Refund abuse is not just fraud; it’s a design problem

Retail fraud is usually framed as an external threat, professional criminals, stolen cards, organised attacks. And those risks are real. But a growing share of ecommerce losses is coming from somewhere far less obvious: customers themselves. According to Ravelin’s State of Refund Abuse Report, more than one in four online shoppers admit to exploiting refund policies. Even more striking, 46% of those who attempt it say they succeed every time.

At that point, something changes. When behaviour succeeds that consistently, it stops feeling risky and starts becoming routine. So, this raises a harder question: Is refund abuse really just fraud? Or is it a design problem in how digital commerce works?

The system doesn’t just allow abuse, it enables it

Refund abuse sits in a grey zone between opportunism and intent.

Some customers buy more than they need to unlock free shipping, planning to return the excess. Others claim refunds for delayed deliveries and keep the goods when they arrive. Some wear items once and send them back.

Individually, these behaviours feel minor. But collectively, they create meaningful losses.

What’s more concerning is how they’re perceived. Many customers don’t see this as fraud at all. They see it as a tactic. A third believe companies can absorb the loss, and others feel justified bending the rules if something goes wrong with an order.

At that point, this isn’t just misuse of policy, it’s normalised behaviour.

And when behaviour is normalised, it scales.

Refund abuse has become economically rational

The report reveals something that should give every retailer pause: refund abuse pays. On average, abusers report gaining hundreds each year from these tactics, with frequent offenders extracting even more. The more often they do it, the more they gain, and the more confident they become.

This is no longer edge-case fraud. It’s a repeatable, low-risk, high-reward activity. Systems that consistently reward behaviour at scale are not being exploited, they are being followed.

The typical response makes things worse

When refund abuse increases, merchants tend to respond in predictable ways:

• Tightening policies

• Adding verification steps

• Introducing more checks

• Charging for returns

The intention is understandable, but the impact is broad. These measures apply to everyone, not just abusers. And the consequences are clear: over a third of consumers say they would abandon a brand if forced to pay for returns, and many report that online shopping is becoming more difficult and less enjoyable.

This creates a familiar tension. The more businesses try to protect themselves, the more friction they introduce for legitimate customers. And in a world where convenience increasingly defines loyalty, that’s a dangerous trade-off.

Promotions don’t just drive growth, they attract abuse

Sales campaigns and incentives make the problem even more visible. Nearly a third of refund abusers admit they are most likely to exploit policies when promotions are running. Events like Black Friday, seasonal sales, and gift-buying periods don’t just increase volume, they change the composition of customers.

Promotions aren’t just attracting more shoppers. They’re selectively attracting opportunistic behaviour.

This creates an uncomfortable dynamic inside organisations. Marketing teams are optimising for growth, while risk teams are trying to contain exposure. Without a shared view of customer behaviour, they end up working against each other.

Abuse doesn’t stay occasional, it becomes habitual

Perhaps the most concerning finding is how behaviour evolves. Sixty percent of refund abusers say they are doing it as often, or more often, than in previous years. The more successful they are, the more likely they are to repeat it.

Over time, opportunistic behaviour becomes learned behaviour. And learned behaviour becomes habit. These aren’t one-off incidents, they’re repeat offenders who quietly drain margins over time.

AI is accelerating the trend

Technology is making this easier still. Around a third of refund abusers say they are using, or considering using, AI tools to help them obtain refunds. Some use it to draft claims. Others use it to identify loopholes or even generate supporting evidence.

AI doesn’t just lower the barrier, it industrialises refund abuse. And as that barrier continues to fall, simply adding more controls to transactions becomes harder to sustain.

The real problem sits inside the payment model

Most ecommerce fraud prevention today focuses on the transaction:

• Was the payment authorised?

• Does the behaviour look suspicious?

• Should we add authentication?

These checks are necessary, but they expose a deeper limitation. The system is trying to assess risk without truly knowing who the customer is. Instead of repeatedly interrogating individual transactions, what if we focused on establishing confidence in the customer behind them? Because the report makes one thing clear: the real risk isn’t a single transaction, it’s repeat behaviour over time.

When identity is weak, behaviour resets with every purchase. When identity is strong, behaviour compounds.

Protecting trust without punishing customers

Refund abuse highlights a deeper imbalance in digital commerce. Customers expect seamless experiences. Merchants need protection from exploitation. Blanket friction solves neither.

A more sustainable approach is to strengthen confidence in who the customer actually is, so that behaviour can be understood across time, not just assessed in isolation.

When that happens:

• Legitimate customers move more easily

• Repeat offenders become visible earlier

• Interventions can be targeted, not universal

Trust improves, not because friction increases, but because certainty does.

A different way forward

Refund abuse may look like a fraud problem. But at its core, it exposes a structural gap in how ecommerce systems work. They are built to optimise transactions, not understand customers.

Closing that gap doesn’t just reduce abuse. It reshapes how trust, risk, and experience work together. And that’s where the next evolution of digital commerce will begin.