As loyalty programs grow in popularity and scale, so do fraudsters. As in other cases, the best defense against program exploits and fraud attempts is to be prepared. As a loyalty program operator, you need to develop the skills and knowledge necessary to protect your profits but also, even more importantly, keep your members’ data safe. To effectively prevent fraud, you need to be aware of who may be committing the fraud:
We can call them hackers. They want to get hold of account data and payment information, steal points and sell them somewhere on the dark web. They typically target hundreds of accounts during one attack.
- The fraudsters take control of existing loyalty member accounts and later use them to redeem or transfer points
- Fraudsters use their technical know-how and resources to exploit security vulnerabilities within the loyalty system
Your Program Members
These are typically customers that are already members of the loyalty scheme. Fraud by loyalty scheme members isn’t typically conducted at scale. They want to gain personal benefits from single actions.
- Redeeming points simultaneously over multiple channels
- A customer buys an item, earns and burns loyalty points, and then returns the products purchased
- Using fake personal details to register multiple loyalty accounts to earn points and transfer them to the main loyalty account
Insiders and Users
They have access to the loyalty program infrastructure: back-office users, cashiers, or contact center agents. Insiders are trying to add points to their accounts or the accounts of family and friends. Employees are more likely to have access to account management systems and may tamper with protections to avoid detection.
- Unauthorized points correction
- Using their own loyalty card instead of member’s during transaction
Fraud-caused losses can be costly – both financially and in terms of losing customer trust. With this in mind, keep your program safe by monitoring all suspicious behaviors, and clearly defining user responsibilities and access rights. And – don’t forget to set up a system for identifying and implementing counter-measures for any emerging fraud risks.
You may also like: