Stripe’s latest Radar expansion reveals the scale of adversarial activity targeting AI services: one in six sign-up attempts are fraudulent, and free trial abuse has more than doubled in six months. For security teams, this data reframes identity verification as a frontline defense.
At its Sessions 2026 conference, Stripe announced a significant expansion of its Radar fraud detection platform to address what it characterizes as a new category of attack: token theft. The company’s data indicates that fraudsters targeting AI services are no longer primarily stealing money. They are stealing computational resources, burning inference costs through free trial abuse, and creating millions of synthetic accounts to drain sign-up credits.
The scale is striking. Radar blocked over 3.3 million risky sign-ups in a single month across eight high-growth AI businesses. Free trial abuse has more than doubled in the past six months. One in six attempted sign-ups across AI services running on Stripe’s infrastructure are made by bad actors.
Why Token Theft Changes the Threat Model
Traditional payment fraud operates on a straightforward model: steal credentials, make unauthorized purchases, monetize before detection. AI-service fraud introduces a different economic dynamic. The stolen resource (inference tokens, compute credits, API access) is consumed immediately and at scale. There is no chargeback window. There is no shipping delay that creates a detection opportunity. The damage is done in milliseconds.
This creates a security problem that goes beyond the payment layer. When 16% of sign-up attempts are adversarial, the identity verification surface becomes the primary battlefield. Attackers are deploying credential stuffing at scale, generating synthetic identities that pass basic verification, and automating abuse campaigns that traditional rate-limiting cannot contain.
The Security Implications Beyond Payments
For CISOs and security architects, Stripe’s data illuminates a broader trend: AI services are becoming high-value targets not because they store sensitive data, but because they provide immediate access to expensive computational resources. This reframes the threat model for any organization offering API-based AI services.
Consider the attack surface: a free trial offering GPT-class inference is, from an attacker’s perspective, a compute subsidy worth hundreds or thousands of dollars per compromised account. At the scale Stripe is observing (3.3 million blocked malicious sign-ups in one month across just eight companies), the aggregate compute theft represents a significant economic attack on AI service providers.
The Identity Layer as Security Perimeter
Stripe’s response, evaluating sign-ups and usage patterns in real time by drawing on signals across its entire payment network, represents an approach that security teams should study. The company is applying behavioral analysis not at the transaction layer, but at the identity creation layer, treating the sign-up form as the security boundary.
This aligns with a broader shift in security architecture away from perimeter-based trust and toward continuous verification. The sign-up is no longer a one-time trust decision. It is the beginning of an ongoing behavioral assessment.
What This Means for the Security Leader
Organizations operating AI services, or evaluating vendors that do, should treat Stripe’s data as a market signal. The adversarial pressure on AI-service identity verification is not a niche problem. It is a structural feature of the current threat landscape.
Defender Actions
- Audit your sign-up pipeline for identity verification strength. If your AI service offers free credits or trial access, assume that 10-20% of sign-up attempts are adversarial.
- Implement behavioral signals beyond static identity checks. Device fingerprinting, usage-pattern analysis, and network-level signals should inform trust decisions continuously, not just at registration.
- Quantify your compute exposure. Calculate the per-account cost of maximum free-tier usage and model the financial impact of adversarial sign-up rates at 15-20%.
- Treat API rate limiting as a security control, not just an infrastructure concern. Abuse-pattern detection should feed into your SOC’s alert pipeline.
- Evaluate platform-level fraud detection (Stripe Radar, equivalent tools) as a security investment, not solely a payments decision.
Source: Stripe Sessions 2026 Newsroom