As Buy Now, Pay Later (BNPL) becomes more common and its use spreads to more sectors, it’s attracting more bad actors who are leveraging Artificial Intelligence (AI) while learning from one another. That makes stopping them more challenging.
EverC is at the forefront of the BNPL fraud battle. Using a combination of old-fashioned legwork and a fully automated, AI-driven risk intelligence platform, EverC helps acquirers, banks, and payment service providers combat increasingly sophisticated actors and a wider range of threats.
The system produces a proprietary graph that identifies connections between entities to deliver a more holistic risk picture. The initial risk assessment is supported by flagging high-risk merchants through first-time web content screening, reputation and web traffic checks, and an MCC classification with an extra validation layer for high-risk MCCs.
EverC also manages elevated risk levels throughout the merchant lifecycle. Via live web crawling, it continuously monitors merchant activity. The technology compiles a unique ecosystem for each URL to detect connections to suspicious websites.
Roughly $2 trillion of counterfeit and pirated goods are traded annually, costing the global economy $500 billion. Consumer confidence and business reputations are at risk.
“We’re out in the wild looking for violent actors that hurt payment customers,” EverC’s VP of Risk & Strategy,
Melissa Sutherland, said. “We enable the right commerce by disrupting the bad.”
How EverC Fights Fraud
EverC employs a global team of multilingual and international analysts mimicking consumer victim behaviors online in the most prolific spaces. Their findings, gleaned from conversations, websites and elsewhere, are absorbed into the system.
“We continuously do this activity and feed it back into our ecosystem, so we’re able to determine known bad environments,” Sutherland explained. “Then we amplify around the known bad actors and look for associated connections to them.”
“We’re continuously reinventing those queries and looking for more and more bad actors selling more and more outrageous items that they shouldn’t be selling. Ultimately, what we’re trying to do in enabling good commerce is to keep the consumer trust high as they’re out on the Internet. We want consumers spending. We want them buying safe goods, and so do our partners.”
Why BNPL fraud is popular
BNPL is a fraud magnet for several reasons. It’s only becoming more popular. A fintech-focused payment product, it’s a service evolving faster than regulators can regulate. That’s catnip to criminals.
“Bad actors are very skilled at seeing a new trend and jumping into it before the fintech has time to throw robust checks and balances on compliance around it,” Sutherland said. “That’s not a that’s not a slight on them; Fintech moves at remarkable speed.”
“We all know that compliance is boring. Bad actors know that. They know that the excitement of fintech is an opportunity.”
BNPL attracts the same types of criminals as other financial services sectors, but at a heightened pace because more mature payment rails are better prepared for them. There are illegitimate storefronts and fake consumers. With many new and newish providers, and many founders with little financial services background, potential victims abound.
Staying ahead of the trends
Sutherland said that’s why it’s important to work with a trusted partner. When meeting with a new client, EverC discusses their pain points and emerging industry threats. It’s a hands-on approach that evolves with the customer.
Armed with data on a known ecosystem as it scans an evolving one, EverC regularly meets with the client to discuss progress. Is the system catching what it’s supposed to? Did it identify unexpected threats?
Regular client conversations help identify emerging trends. Those clients also discuss issues with regulators. More knowledge improves the system.
Tight regulations still a focus for many
While 2025 began with its share of regulatory uncertainty, the business ecosystem prioritizes consumer trust.
“They truly believe in the power of commerce: good buyers, good sellers, and seeing the state, states, plural, partnering together,” Sutherland said. “They are not enabling a laissez-faire attitude of trust and safety at the consumer level. So nobody is taking their foot off the gas. Because the federal government has taken a step back doesn’t mean it’s a free-for-all. Nobody wants to enable terrible commerce.”
Many regulators elsewhere are very consumer-centric. Sutherland said they focus on a host of issues like disclosures, credit stacking and transparency. That pressures the U.S. market to keep up.
Meaningful friction is a necessity.
Meaningful friction is one method of stalling bad actors. Sutherland said that EverC introduces meaningful friction throughout the buyer and seller life cycles. That forces bad actors to pause to figure out how to infiltrate and trick systems.
“We, as a legitimate economy, have to be very good at accepting a little bit of friction that keeps everybody safe,” Sutherland said. “Any desire to speed load buyers and sellers to claim victory in the market is enabling the bad actor to penetrate us over and over and over again.”
“The speed rush to get everybody on your platform, this is the most dangerous way to tip over and get completely taken advantage of by the bad actors. Meaningful friction is the only way to keep them out. We just have to agree on the best way to introduce meaningful friction so we all remain competitive.”
How is meaningful friction defined? There are many starting points, but a good one is in protecting oneself from emerging threats. A company may believe it has effective identity validation protocols in place at sign-up, but how effective are they at continuous monitoring? What happens if an identity has been sold or stolen?
Sutherland said just-in-time face screening can help ensure the human screened at sign-up is still the one using the profile. For example, is the IP address the same?
Consumer risk is evolving.
Individual consumer risk constantly evolves, with 14% developing a higher risk profile. That rate could rise under current economic conditions.
The Consumer Financial Protection Bureau was monitoring this trend in 2024 and found that more subprime consumers were using BNPL. Folks are using BNPL for smaller purchases. A wider variety of business sectors are employing it.
Has AI helped protect companies and consumers? Sutherland said absolutely, but added an important caveat – criminals are just as quick to get on this trend, just like they do with any other.
“As we knock them down, they are incentivized to get better, so they are academically upping their game, and they’re using the tools that we use in the same methodology, simply to trick the merchant or BNPL provider to get into their environment,” Sutherland said. “Absolutely, they’ve gotten better, and they’ve increased their supply chain. They’re sharing information between each other, and they’re sharing infrastructure.”
“Bad actors, while sophisticated and highly motivated, leave a beautiful breadcrumb trail where we can use our models to pick up the nuggets and build the profile of who they are. There are an infinite number of ways that you could come into the world, but there are a finite number of actors that are in that space and bad actors. While they’re good and they’re incentivized, they’re not particularly robust in a foundational secrecy of what they do.”
The realistic aim is not to stop fraud, but to make it so onerous that criminals move on.
Blame COVID-19 for improving criminal activity. Sutherland said criminals share methodologies, hardware, money, and even mules. It’s no longer a geographical battle but a typological one.
It’s also easier to get started. The aspiring criminal can buy a software kit and quickly set up shop.
“We have mega-actors, and then we have what essentially amounts to an MLM of fraud actors buying into the fraud ecosystem,” Sutherland said. “So it’s Fraud-as-a-Service, and this is all on the heels of COVID.”
“The convergence of the threat actor is one of the long tails of destruction that we’re going to continue to see.”