Though the term “loyalty” signifies a close bond between two parties, some consumers often take advantage of the trust companies put in their customers. In recent years, customer loyalty programs and strategies have been the subject of fraudulent activity in a variety of ways, causing brands to think twice about the balance of simplicity and security.
Loyalty360 hosted a Digital Roundtable with various brands in different industries to discuss the trends, patterns, and challenges with customer loyalty fraud and program gaming. Participants were asked a variety of questions and held discussions surrounding topics like:
- Instances of fraud and gaming with your loyalty programs.
- The types of fraud seen and what they are focusing on.
- Internal processes/SOP to identify and limit fraud.
- The effect COVID has had on fraud.
Participants ranged from frustrated restaurants, retailers, and more that united to discuss the intricacies of fraud and how to combat fraud in the coming years.
External Fraud
Most discussions around fraud circulated around the customer loyalty fraud that pertained to their specific business. For example, a representative from a prestigious retailer described their situation as full of “resellers” - fraudsters who buy an in-demand product for the purpose of selling them at an inflated price. Resellers will typically purchase during product drops, where the excitement is at an all-time high and where loyalty members get priority to purchase. Resellers will typically set up multiple accounts to amplify their chances of buying several items. This process is hard to stop since the organization finds it difficult to know if they are dealing with a reseller or a consumer with money to spend.
“Here’s the same person who won and purchased the same item 20 times, and they’re clearly the same person,” says the retailer. “We need to put a stop to their account in the future. They got us here but moving forward, hopefully, they won’t. It’s a rinse/repeat – they’ll start to set up new accounts and then do the same thing.”
Scarcity played a massive part in that issue, but other companies didn’t have the exact problem. We spoke with a restaurant chain that said their industry is riddled with scammers who will typically commit fraud via false complaints, citing falsehoods such as their food order was incorrect but already eaten. The chain first realized their loyalty program was being taken advantage of when people created multiple accounts to redeem the “Free Food on Your Birthday” offer, which required no prior purchase to use. In fact, before revision, a customer had created 6,000 accounts in a few days via bots to cheat the system. Aside from this, delivery drivers sometimes did not collect physical coupons, leaving customers to reuse the credit. As the platform has shifted digitally, this chain has found better success.
Another retailer spoke at length about customers abusing the return policy. Consumers would come to the store, purchase items in bulk -and return the next day once points were added to the loyalty program system. The accumulation of points quickly created an issue, and the organization fixed it by making the return window much smaller than before.
Most troubling was insight provided from one of our supplier partner members, Clarus Commerce, who described the threat of hackers and cybercriminals who don’t go into members’ loyalty accounts just for rewards, but personal information, as well. Their insight helped shed light on how multifaceted loyalty fraud has recently become.
“Loyalty and engagement programs are data-rich in personally identifiable data, as well as in valuable rewards and benefits,” they said. “Especially high-valued program members who are banking their currency for larger rewards/benefits.”
Internal Fraud
A surprise to many, fraud takes place from within the workplace, as well. However, this occurs far less than external fraud and remains a minor issue in the grand scheme.
During our Digital Roundtable session, one brand representative said employees weren’t aware they could be part of the loyalty system at first. However, once signed up, its struggle with internal fraud began. She says that workers have applied their points to other consumer transactions, causing concern for the company. To combat it, they have worked to foster a welcoming and positive environment that employees wouldn’t want to steal from the brand, hoping this method proves successful in the long run.
Tom Madden, Managing Partner, Loyalty and CRM at ICF Next, believes training is crucial for stopping internal fraud.
“First and foremost is education employees on the ethical side of why fraud matters and what to watch for,” says Madden. “This is really to reinforce the damage it ultimately does bring to the company’s reputation and risk it presents to the company and employees.”
Brierley, another Loyalty360 supplier partner member, established that while internal fraud is an issue, it is not widespread and consists of discernible practices. For example, employee fraud usually occurs when there is “widespread propagation of an employee discount,” meaning they are misusing their discount on various transactions to reap the rewards. This firm also noted multiple discounts being applied when they needn’t be.
“That pattern is easily identifiable at a threshold level through a simple algorithm,”
says Don Smith, Brierley Chief Strategy and Analytics Officer. “We go, ‘This could not have happened – this employee made three purchases in an hour. Immediately notify the store team.’ We can do that, and it’s very easy to detect and stop.”
