Loyalty Fraud: Experts Discuss Challenges Brands Face and Ways To Mitigate Impact

Brands face many challenges when maintaining a vibrant customer loyalty program that engages members, elevates the customer experience, and fosters brand affinity. While some challenges might seem obvious — getting internal stakeholder buy-in for loyalty efforts, leveraging the right technologies and trends to remain competitive in the marketplace, mastering the art and science of providing members with a truly authentic personalized experience, etc. — there is also a dark undercurrent sneaking below the surface of customer loyalty: fraud.  

A simple definition of customer loyalty fraud is when program members act in ways to gain points, perks, benefits, status, etc., that they have not actually earned. Activities might range from creating multiple accounts to take advantage of a one-time promotion more than once to earning a bonus through fake friend referrals to finding a loophole in a loyalty program that delivers unearned perks. Unfortunately, it’s not only customers and program members engaging in loyalty fraud. Employees may also commit loyalty fraud, entering their own information at a customer’s point of sale or abusing a promotional code for a discount. 

Loyalty360 spoke with supplier members and customer loyalty strategy experts about limiting fraud’s impact, setting automations to combat loyalty fraud practices, and ways to approach employee fraud within an organization. 

Article contributors:  

  • Cassie Preston, Director Customer Engagement and Strategy, Baesman 

  • Emily Merkle, SVP Analytics & Data Science, Phaedon 

  • Bill Schneider, VP Product Marketing, SheerID 

 

Loyalty Program Fraud  

Marketing and loyalty professionals know that program fraud comes in many forms, ranging from re-selling for points to fraudulent redemptions and return fraud. Baesman’s Preston notes that many of her company’s long-standing clients have safeguards in place to protect against fraud, including employee programs and/or eligibility requirements and identification and monitoring of re-sellers within their programs.  

“In some cases, a plan for ongoing monitoring for potentially fraudulent activity is enough to protect the program’s profitability and engagement levels,” Preston explains.  

Phaedon’s Merkle shares that clients see addressing fraud as important to mitigate liability but also to ensure brand trust.  

“The most prevalent customer loyalty program fraud today remains account take-over/redemption fraud,” states Merkle. “When fraudsters gain unauthorized access to accounts and redeem points, it doesn’t just have financial impact but also erodes trust — calling into question the brand’s ability to keep member data secure.”  

In addition to account take-over fraud, Merkle notes a more recent uptick in promotion fraud, including the creation of multiple accounts to exploit sign-up bonuses and then merging or redeeming rewards shortly afterward. Another is targeted promotions to unintended customers, who then receive and redeem the bonuses. To prevent this, Phaedon ensures rules related to promotion behavior are enforced within client platforms to stop many of these issues along with helping clients think through promotion awards and how they could be exploited.  

In efforts to drive loyalty, SheerID’s Schneider reports that a growing number of brands are using gated offers with communities such as students, teachers, and the military. Consumers who receive offers report feeling appreciated and valued, which increases their lifetime value. For example, Back Market, a refurbished electronics retailer, reports a 30% higher customer lifetime value (CLV) for their student community compared to their typical customer.   

“The two most common ways we help our clients combat customer loyalty program fraud involve verification,” says Schneider. “We verify the person is truly a part of the particular community (e.g., they are an enrolled student) by connecting with the authoritative data source, such as the office of the registrar for a university. We also verify that the person is who they say they are by checking a government ID or doing a liveness check.”  

 

Limiting Fraud’s Impact  

Some brands are aware of and are “okay” with some forms of “gaming” and fraud (e.g., family members sharing accounts), but they want to limit the most egregious forms (ones that impact the brand the most). Organizations must determine what approach they should take to limit fraud’s overall impact on the brand.   

Schneider recommends that brands limit the number of times an offer or loyalty reward can be used by an individual account holder. SheerID calls this a “single-person limit.”  

For example, the brand can decide that an offer — such as a set of points or an experience — can only be used once per month by a particular person. When someone redeems an offer, they use up their permission for that month, and then it turns over after 30 days. This can be customized by the retailer.   

Preston notes that limiting fraud’s impact is a common challenge across many retailers because of the various forms of loyalty program fraud.  

“Brands should focus on addressing fraudulent behaviors that have real financial implications for their business, all while protecting the customer experience for brand loyalists,” says Preston.   

The approach Baesman proposes to its clients when they suspect fraudulent activity associated with their loyalty program includes the following:  

  • Identify potentially fraudulent activity — Understand the key metrics to spot potential program fraud.  

  • Size the impact — Size the financial impacts (both positive and negative) of suspected fraudulent behavior.  

  • Act accordingly — Based on the data, identify swift actions when necessary, as well as ongoing monitoring cycles to prevent and protect against future fraud.  

Merkle warns that brands should carefully consider the potential positive and negative impact of removing fraud, as introducing fraud screening can increase costs and drive consumers away if not done correctly.   

