrastructure, PayPal’s abstraction layer. The merchant may never have direct contact with the buyer at any point in the transaction.

When a dispute arrives, merchants face a new question: where is the evidence that the consumer authorized this specific purchase, with this specific scope? The data exists - somewhere across these platforms and protocols. But compiling it into a coherent response requires capabilities most merchants don’t yet have.

This is why evidence traces are so critical post-purchase. Not just for merchants, but for the entire ecosystem to have visibility into what cardholders consented to, what was disclosed, and what the cardholder understood at the moment of approval. But collecting that data is only half the challenge. The other half is transforming it into tailored, scenario-specific evidence — and that requires smart automation, not simply automated templates.

Preparing for the Shift

The protocols being deployed by major platforms include authentication frameworks and transaction logging precisely because the industry recognizes the complexity ahead. The infrastructure for secure, agent-mediated transactions is in the process of being built.

But infrastructure is only half the equation. The other half is what happens after the transaction—when a consumer files a dispute and the merchant must respond. That’s where the new complexity sits: parsing consent signals from multiple protocols, reconstructing the decision path an agent took, demonstrating that the purchase fell within the scope the consumer authorized.

Merchants selling through agentic channels need to think about post-transaction intelligence with the same rigor they’ve applied to fraud prevention. The disputes are coming - legitimate, ambiguous, and fraudulent alike. The question is whether the systems to distinguish between them will be ready.

The Moment of Preparation

Most merchants won’t face an avalanche of agent-related disputes tomorrow. But the pattern is clear: as more transactions flow through AI-mediated channels, the proportion of chargebacks involving agent ambiguity will grow.

This isn’t about predicting disaster. It’s about recognizing that the rules of engagement are changing. Consumers are gaining new ways to shop. Merchants are gaining new channels to sell. And between them, a new layer of complexity is emerging that will test every assumption about how disputes are triggered, fought, and resolved.

The companies that build robust post-transaction intelligence—evidence trails that can reconstruct what happened across fragmented protocols—will be positioned to protect their revenue. Those that don’t will find themselves incurring losses where the line between legitimate confusion and friendly fraud becomes impossible to draw.