COVID’s Impact on Fraud
When businesses went into lockdown in March 2020, that’s when fraudsters became even more clever, said Brierley.
According to them, customers have become brilliant and exasperated in appeasement fraud during COVID, which occurs when a customer repeatedly brings up issues with a product and tricks companies into rewarding their behavior. As the firm says, customers didn’t have to complain in person, and as a result, reported their “issue” to get 1,000 easy points every time. This method is especially troublesome due to the highly popularized “the customer is always right” mindset many brands adopt.
Another sector deeply impacted was the travel industry.
PrizeLogic explains that consumers were traveling less during the peak of the pandemic, leaving many accounts full of unused points. Hackers took note of this and quickly found their way into the accounts, reaping the rewards. Fortunately, this sudden change in account behavior was easy to notice, and more importantly, stop.
However, ICF Next’s Madden says otherwise.
“Early on, when there were large lockdowns in different parts of the world, we actually saw that fraud was a bit less, because there flat out wasn’t as much activity going on, but as the pandemic progressed we saw those levels return.”
Standard Operating Procedures
When faced with fraud, companies will hopefully have standard operating procedures (SOP) in place to mitigate the threat and recover. When asked about their SOPs, Digital Roundtable participants had a variety of answers.
A retail brand spoke at length about their SOP’s focusing on the question of “How do we proceed?” after fraud takes place. Their first goal is to track the fraudster. From there, key performance indicators (KPI) are measured daily to keep fraud trends under tabs. For example, if the team sees a member’s coupon/promo line go from a few hundred in a month to a few thousand in a month, they suspect fraud and investigate. By watching intently, they can hopefully stop fraud before it happens.
Another brand member during the meeting mentioned that they are more methodical in their SOP and internal processes. While they do have a loyalty provider, metrics and KPI’s haven’t been set up yet that will ease their fraud detection. Now, the chain is figuring out the system that works best for them as they go along, a sentiment echoed by many participants, even those with measures set in place.
However, this non-committal state is worrisome to Clarus Commerce.
“I can’t imagine not having SOPs, but I do understand competing priorities that businesses face on a routine basis,”
says Clarus Commerce. “But the great thing about data security, fraud prevention, best practices, and compliance is that there are plenty of knowledgeable experts who can provide guidance, best practices, and assistance on a contracted basis. Making the investment of this type on the front end usually tends to save your bacon on the back end.”
Loyalty360 Supplier Partner Member Cheetah Digital agrees with Clarus Commerce but suggests SOPs are the last step of the process.
“It all starts with the design of a program – understanding the program, conducting a fraud audit, and determining where you could be at risk,”
says Patrick Tripp, SVP of Product Marketing for Cheetah Digital. “Standard operating procedure is key, but it’s one of the last things in the value chain of your strategy.”
Can Fraud be Eliminated?
An ambitious task, but it’s the question many want to know: can fraud be eliminated from loyalty platforms? Unfortunately, the answer is no.
However, participants in the Digital Roundtable discussion agreed that mitigating it as much as possible is critical. The general attitude among members was one that acknowledged fraud would be hard to stop completely, so they ought to focus on areas that hurt the company most.
“Fraud should not be tolerated, if possible,”
says SMG Research Director Kurt Cederman. “It is not only a drain on resources (incentives, time spent cleaning data, etc.), but it makes results less reliable.”
However, PrizeLogic posed several questions that truly demonstrate how cutting fraud is a tricky subject.
“If the cost of eliminating fraud is greater than the cost of fraud itself, then is it practical from a business standpoint to eliminate it all or efficiently minimize it?” asks PrizeLogic CMO Matt Kates.
His question shows the complexity of eliminating fraud. Is it practical to even try? Many will put hours, finances, and more into this process, while it may not be worth it. What’s more, companies can put fraud security measures in, but it might ruin the customer experience and ease of use for the innocent majority not participating in fraudulent activities.
“Yes, you’re stopping that last small fraction of a percent of fraud that the other mechanism might not have caught,” says Kates. “But you adversely impact all of the honest consumers, and that’s who you got to be fair to.”
Regardless of how it’s done, many agree that fraud has no place in businesses, and it’s a matter of trying to be rid of it as much as possible. Time can only tell if various SOPs and safety protocols can be developed to eliminate it outright.