Today, businesses are realising that a top-notch customer experience is the key to staying one step ahead in a highly competitive market, writes Signifyd, experts in commerce protection.

Enterprises are investing in loyalty schemes to elevate the online shopping experience for their most valued customers. Unfortunately, fraud rings have shifted towards account-based vulnerabilities and target loyalty schemes through sophisticated fraudulent techniques. Not only that, but individual customers and internal staff can also exploit loyalty schemes and commit fraud. The question is, what can you do to protect your business from loyalty fraud to reduce both brand reputation and customer relationship damage?

What is loyalty fraud?

Businesses all over the world are investing in schemes intended to reward their valued customers and increase brand loyalty. Merchants, airlines, and hotel chains are the organisations that are employing this technique the most. American Airlines’ loyalty programme, for example, can be valued “anywhere from $18 billion to $30 billion,” says CFO Derek Kerr.

Loyalty points are equivalent to currency, as they can be used to make financial transactions, and that’s what makes them appealing to fraudsters. They engage in excessive or fraudulent reward points redemption for unfair gain, which is considered loyalty fraud.

Nevertheless, loyalty fraud often remains overlooked by retailers. Loyalty points can easily be exchanged on the dark web, as there is minimal communication between the seller and the buyer, or they can be exchanged for gift cards, which can easily be converted to cash on many marketplaces. Another reason why there is an increase in loyalty fraud is that loyalty programmes are far less scrutinised by their account holders because they don’t see them as high risk.

The pandemic gave even more rise to loyalty fraud as neglected loyalty programme accounts are an easy target for fraudsters. People were using their miles significantly less to travel by air. The flight market revenue reduced from around £18 billion to around £5.1 billion between 2019 and 2020 in the UK. Although it’s slowly recovering, it will take a while until it reaches pre-pandemic levels, and loyalty fraud will still be an issue. Similarly, consumer spending on hotels and restaurants in the UK decreased by 42% between 2019 and 2020.

Types of loyalty fraud

The three most common types of loyalty fraud include account takeover, internal fraud, and customer fraud.

For you

Be part of something bigger, join BCS, The Chartered Institute for IT.

Account takeover

Account takeover or ATO as it’s more commonly known is a type of fraud that both retailers and customers have been battling for years. It involves stealing account holder credentials through a data breach, malware, or phishing, and using them to make unauthorised transactions or loyalty points redemptions.

During the pandemic, fraudsters became even more innovative in terms of their social engineering tactics, and they have come up with new methods to directly target consumers with the aim of stealing their personally identifiable information, according to a study by Javelin Strategy & Research.

Internal fraud

Employees can also commit loyalty fraud by exploiting their ‘insider’ privileges against the terms and conditions or the IT Systems of the loyalty programme. They may manipulate customers’ details steal unclaimed points, add extra points to their balances, or encourage customers to sign up for the programme.

Customer fraud

This type of fraud occurs when a customer finds a loophole or a hack to exploit the system for personal gain. For example, they can sell or transfer points illegally, claim air miles twice for a shared-revenue ticket, or create multiple accounts to earn more points.

How to protect your business from loyalty fraud

The risk from loyalty fraud is real for both businesses and customers. Thankfully, there are preventative measures that can be taken to stop loyalty fraud in its tracks before negative consequences occur, such as hard costs or damaged reputation and relationships.

  • Keep informed about the latest loyalty fraud methods to be able to mitigate the action quickly.
  • Regularly examine your loyalty programme for potential loopholes.
  • Always notify account holders if a data breach occurs and instruct them to carefully check their accounts.
  • Limit employee access to the loyalty programme data as much as you can.
  • Strengthen account access security by implementing multi-factor authentication.
  • Invest in a fraud-protection solution that uses machine learning and automation to prevent account fraud while providing a frictionless customer experience.

With the rise of loyalty programmes comes the rise of loyalty fraud that aims to exploit customer details for personal gain. Thankfully, with awareness about the various preventative measures, loyalty fraud can be minimised, and businesses can continue rewarding their valued customers.

To find out more, visit Signifyd’s ecommerce data report.