“Brands should map out all forms of fraud, including ‘gaming’ the program, and understand the impact, costs, and technology necessary to address each issue to prioritize their focus,” says Merkle. “It’s critical to differentiate between purely fraudulent behavior and ‘gaming,’ as consumers may not view ‘gaming’ as fraudulent and may leave the brand if it’s fixed.” 

 

It’s a Balance  

A great customer experience must be assured, yet some brands struggle to balance security and customer verification (e.g., SMS verification) without making a negative impact. 

Ease of use remains critical to capturing and maintaining member engagement. Meanwhile, opt-in regulations have become increasingly strict over time, and multi-step verification continues to be part of a consumer’s everyday life. Preston believes that brands doing this well will often find they can collect more data, get more customers to opt in, and see higher customer lifetime value.  

To achieve customer verification without negatively impacting customer experience, Phaedon partners with brands to implement strategies prioritizing both security and convenience. Merkle shares that one approach is to offer customers the option to choose their preferred method of verification, including SMS, email, or app-based authentication. This allows customers to use the method that is most convenient for them while still maintaining a high level of security.  

Another strategy is to implement intelligent authentication systems that can adapt based on the risk level of the transaction. For low-risk transactions, brands can use less intrusive methods of verification, such as one-time passwords sent via SMS or email, whereas for higher-risk transactions, brands can require additional verification steps, such as multi-factor or biometric authentication, security keys, authenticator apps, and more.  

SheerID recommends that brands choose a progressive fraud mitigation approach that provides additional fraud checks based on signals that are picked up during the signup process.  

“We verify to make sure that a record is eligible to receive an offer,” begins Schneider. “In the background, we work with third-party fraud vendors to analyze signals such as the person’s IP address, geography, and device ID to see if that record has been tied to fraud in the past. What’s important is that these checks are made in a progressive format so that you’re intelligently adding additional fraud checks when a fraud signal is detected, like someone posing as a U.S. college student from an IP address in Belarus. To optimize revenue performance, it’s important to minimize friction for eligible customers while adding progressive fraud checks for potentially bad actors.”  

 

Setting Automations that Limit Fraud 

Brands need to vet and determine what automation within technologies can be used to work behind the scenes and limit fraud — while still providing customers with a frictionless customer experience. 

“Brands can work with their data, analytics, and financial teams to understand the primary fraud considerations for their loyalty program and create business rules on how the loyalty platform should function in those scenarios,” says Preston.  

Ongoing monitoring enables brands to be prepared for any potential breach or fraud issue, which means brands won’t lose time spending weeks understanding and sizing impact. Preston explains that over time, brands will be able to spot trends and implement safeguards to protect program profit — and customers who are playing fairly in the program.  

Phaedon leverages fraud models running behind the scenes to flag potential fraud cases before points are used or redemptions are made. Points are held “in suspense,” so they cannot be used until the transaction has been verified. Merkle explains the team at Phaedon helps clients identify the optimal fraud threshold for records that should be manually reviewed within the context of a client’s capacity and risk tolerance to ensure members have ready access to their points while still minimizing fraudulent behavior.   

 

Employee Fraud  

Some brands have expressed a growing concern about employee fraud. Loyalty360 asked the expert panel what they were seeing regarding employee fraud and what steps brands should take to address it.  

“Employee fraud is occurring in both call centers and on-property locations, such as when hotel employees post fraudulent stays, resulting in points being issued and redeemed,” says Merkle.  

To combat this, monitoring and reporting should be created for both corporate and individual properties’ employee behavior, including an alerting process for out-of-bound thresholds. Proactive reporting and platform rules related to agent behavior are necessary to combat this type of fraud, such as monitoring manual actions taken by agents and limiting the number of manual activities an agent can take.  

“Training and awareness of the monitoring program can also deter bad behavior and educate about the impact of fraud upon the brand,” adds Merkle. 

Schneider points out that employee discount abuse can be a challenge, too.  

“On one hand, you want to empower employees to help serve customers who are having issues redeeming a special offer in the store,” acknowledges Schneider. “On the other hand, you want to make sure that an employee doesn’t abuse that power. Our recommendation is to provide an associate override code tied to a particular store.”   

Retailers can then measure how often that override code is being used. By tying the override code to the store level, brands can determine if certain stores have particularly — and in certain cases, alarmingly — high rates of giving out discount codes. Brands can then speak to employees within those stores one-on-one, hold formal training sessions, or simply change the employee override code more frequently.   

Preston agrees that it’s imperative to provide field training alongside a loyalty program selling strategy to ensure employees understand program rules and how to properly apply them. Front-line associates must see the program as a value they can offer to get their customers to spend more and become more brand loyal.  

“Often, we find that brands have employee-specific programs or exemptions within the program for employees that remove any potential for employee fraud,” finishes Preston.  

Truly, a proactive approach by the brand to educate and inform employees on how loyalty fraud impacts the overall business helps lead them to a position where they can assist in mitigating risk while deepening their own loyalty to the brand.  

Recent Content

Membership and Pricing

Videos and podcasts

Membership and Pricing