Site icon Merchant Fraud Journal

Loyalty Fraud

TheDigitalArtist / Pixabay

Loyalty Fraud is when a fraudster gains unauthorized access to an account tied to a loyalty rewards program offered by a merchant. The fraudster then either takes direct advantage of the points themselves, exchanges the points for goods they can resell, or uses the points as a pseudo-currency to make purchases on the dark web.

Companies of all sizes struggle with this problem. Customer loyalty is an important factor for success in digital marketplaces. In fact, 74% of marketing and customer experience professionals say customer loyalty is central to their plans for long-term customer retention. Consumer research backs them up. Three in four consumers actively participate in three or more loyalty programs regularly. Therefore, there is great incentive to run large loyalty programs that provide customers with high amounts of value. They are here to stay.

Unfortunately, that high-value attracts fraudsters. The cash value of loyalty program rewards offered in the US alone is at least $48 billion. Specializing in this kind of fraud offers a large pool of potential targets.

In addition, customers remain overwhelmingly lax about securing loyalty program accounts. Many companies only require a username and password to access these accounts. In an era of increasing 2FA security (especially among millennials and the generations after them), this makes loyalty accounts a relatively easy target for fraudsters.

Types of Loyalty Fraud

Three types of loyalty fraud exist:

Prevent Loyalty Fraud

Successful loyalty fraud schemes usually occur due to account holder or merchant apathy. Despite their value, the value of loyalty programs are both long-term and illiquid assets. As a result, there is a tendency to overlook them. This makes them an easy target for fraudsters. Often, neither the merchant nor the account holder realizes a problem exists until it’s too late.

Both account holders and merchants can take steps to prevent loyalty fraud.

The High Consequences of Failing to Protect Customers High

Data privacy is increasingly important to customers. Merchants do their best to prevent the data breaches that lead to loyalty fraud. However, hackers are skilled at bypassing merchants’ defenses. Unfortunately, successful attacks can and do occur in all consumer facing industries.

Increased customer awareness of the problem increased regulators’ awareness. The European Union GDPR Directive requires companies doing business with Europeans to protect customer data. The EU already handed down several fines for non-compliance with the directive. Regulatory oversight across all jurisdictions should increase in the future. In the US, failure to comply with HIPAA data protection regulations can result in a $50,000 per compromised customer.

In addition to regulatory fines, companies also face breach remediation costs on their systems’ backends, as well as lawsuits from customers. This last point is arguably the most important. Companies forced to make public admissions of data breaches lose customer confidence and loyalty.

Here are a few examples of successful loyalty fraud by industry:

Increased Opportunity Means Increased Fraudster Activity

Merchant incentives to increase the value and scope of customer loyalty programs means the problem will not go away. However, the tools to prevent loyalty fraud exist. Companies can take steps to increase their own preparedness, as well as customer awareness of the problem.

To learn more about the fraud prevention solutions working to prevent this ongoing and serious problem, check out Merchant Fraud Journal’s special report about how to protect yourself from the biggest fraud trends in 2020.

 


Sources:

https://martechseries.com/sales-marketing/customer-experience-management/74-marketers-cx-professionals-say-customer-loyalty-driving-digital-experience/

https://www.retailtouchpoints.com/topics/crm-loyalty/points-based-rewards-motivate-loyalty-among-all-generations-of-shoppers

https://www.thewisemarketer.com/data-and-privacy/loyalty-fraud-10-questions-with-laura-hurdelbrink/

https://www-03.ibm.com/press/us/en/pressrelease/53646.wss

https://www.bankinfosecurity.com/blogs/radisson-suffers-global-loyalty-program-data-breach-p-2677

 

 

 

Exit mobile version