Nearly 90 percent of US consumers are enrolled in at least one loyalty program while the total value of US rewards accounts exceeds $60 billion, but what are organizations doing to protect these loyalty points? Merchants must consider the brand risk and what the fallout might be if a loyal customer suffers rewards or points theft.
Consumers in the United States enrolled in loyalty programs belong to six programs on average. Globally, the value of loyalty program rewards exceeds $250 billion. Fraudsters often target stealing these reward points because it is a path of least existence. While loyalty point theft may not show up as a chargeback, it does cost organizations money. Typically, the fraudster is able to redeem the loyalty points, effectively stealing from the merchant or organization, then to reconcile the issue with the victim consumer, the organization will reimburse them for the points that were stolen. Beyond the financial loss, there is also brand risk.
Loyalty point theft is requires a couple of steps. It begins with account takeover of the consumer account with a loyalty point balance, and then a way to redeem or transfer those points. Synthetic identities are often presented either as a recipient of good or service or through the creation of new account where loyalty rewards balances could be transferred or shared.
Organizations should look for suspicious activity around the redemption of loyalty rewards, particularly when applied to purchase gift cards and it digital or physical gift cards, goods or services are redeemed and delivered to a new or different email address or physical address that has not been used previously.
Not only are loyalty points the target of theft, but fraudsters will partake in enrollment fraud, or creating accounts for the sole purpose of committing fraud and abuse to gain loyalty points. These accounts are usually created with synthetic identities and exploit undesirable ways to rack up loyalty points, such as submitting orders before later canceling or returning them in hopes that the associated loyalty points won’t be clawed back.
It is natural for organizations to focus on “hard” fraud with direct financial losses, but fraudsters are increasingly moving to “soft” fraud schemes and forms of abuse that often fly under the radar. Ravelin reported that 49 percent of eCommerce businesses experienced an increase in promo abuse. A new white paper from The Fraud Practice focuses on these soft fraud events, with a particular focus on detection and mitigation from the start, at account opening.
For more information: