CONCEPT Cited by 1 source

Multi-account abuse

Definition

Multi-account abuse is the fraud class where a single fraudulent actor creates several accounts to either:

1. Reuse promotional coupons / free-tier credits beyond what any single account is entitled to, or
2. Spread stolen card activity across multiple accounts to avoid per-account fraud-detection thresholds.

Sibling to free-trial abuse (repeatedly cycling through the same product's free trial) and distinct from pay-as-you-go abuse (consuming usage with no intent to pay at billing time).

Why it spiked in the agentic / LLM era

Per the 2026-05-27 Stripe Radar disclosure: "more than 1 in 6 sign-ups at AI companies are linked to multi-account abuse."

The economics: LLM compute is expensive per token, free-tier credits have direct dollar value (a free-tier account at an LLM voice / chat / image platform can be worth $5–$50 in compute), and account creation is cheap. The cost-asymmetry creates a financial incentive to industrialise account creation that didn't exist when free tiers were rate-limited rather than credit-quota'd.

Detection signal mix

Per the Stripe Radar disclosure, the detection signals are:

• Device fingerprints — browser / OS / hardware fingerprints recurring across accounts.
• IP addresses — same IP / IP-range hosting many sign-ups.
• Email domains — disposable-email or pattern-matched domains.
• "And more" — undisclosed.

The architectural shape is prior-abuse propagation across the Stripe network: a fraud signal seen at one merchant's sign-up flow becomes a flag against the same actor at any other Stripe merchant. This makes multi-account abuse a beneficiary of network-effect fraud detection — Stripe's signal-density grows with merchant count, so each new AI platform onboarding to Radar makes detection at all other AI platforms stronger.

Production reference

Per the 2026-05-27 Stripe disclosure: "In the past two months, ElevenLabs has been able to block 2,000 users a day from abusing its free tier."

This is a count of accounts blocked, not transactions. Multi-account-abuse detection operates on the account-creation surface (sign-up / verification flow), not the transaction surface.

Detection vs prevention

The 2026-05-27 disclosure positions multi-account-abuse detection as real-time at sign-up: "Radar can evaluate each new account in real time, so you can block suspicious accounts before abuse happens — on and off Stripe."

This is a prevention stance — block the account before any abuse occurs — rather than a detection stance that would only trigger after observed abuse, accepting the credits already consumed.

Seen in

• sources/2026-05-27-stripe-expanding-stripe-radar-to-protect-more-of-your-business — first canonical wiki definition; signals + production reference + 1-in-6 prevalence claim.

Related

• concepts/free-trial-abuse — sibling abuse class.
• concepts/pay-as-you-go-abuse — sibling agentic-era abuse class on the consumption-billing surface.
• concepts/network-effect-fraud-detection — network-effect signal-density framing.
• concepts/agentic-commerce-bot-score — sibling agentic-era primitive on the checkout surface (rather than the account-creation surface).
• systems/stripe-radar — detection system.
• systems/elevenlabs — production reference (2,000 blocked/day).
• patterns/cross-payment-method-fraud-network — broader network-propagation pattern.