Fake E-Commerce Receipts: Understanding Refund Fraud Risk

Fake receipts cost French retail 17 billion euros per year

A customer submits an online refund request. They attach a PDF receipt for an item priced at 289 euros. The document looks clean, the logo is correct, the amount is consistent. Your customer service agent checks it, hesitates for two seconds, and approves the refund. What they do not see: the receipt was created just minutes earlier using a free tool available on the internet. The transaction it claims to document never took place. This scenario is now repeating across hundreds of French retailers, and it is scaling at a speed manual controls cannot follow.

The scale of the problem in France

Document fraud in retail has reached proportions that directly threaten retailers' results. Banque de France data puts direct losses linked to fraudulent transactions at 618.4 million euros for 3.7 million compromised operations during the first half of 2025 alone [Banque de France — Observatoire de la Sécurité des Moyens de Paiement, Note statistiques S1 2025 (2025)].

For retail, a study conducted by the Center for Economic Business and Research in partnership with Adyen estimates total losses suffered by French retailers at 17 billion euros in 2023 [Adyen / CEBR — Rapport sur le coût de la fraude pour les commerçants français (2023)]. The average loss per retailer is 1.5 million euros, rising to 2.4 million in the luxury sector [Adyen / CEBR — Rapport sur le coût de la fraude pour les commerçants français (2023)].

Unaccounted inventory losses—what the industry calls inventory shrinkageDifference between the theoretical stock count and the actual stock observed in stores. It includes theft, errors, and all losses not justified by an accounting entry.—reached 7.3 billion euros in France in 2024 [Groupe Prometheus / FCD — Chiffres nationaux démarque inconnue 2024 (2024)].

Refund fraud alone accounts for 16% of the most costly fraud categories for French companies [Ravelin — Global Fraud Trends 2025, données France (2025)]. The share of merchants affected rose from 36% in 2024 to 46% in 2025, and 74% of professionals expect it to worsen [Ravelin — Global Fraud Trends 2025, données France (2025)].

Why retailers have become such an easy target

Return policies designed for trust, turned against the retailer

The retail business model is built on a simple promise: if an item does not fit, you return it. This promise is the first thing professional fraudsters study. They identify retailers with the most generous return windows, the least systematic checks, and the most accommodating agents. They do not attack the checkout head-on—they attack the customer service process, the most human link in the chain.

A volume of requests impossible to process manually

The gross volume of operations in France amounts to 34 billion annual transactions, representing 34,864 billion euros exchanged [Banque de France — Observatoire de la Sécurité des Moyens de Paiement 2025 (2025)]. In that flow, no retailer can manually verify every return request. Customer service agents handle dozens of cases per hour. A visual check of a receipt takes less than ten seconds. This imbalance between volume and available time structurally favors the fraudster.

The end of the paper receipt made forgery easier

The AGEC lawAnti-Waste Law for a Circular Economy, enacted in France on 10 February 2020. Since 1 August 2023, it has banned the systematic printing of receipts at physical points of sale. banned the systematic printing of receipts starting on 1 August 2023. One year after it took effect, 26% of French consumers now demand their receipt in digital format [Perifem / OpinionWay — Étude sur la suppression du ticket de caisse, un an après (2024)]. The thermal paper receipt, hard to reproduce faithfully, gave way to PDF files sent by email or SMS. These files can be modified with tools accessible to anyone. The ecological transition, unintentionally, made the counterfeiter's job easier.

Why your current defenses are no longer enough

A trained agent cannot see what the human eye cannot see

For years, an experienced agent could spot a fake receipt using visual clues: approximate typography, a distorted logo, an incorrect calculation. Those cues are now outdated. generative artificial intelligenceTechnology capable of automatically creating content—texts, images, documents—from simple instructions. It can now produce documents that are visually identical to the originals. tools make it possible to create digital receipts that are visually flawless, with perfectly reproduced logos and arithmetically consistent amounts [Reddit r/Accounting — Discussion sur la génération de faux reçus par intelligence artificielle (2025)]. Today's forged document is designed to pass the visual checks built to detect yesterday's forgery.

