Blog
Fintech

Klarna Glitch: Soft Credit, Hard Losses

January 7, 2026
5 minutes
Yuqi Chen, Jovienne Lou, Michael Wang

Over the past few days, a so-called “Klarna glitch” has gone viral across social media. Videos and posts flooded TikTok and Telegram, claiming that shoppers have found a way to buy high-value electronics using Buy Now, Pay Later (BNPL), and simply walk away without paying. Companies such as BestBuy fell victim, with employees having sneaking suspicion of scams, but no evidence of fraud attempts showing up in their merchant system.

As quickly as the story spread, it became clear that there was no actual glitch in Klarna’s systems. What this episode really exposed is something far more important, and far more relevant to risk leaders: a structural blind spot in application fraud detection.

A snapshot of TikTok videos on exploiting Klarna glitch

Image source: https://www.youtube.com/watch?v=9x6U5V7PDxk

A Risk Boundary Problem

From the outside, the narrative is easy to misunderstand. If transactions were approved and goods were released, surely something must have “failed.”

To start with, let’s follow the tutorials from the TikTok and see how fraud is conducted.

  1. Legitimate identity data is misused. Fraudsters get fullz (a whole suite of personal identity information) from forums or underground market that often involving real consumer profiles with strong credit histories and no prior Klarna usage.
  2. Account creation and credit approval appear normal, because the signals being evaluated — identity structure, creditworthiness, transaction limits — remain intact.
  3. Risk controls are passed, not bypassed, as the activity stays within expected thresholds at the moment of decision.
  4. Products are flipped on the second market, especially those comes in high-value like Apple product or gaming devices.
Tutorials on exploiting Klarna glitch with stolen identity data

Image source: https://frankonfraud.com/the-klarna-glitch-that-isnt-inside-the-new-viral-trend/

BNPL Application Fraud

As a consumer credit model with global reach, BNPL has taken off by offering low or zero interest, soft credit checks, and flexible installment plans. It has quickly won over younger consumers and become a core layer connecting e-commerce, retail, and everyday services.

But those same “low-friction” characteristics are also what expose BNPL to new, systemic risks in the age of social media. Take Klarna as an example, users can sign up and access the service without an upfront credit check. When a BNPL payment is triggered, Klarna makes a real-time decision using the customer’s provided details and a soft credit check via credit bureaus. Identity verification and credit evaluation are performed using the information provided by the user, with decisions optimized for speed and accessibility rather than deep, persistent scrutiny.

This assessment is designed to be fast and non-intrusive, which supports conversion. But also means that at the moment of approval, signals around identity ownership and downstream intent can be limited.

At the same time, social platforms reshape how behavior spreads. By appealing to imitation and perceived opportunity, they allow misuse to propagate virally - what traditional controls were designed to anticipate fell short this time.

In general, this fraud wave is not an isolated incident. It exposes a shared challenge facing the entire BNPL industry: how to strike the right balance between ultra-fast approval experiences and a commercially viable level of risk control.

The solution isn’t adding friction everywhere. It’s designing a layered, end-to-end risk framework that adapts in real time and intercepts risk at multiple points in the flow.

Balancing Soft Credit with Hard Risk Realities

At onboarding, the priority is identity ownership.

The goal goes beyond from validate identity data, but to confirm that the person applying is the rightful owner of that identity, without adding unnecessary friction for legitimate users. In BNPL fraud cases, identity data may look clean, structured, and fully compliant with database checks, while the actual operator behind the screen is not the rightful owner.

Using OCR (Optical Character Recognition )*, identity documents can be structured and parsed efficiently, while liveness detection and facial matching help verify that the person operating the account is the actual holder of the identity.

At credit decisioning, the focus shifts to identify patterns.

The most damaging BNPL fraud patterns are those where each action appears acceptable on its own, but becomes suspicious when viewed in combination. This requires looking across multiple dimensions such as devices, contact details, addresses, and usage behavior to identify abnormal aggregation.

Examples include:

  • repeated account activity tied to the same or highly similar device environments,
  • unnatural overlaps across identity attributes that wouldn’t typically converge in real consumer behavior,
  • multiple accounts exhibiting nearly identical application and usage patterns within short time windows.

None of these signals are technically decisive on their own. But when they converge quickly, they point to coordinated activity rather than organic usage.

What Can Merchants Do?

Moving beyond application fraud, it's also important to keep an eye on the user transaction and fullfilment as its the final safeguard.

For merchants like BestBuy, the key is to detect aggregated transaction anomalies. By analyzing transaction behavior at scale, platforms can spot patterns such as concentrated purchases of high-value, easily resold items, transaction volumes that deviate from historical norms, or highly consistent behavior across multiple accounts. For instance, a surge of similar electronics purchases across the same stores within a short window is unlikely to reflect normal consumer activity and may indicate coordination.

Lesson Learned

The “Klarna glitch” wasn’t a bug. It was a reminder that in BNPL, fast approval doesn’t equal resolved risk. Soft credit and low-friction flows work well for real users, but when behavior spreads virally, fraud can pass checks by simply looking normal at scale. The real challenge isn’t speed — it’s knowing when to reassess trust after approval.

*OCR (Optical Character Recognition) enables identity documents to be “read” by machines, converting images of IDs into structured, digital data that can be verified automatically. This is typically combined with facial comparison, which checks whether the face on the document matches the person presenting it, and liveness detection, which confirms that the interaction is happening in real time with a real person. Together, these capabilities form the foundation of secure, fast, and reliable digital identity verification.

TL;DR

  • “Klarna glitch” wasn’t a system glitch but a typical application fraud at scale
  • Soft credit enables growth, but limits visibility at approval
  • Social platforms could turn normal behavior into repeatable abuse
  • Effective BNPL risk management should combine identity ownership checks, pattern detection, and post-approval monitoring

Resources

https://frankonfraud.com/the-klarna-glitch-that-isnt-inside-the-new-viral-trend/

https://www.klarna.com/us/customer-service/klarna-perform-credit-check/

https://trustdecision.com/articles/buy-now-pay-later---a-paradigm-shift-in-consumer-finance

Now available on
Watch on YouTube
Listen on Spotify
Download the White Paper
Table of contents

Related Posts

See All
See All
See All
See All
No items found.
Privacy Policy
Copyright© 2026 TrustDecision. All Rights Reserved
Back to top