Last updated May 15, 2026 with a closer look at the AI-plus-human-experts model and how Wyllo’s analysts feed live signal back into the decision engine.
The most underrated part of fraud prevention in 2026 is not the AI. It’s what the AI doesn’t see. Pure AI systems catch the obvious patterns at scale, but they over-decline borderline orders, miss novel attack patterns the model hasn’t been trained on yet, and apply generic thresholds that don’t fit any individual merchant’s customer base.
That gap is where human fraud analysts pay back. Industry research puts modern AI fraud detection accuracy at 90–97% versus 60–75% for rules-based legacy systems, with false-positive rates dropping from 10–20% to under 2%. But the strongest results come from systems that pair AI with human expertise, not AI alone. Mastercard’s generative-AI work on compromised cards doubled detection rates and cut false declines by up to 200%. HSBC reduced false positives by 60% with AI-driven dynamic risk assessment plus a human review layer.
At Wyllo, the Payment Fraud Protection decision engine is trained on massive datasets pulled from historical transactions across a large network of merchants, public records, third-party databases, and behavioral analytics. Those signals build rich profiles that drive accurate pass/fail decisions on every transaction. But the engine doesn’t stop learning when it goes live. Wyllo’s fraud analysts refine it continuously by interpreting borderline orders, surfacing emerging patterns, and translating what they see in the field into new rules the engine can apply at scale.
Anthea, a fraud expert and Australia Fraud Operations Team Lead at Wyllo, reviews more than 55,000 transactions a year. In this article she shares how her team investigates flagged orders, identifies emerging fraud trends, and improves the AI decision engine so merchants approve more legitimate orders.
Scrutinize Every Step of the Purchase Journey with AI fraud detection and Analysts
It’s important to string together all the datapoints to get context on each transaction.
Fraud analysts don’t just focus on the final purchase. They examine the entire order journey to understand customer buying patterns.
“I studied journalism. So, I love the investigative side of researching transactions,” Anthea shares. “My job is all about dissecting transactions and using datapoints to tell stories.”
Her team meticulously scrutinizes every order detail. They compare billing and shipping addresses for inconsistencies, check that email addresses match the account history, and analyze prior order behavior to understand each shopper’s typical pattern. Even the product mix and the device used to place the order can raise red flags if they fall outside what’s normal for that customer.
The pattern that matters here is connection, not isolation. One mismatched datapoint is rarely conclusive; a coherent picture across signals is.
When an Order Is Flagged for Review but Approved
Rigid fraud prevention solutions might have a lower threshold for risk and would automatically fail these transactions.
The signature value of a human analyst layer is approving orders that a pure-AI system would over-decline.
Anthea walks through a recent case. A high-value order was flagged for review because the transaction details didn’t line up to a clean automatic approval. “Our decision engine is pretty powerful, so orders flagged for review are handled on a case-by-case basis.” Whether the score is built from two datapoints or ten, the cases where signals don’t agree are exactly the cases where human judgment matters most.
“It’s important to string together all the datapoints to get context on each transaction,” Anthea says.
In the flagged case, the shopper’s shipping address didn’t appear to link to him personally. On closer review, the address connected to a local construction company in the same area. A builder employed by that company had placed an order for synthetic turf. The transaction was legitimate, and Anthea’s team approved it.
“Rigid fraud prevention solutions have a lower threshold for risk and automatically fail transactions that are actually legitimate. Context is so important, and that’s why human review with AI fraud detection and analysts is essential for merchants,” Anthea emphasizes. “Otherwise, you’re failing orders, disappointing good customers, and missing out on legitimate revenue.”
This is the false-decline economics most merchants underestimate. A blocked legitimate order doesn’t just cost the revenue on that transaction. It often costs the lifetime value of a customer who quietly takes their business elsewhere.
Look for Signs of an Impending Fraud Attack with AI fraud detection and Analysts
The best defense is proactivity, so we’re constantly combing through suspicious activity.
Fraudsters constantly devise new tricks to target vulnerabilities in a merchant’s ecommerce stack. They look for workarounds that won’t trigger alerts from a fraud prevention solution. Anthea’s team stays ahead of the curve by examining transactions for the early signals that indicate an attack is being prepared.
“The best defense is proactivity, so we’re constantly combing through suspicious activity,” Anthea shares. “We scrutinize every detail to identify activity that may indicate a fraud attack is coming. Once we find the trigger, we develop a hypothesis and test it.”
When Bots Visit Your Shop: A Precursor
In a recent case, Anthea’s team noticed bots adding items to cart but never checking out. The pattern (sometimes called “cookie jarring”) is a precursor to a fraud attack rather than the attack itself. Fraudsters know that adding items to a shopping cart builds session credibility in the eyes of fraud-screening systems. They use the pattern to warm up accounts or sessions before they card-test or attempt an account takeover.
Caught at the precursor stage, the merchant gets to block the upcoming attack before it happens. Caught after the attack, the merchant gets to clean up after it. The economics of those two outcomes are not comparable.
Bot-driven traffic has grown to a meaningful share of all ecommerce activity. F5 Labs’ 2025 Advanced Persistent Bots Report and adjacent research show automated traffic accounting for 57% of ecommerce website activity during the 2024 holiday season, with advanced AI-driven bots now making up roughly 60% of bot traffic. The precursor patterns Anthea’s team watches for matter more every year.
