Fraudio Says Payment Fraud Rose Around 25% as Shared Infrastructure Drives Network-Level Attacks at Money20/20 Europe

Fraudio used Money20/20 Europe in Amsterdam to argue that payment fraud is no longer behaving like a series of isolated bad transactions. Based on its proprietary transaction risk data, the company says the real signal is moving to shared infrastructure, repeated entities and coordinated payment routes — exactly the kind of pattern that can slip through transaction-by-transaction controls.

1. Fraudio said payment fraud has risen by around 25%, based on analysis of its proprietary transaction risk data, with observed fraud activity increasingly concentrated around shared infrastructure and coordinated payment networks.
2. More than 90% of observed fraud events were linked to shared infrastructure, including IPs connected to a large number of cards. Fraudio also said it saw repeated patterns across payment flows, across merchants and submerchants, and across geographies.
3. Transactions routed via submerchants showed a higher observed fraud rate than direct merchant transactions in Fraudio’s analysed dataset. For PSPs and acquirers, that matters because layered commerce models add another place where risk can hide if controls only look at the top-level merchant.
4. Fraudio said transactions where 3DS (3-D Secure) was used and succeeded still showed fraud activity, which is a reminder that authentication is not the same thing as fraud prevention. The company’s point is simple: layered fraud controls still matter after the 3DS step has passed.
5. Fraudio’s false-positive proxy increased across the analysed period, suggesting that legitimate customers may be getting caught by blunt fraud controls more often. João Moura, CEO and Co-founder of Fraudio, said the strongest patterns are “shared infrastructure, repeated entities and coordinated routes across the payment ecosystem.”

The company said the findings were officially unveiled at Money20/20 Europe in Amsterdam and point to a shift from isolated fraudulent payments to coordinated attack patterns across cards, merchants, geographies and payment flows. For high-risk operators, the practical takeaway is that fraud screening has to look beyond the single transaction and into the network around it.