Consumer rewards programs are widely used in marketing today, with a variety of brands shaping their own program. From Starbucks® to your local grocery store chain, to hotel giants and even car dealerships, consumers are inundated with rewards possibilities. Whether it pertains to points awarded on every dollar spent toward a future discount or miles earned for airline purchases, these programs all vie for consumer attention. Even more astonishing is that, according to Colloquy, there is more than $48B in outstanding value across all these types of rewards and loyalty programs in the United States. And where there is attention and high financial value, there’s also a high-risk for fraud.
Reasons to Beware — Multi-Billion Dollar Opportunity
Customer loyalty programs are as susceptible to fraud as traditional payment cards, but the risk has still remained relatively low. For starters and in the case of rewards tied to payment cards, a fraudster will prefer to access any available lines of credit or immediate funds availability, which all carry a substantially higher value proposition and opportunity than the rewards currency value. Although rewards points or miles technically do not carry any “cash” value as outlined in the various and many cardholder terms and conditions, they are in fact being used as a currency in exchange for a good or service both online and at the point-of-sale. With a market value in the billions, the fraud occurrences might be low, but the risk is very real.
”Friendly Fraud” — Resulting in Real Costs
There aren’t many well documented cases of Customer Loyalty fraud, at least not a mass scale, as most are isolated instances. Not surprisingly, the majority of fraud cases in the loyalty and rewards space are what’s known as “friendly fraud.” In other words, there is a direct connection or relationship between the victim and the offender. For example, a daughter or son infiltrates a parent’s account and cashes-in the outstanding rewards balance.
Larger cases generally have been simple employee theft. For example, traditional paper-based customer loyalty programs – the kind where you needed a card punch or a sticker – were often subject to fraud because they were easy to manipulate. Furthermore, employees were able to easily steal stickers and give extra card punches to their friends because purchases could not be tracked.
The move to digital rewards programs has dramatically lessened fraud losses, although it hasn’t made them fraud proof. Employees know the ins and outs of how the systems work, and have access to the data they need to manipulate them. In fact, in one prominent case, an IT employee in London rigged an account with points that would have required more than $10 million in purchases to accumulate, according to Consumer Insight Group. Before being caught and taken to court, the individual cashed-in for the equivalent of $13,000.
Ways to Protect Your Customer Loyalty Program
In order to limit liability and overall risk, financial institutions and retailers must safeguard their reward programs. That includes program guidelines, controls and a monitoring process. Here are some examples.
- Exception reporting that highlights unusual activity, such as:
- A surge in employee access and time spent on the customer loyalty program database
- A variance in redemption activities
- Repeated unsuccessful login attempts to the rewards website
- New shipping addresses or other uncommon updates to customer profiles
- User-defined roles that limit or restrict access
- Ongoing audits and security reviews
The threat of fraud to customer reward programs is real, and financial institutions and retailers must be cautioned about relaxing their guards just because a surge in fraud has yet to occur. Failure to implement preventive measures, including proper program monitoring, could result in a major impact to your bottom line.