Company Profile
Nomad Goods is a direct-to-consumer outdoor gear brand based in Portland, Oregon. They sell through their own Shopify storefront and process payments through Stripe. With 180,000 orders per year and an average order value of $87, their three-person customer service team handles roughly 1,200 tickets per week — returns, order inquiries, shipping issues, and product questions.
In early 2025, Nomad Goods deployed AI agents to handle Tier 1 customer support. The agents connected to Stripe for order lookups and refund processing, Klaviyo for email follow-ups, and Calendly for scheduling product consultations on high-value items.
The Problem
The AI agents worked remarkably well — for three months. Ticket resolution times dropped, customers reported high satisfaction, and the human team could focus on complex escalations.
Then a pattern emerged.
The $4,000 Incident
A customer contacted support claiming they had received damaged goods across four separate orders. The AI agent looked up each order in Stripe, confirmed the transactions existed, and processed refunds for all four — totaling $4,127.
The customer service lead reviewed the refunds the next morning and discovered the problem: the customer had received all four orders in perfect condition. They had exploited the AI agent's inability to verify damage claims by simply asserting the products were damaged. The agent, which had full Stripe write access, processed each refund without question.
The Pattern
When the team investigated further, they found 23 additional suspicious refunds over the prior 6 weeks, totaling $8,940. The AI agents had been processing refund requests based solely on customer claims, with no human verification threshold and no spending limit per transaction.
An AI agent with unrestricted write access to your payment processor is equivalent to giving every customer a self-service refund button. Without permission boundaries, the agent cannot distinguish legitimate claims from fraudulent ones.
Why Traditional Solutions Fell Short
Nomad Goods considered three alternatives before finding Pipeworks:
- Remove AI from refunds entirely — This would push all refund requests back to the human team, eliminating 35% of the time savings they had gained.
- Add refund logic to the AI prompt — They tried instructing the agent to "only process refunds under $50 without approval." But prompt-level instructions are suggestions, not enforcement. A determined customer could still talk the agent into making exceptions.
- Build custom middleware — Their developer quoted 6-8 weeks to build a permissions layer between the AI agent and Stripe. At their team size, this was not feasible.
The Solution
Nomad Goods migrated their AI customer service agents to Pipeworks over a single weekend, with no downtime for customers.
Read-only Stripe access by default
The primary customer service AI agent received read-only access to Stripe. It could look up orders, check payment status, view refund history, and retrieve customer details — but it could not create refunds, modify charges, or update customer records.
This single change eliminated the entire class of unauthorized refund fraud overnight.
Limited write access for small refunds
A second AI agent profile was configured with restricted write access: it could create refunds, but only for transactions under $50. This covered the most common legitimate scenarios — duplicate charges, small shipping credits, and promotional adjustments — without exposing the business to large fraudulent refunds.
Any refund request above $50 was automatically routed to the human team with full context from the AI conversation.
Klaviyo for automated follow-ups
The AI agent retained full access to Klaviyo for sending order confirmation emails, shipping updates, and post-resolution follow-ups. Since Klaviyo actions do not involve financial transactions, broader permissions were appropriate.
Automated follow-up emails after ticket resolution drove a 12% increase in post-support customer satisfaction scores.
Calendly for high-touch scheduling
For high-value orders (over $300), the AI agent could schedule product consultations through Calendly. This gave customers a path to human interaction for complex issues while keeping the AI agent handling the initial triage.
Integrations Used
Results After 60 Days
$0 in Unauthorized Refunds
In the 60 days after implementing permission controls, Nomad Goods recorded zero unauthorized or fraudulent refunds processed by AI agents. The read-only default meant that even if a customer successfully persuaded the agent that a refund was warranted, the agent could not execute it without the appropriate permission level.
The $50 threshold on the limited-write agent caught 94% of legitimate small refunds automatically, while routing the remaining 6% (higher-value or ambiguous cases) to the human team.
40% Faster Ticket Resolution
Despite adding permission restrictions, overall ticket resolution time improved by 40% compared to the pre-AI baseline and 12% compared to the unrestricted AI period.
The reason: most customer service interactions do not require write access at all. Customers asking "Where is my order?", "When will I be charged?", or "Can I change my shipping address?" only need the agent to read data. By optimizing the read-only path, Nomad Goods made the most common interactions faster.
| Metric | Pre-AI | Unrestricted AI | Pipeworks AI | Change (vs. Pre-AI) |
|---|---|---|---|---|
| Avg. ticket resolution time | 22 min | 14 min | 13 min | 40% faster |
| Fraudulent refunds per month | 0 (manual review) | 8-12 | 0 | Eliminated |
| Monthly fraud losses | $0 | $2,500-$4,100 | $0 | Eliminated |
| Tickets handled by AI (no human) | 0% | 78% | 82% | 82% automated |
| Customer satisfaction (CSAT) | 4.1/5 | 4.3/5 | 4.4/5 | +7% |
Human Team Focuses on What Matters
The three-person customer service team went from reviewing every AI interaction to only handling escalated cases — complex returns, product defects requiring investigation, and high-value refund approvals. Their workload shifted from reactive ticket processing to proactive quality improvement.
The team lead estimated that before the permission changes, roughly 30% of their time went toward auditing AI-processed refunds after the fact — checking for errors, flagging suspicious patterns, and reversing incorrect transactions. After the migration, that audit time dropped to near zero because the system prevented unauthorized actions from occurring in the first place.
Scammer Deterrence
An unexpected benefit: repeat fraud attempts dropped significantly. The same customer who had exploited the unrestricted AI agent attempted the same tactic two weeks after the migration. The AI agent acknowledged the claim, looked up the orders (read-only), and informed the customer that a team member would review the refund request. The customer never responded. Nomad Goods believes the friction of human review deterred casual fraud attempts that had previously been easy to execute.
The goal is not to prevent your AI agent from being useful. It is to match the agent's permissions to the risk level of each action. Reading an order status is low risk. Processing a $500 refund is high risk. The permissions should reflect that difference.
The Economics
Nomad Goods calculated the ROI of their Pipeworks migration:
Fraud losses eliminated: $2,500-$4,100/month (average $3,300/month saved)
Time savings maintained: 82% of tickets fully automated, freeing the equivalent of 1.5 full-time support staff
Refund approval overhead: The human team spends approximately 45 minutes per day reviewing escalated refund requests — a small cost compared to the $3,300/month in prevented fraud
Net monthly impact: Approximately $3,100/month in savings after accounting for the platform cost and human review time
Key Takeaways
For e-commerce brands using AI for customer service:
-
Prompt instructions are not permissions. Telling an AI agent "do not process refunds over $50" is a guideline that can be overridden by a persuasive customer. Tool-level permissions are enforcement that cannot be bypassed regardless of the conversation.
-
Read-only is the right default for financial tools. The vast majority of customer service interactions only require reading data. Start with read-only access and add specific write permissions only where the business case justifies the risk.
-
Thresholds reduce risk without reducing automation. A $50 refund limit let Nomad Goods automate 94% of legitimate refunds while protecting against the 6% that needed human judgment. The threshold can be adjusted as trust in the system grows.
-
Activity logs close the feedback loop. Every refund processed by an AI agent is logged with the customer ID, amount, reason, and timestamp. Nomad Goods reviews these logs weekly to identify patterns and adjust their threshold.
What Nomad Goods Says
"We almost pulled the plug on AI customer service entirely after the fraud incidents. Pipeworks let us keep the speed and automation our customers love while adding the guardrails our finance team demanded. The read-only default was the single most important change — it turned our AI agent from a liability into an asset."
— Jake Moreno, Head of Customer Experience, Nomad Goods