AI & Automation

Production AI in payments clusters around four categories: fraud scoring (ML models scoring transactions in real time, deployed at Stripe, Adyen, PayPal, and most large PSPs for years), smart routing (ML-driven acquirer selection to maximise authorisation rates — Stripe PFM, Adyen Uplift), reconciliation automation (LLMs and NLP matching payment records against invoices, handling remittance data extraction), and agentic commerce (AI agents initiating and executing payments autonomously — live in controlled deployments via Visa TAP, Mastercard Agent Pay, Stripe ACP as of 2025–2026). Marketing AI in payments usually means rule-based systems relabelled, simple threshold scoring, or features still in internal testing. The test: ask the vendor for the specific model architecture, retraining cadence, and a documented authorisation rate or fraud reduction lift.

Rule engines apply explicit human-written conditions (if country = high-risk AND amount > $500 AND new device, decline). They are interpretable, fast to deploy, and predictable — but they decay as fraud patterns evolve and require constant manual updating. ML models learn statistical patterns from labelled transaction data — identifying non-obvious feature combinations that correlate with fraud. They generalise to new fraud patterns without manual rule updates, but require: sufficient labelled training data (typically millions of transactions), feature engineering, ongoing retraining as fraud drifts, and explainability infrastructure for compliance and appeals. In practice, production fraud systems at scale are hybrid: rules handle obvious blocks and business logic (declined merchant categories, velocity limits), while ML models score the ambiguous middle of the distribution.

Agentic commerce refers to AI agents — software that can browse, decide, and transact autonomously on behalf of users — completing purchases without a human present at checkout. As of 2026, this is live infrastructure: Mastercard confirmed Europe's first end-to-end AI agent payment (Santander, March 2026), Stripe's ACP endpoint handles OpenAI's Instant Checkout, and Visa's Trusted Agent Protocol provides cryptographic agent identity verification for merchants. For merchants, agentic commerce means: your checkout will be called by software, not just humans; agent-initiated transactions need separate fraud signal treatment (no mouse movement, typing cadence, or device fingerprint signals); and Visa/Mastercard network credential models (scoped tokens per agent) are the emerging authorisation standard for this traffic.

Four questions cut through most AI marketing in payments. First, what is the specific model architecture — gradient boosting, transformer, ensemble — and when was it last retrained? Vague answers ('advanced machine learning') signal marketing language. Second, what is the documented performance lift — authorisation rate improvement in basis points, fraud reduction as percentage of GMV, FP rate reduction — with a defined time period and merchant cohort? Third, how does the vendor handle concept drift — when fraud patterns shift, how quickly is the model updated and what triggers retraining? Fourth, is the model explainable — can it produce a human-readable reason for a specific decision? Regulated operators in the EU (AI Act, credit decisions) and US (adverse action notices) increasingly need explainability for automated payment decisions.

Payment AI models face specific MLOps challenges that generic ML infrastructure does not fully address. Labelling lag: fraud labels arrive weeks after transactions (chargebacks, confirmed disputes), so models train on incomplete ground truth. PSI monitoring: Population Stability Index tracking detects when the input distribution has drifted from training data — a leading indicator that model performance is degrading before it shows up in fraud rates. Event-driven retraining: retraining triggered by drift metrics, not just calendar schedule, because fraud patterns can shift in days during active attack campaigns. Shadow mode deployment: running new models in shadow alongside production before switching, to validate performance without live risk. Fallback logic: when the model returns low-confidence scores, rules-based fallback prevents both excessive fraud and excessive false declines.