DataDome Details "Buy for Me" AI Agent Threats in E-Commerce; Frames Intent Assessment as Core Defense

News

DataDome publishes analysis of “buy for me” AI shopping agents and their inventory-locking and price-scraping risks to online retailers. The report frames autonomous shopping agents—including OpenAI Operator, Perplexity shopping features, and Google AI Mode—as generating bot-like traffic patterns with legitimate authorization, creating ambiguity between authorized deal-hunting and fraud. DataDome emphasizes that 80% of AI agents don’t properly identify themselves and positions its Agent Trust control plane as the solution, arguing that traditional bot detection (which distinguishes humans from non-humans) cannot distinguish authorized agents from malicious ones operating under stolen or spoofed credentials.

Why it matters

This analysis positions DataDome’s recently launched Agent Trust control plane and Priority Protect virtual waiting room as essential infrastructure for managing agentic commerce risk—a continuation of its May 2026 positioning (see May 13, May 11 items). The core message—that intent assessment throughout the user journey, not identity verification alone, is required—extends DataDome’s narrative arc and reinforces vendor differentiation around behavioral + identity-based controls. For retailers and payment processors, the implication is significant: agentic commerce liability and cart-stage fraud (not just checkout fraud) now require pre-transaction monitoring. The report also surfaces a regulatory gap: there is currently no agreed-upon framework in card network rules for dispute resolution when autonomous agents execute transactions, suggesting forthcoming payment rail governance.