Certified cash register software protects the checkout, not returns

The NF525French certification ensuring that point-of-sale software records transactions in a final, non-editable manner. Mandatory for VAT-liable merchants in France. standard requires that every sale recorded at the checkout be sealed and non-editable. This is strong protection at the point of sale. But this protection stops at the store boundary. When a customer submits a receipt via a web portal or by email, the agent who receives it generally does not have real-time access to the internal database to confirm that the transaction actually took place. The lock exists on the checkout side—the service door on the returns side remains open.

The commercial dilemma paralyzes the decision

Field data shows it unambiguously: 76% of French organizations say they feel obliged to issue the refund demanded by a customer, even when they suspect an anomaly [Ravelin — Global Fraud Trends 2025, données France (2025)]. 58% of teams admit they cannot distinguish a legitimate claim from an attempted scam [Ravelin — Global Fraud Trends 2025, données France (2025)]. In this context of uncertainty, 67% of French companies choose to protect brand image rather than block the refund [Ravelin — Global Fraud Trends 2025, données France (2025)]. This calculation is exactly what organized fraud networks have integrated into their model.

Legal and compliance framework: what matters most

The legal consequences of a forged document always depend on the facts, the sector involved, the applicable qualification, and the competent jurisdiction. In practice, the main issue for an organization is to be able to demonstrate a proportionate, traceable, and well-documented verification process, with human review whenever a decision may have a significant effect.

The controls described here should therefore be understood as risk-management, compliance, and evidence-preservation measures. Any final blocking decision, report, contractual sanction, or legal action should still be validated by the relevant legal or compliance teams.

Frequently asked questions before integration

Does the engine work on all types of supporting documents, including receipts from small merchants or foreign receipts?

DeepForgery Documents analyzes any submitted digital file, regardless of the issuing country, the document language, or the issuer size. Analysis of the file structure and digital characteristics does not rely on a pre-registered document template: it reads the fingerprints left by creation tools, which are universal. The only limitation concerns low-quality photos of crumpled or illegible paper receipts, where image degradation reduces analysis reliability.

How does this approach differ from automated visual verification or a simple document-reading tool?

Document-reading tools read what is displayed. They can confirm that an amount of 289 euros appears on the document. They cannot detect that this amount was modified after the file was created, nor that the file was never produced by a point-of-sale terminal. DeepForgery analyzes the file's internal structure and digital characteristics—information that the display does not reveal and that the human eye cannot see.

Does integration slow down the processing of legitimate requests?

The analysis time per document is on the order of a few seconds. This step occurs at the moment the customer uploads the supporting document, before the case even enters the agents' processing queue. Cases with no detected anomaly reach agents with a compliance indicator. Only cases showing warning signals are put on hold or forwarded to the security team depending on configured rules. Legitimate customers do not experience any noticeable delay.

What your teams gain in concrete terms

Customer service agents stop being the last line of defense. Automated verification filters cases showing anomalies upstream. Agents handle legitimate claims with the attention they deserve, without deadline pressure and without having to decide on ambiguous cases without objective elements.

Security teams move from reacting to identifying. Automatic cross-checking makes it possible to identify clusters of fraudulent requests sharing the same pattern before a network has exhausted its potential against the retailer.

Legal departments gain documented elements. Each flagged case generates a structured report describing identified anomalies and the associated risk level. These elements form a documentary basis for internal disciplinary procedures and criminal complaints, meeting evidentiary requirements set by case law.

Verification adapts to risk, not uniformity. Low-risk cases follow a smooth path. Cases showing anomalies trigger a verification level tailored to the situation. The business model of organized fraud networks relies on process predictability—this predictability disappears as soon as verification becomes differentiated.

Conclusion

Forging receipts is no longer an isolated fraud committed by a few skilled individuals. It has become a structured economic model, equipped with technologies accessible to everyone, operated methodically by networks that mapped return-process weaknesses before acting. The losses recorded by French retail every year are not the result of bad luck—they are the result of a control architecture designed for a world where fake documents were detectable with the naked eye.

The legal framework simultaneously tightens requirements for retailers: proving internal fraud without material evidence exposes them to labor-court sanctions, and blocking a refund without documented justification creates legal risk. The dematerialization of receipts, imposed by the AGEC law, also made digital receipts easier to modify than the paper receipts they replaced.

When a forged receipt is flagged before it reaches the processing queue, it generates neither direct loss, nor a dead-end procedure, nor a decision made blindly. It is documented, traceable, and usable—as if it never had any chance of slipping through.