Wyllo Bot and Reseller Detection catches the device, network, telemetry, and behavioral signals that distinguish bots from legitimate shoppers, including the alias accounts and warmed-up sessions that try to disguise themselves as real customers.
How AI Learns From Human Analysts
The collaboration is bidirectional, and that’s the point.
AI excels at pattern recognition across vast datasets. It can score thousands of transactions per second, surface anomalies a human eye would never catch, and apply consistent rules at a scale no team could match manually. What it can’t do well is interpret novel patterns it’s never seen, weigh context that lives outside its training data, or decide whether the cluster of signals it surfaced actually indicates fraud or just an unusual but legitimate customer.
Analysts feed the AI with three things models can’t generate on their own:
False-positive feedback. When the AI flags a legitimate order and a human analyst clears it, the resolution data goes back into the model. Over time, that’s how the AI learns to approve more borderline-but-legitimate orders.
Novel attack pattern intelligence. When analysts spot a precursor like cookie jarring or a new triangulation fraud variant, they translate it into rules the engine can apply at scale before the pattern hits other merchants.
Merchant-specific context. Generic models don’t know that a particular shipping address links to a local construction company. Analysts do, and that context informs decisioning rules that fit the specific business.
This is what “AI plus human experts” actually means in practice. It’s not a marketing phrase. It’s the operating model that produces both higher approval rates and stronger catch rates than either layer can deliver alone.
How Wyllo Helps Using AI fraud detection and Analysts
Wyllo, the CX-first risk intelligence platform, is built around exactly this AI-plus-human-experts model. Three products do the most work in this conversation:
- Wyllo Payment Fraud Protection pairs AI-driven decisioning with human fraud experts who review the orders where merchant-specific context matters most. Higher approval rates on real customers, stronger catch rates on coordinated abuse, optional chargeback guarantee for predictable economics on residual loss.
- Wyllo Bot and Reseller Detection catches the precursor patterns (cookie jarring, session warming, alias accounts, coordinated reconnaissance) before they turn into attacks.
- Wyllo Claim and Policy Abuse Prevention catches the account takeover and policy exploitation patterns that follow successful fraud preparation work.
Precision over paranoia. Less reaction. More reason. Designed to think ahead.
Frequently Asked Questions
Why isn’t pure AI fraud detection enough?
AI excels at pattern recognition at scale but struggles in three places where human expertise pays back. It over-declines borderline-but-legitimate orders because the model doesn’t have the context to interpret unusual customer behavior. It misses novel attack patterns it hasn’t been trained on yet. And it applies generic thresholds that don’t match any individual merchant’s customer base. Industry research shows AI plus human expert review consistently outperforms pure-AI on both approval rates and catch rates.
What does a fraud analyst actually do day to day?
The job spans pattern recognition, transaction-level investigation, risk assessment, dispute response, and continuous improvement of the underlying detection model. A typical day involves reviewing orders flagged for human attention by the AI, looking for emerging attack patterns in aggregate data, working with merchants to understand their specific risk profile, and feeding new intelligence back into the decision engine so it catches similar cases automatically next time.
What is cookie jarring?
Cookie jarring is a precursor fraud pattern where bots or low-effort actors add items to a shopping cart without checking out, sometimes across many sessions. The goal is to build credibility for the account or session before the actual fraud attack (card testing, ATO, or policy abuse). Spotting cookie jarring early lets merchants block the upcoming attack before it happens rather than cleaning up after it.
How do fraud analysts improve AI decisioning?
Three main mechanisms. They feed false-positive data back into the model when the AI flags a legitimate order. They translate novel attack patterns into rules the engine can apply at scale. And they add merchant-specific context (like recognizing that a particular address links to a known business) that generic models can’t surface on their own.
How much do false declines actually cost?
A lot. Industry research puts rules-based legacy systems at false-positive rates of 10–20%, dropping to under 2% with modern AI plus human expert review. The cost of a false decline isn’t just the lost order; it’s the lifetime value of the customer who walks away convinced the merchant doesn’t trust them. For many ecommerce categories, the false-decline cost exceeds the cost of the fraud the system is trying to prevent.
Can AI handle high-value, complex orders without human review?
It can, but it shouldn’t, especially at the margins. High-value orders with mixed signals (clean identity, unusual shipping pattern, or vice versa) are exactly the cases where merchant-specific context matters most. Pure-AI systems tend to over-decline these. The strongest approval rates on high-value orders come from systems that pair AI screening with human analyst review on the cases where context matters.
Bringing It Together
AI is fast. Human fraud analysts catch what AI misses. The merchants seeing the strongest results in 2026 are the ones who use AI fraud detection and analysts together and treat the two as a partnership rather than a competition. Better approval rates on real customers, stronger catch rates on coordinated abuse, and a continuously improving decision engine that gets smarter with every order the team reviews.
Curious how the AI-plus-human-experts model would change what your fraud defenses actually catch? Start with Wyllo Payment Fraud Protection for the model in action, or explore the broader Wyllo platform for connected risk intelligence across the full customer journey.
