How Loyalty Program Fraud Takes Travel & Entertainment for a Ride
Rewards and other perks for repeat patrons are a great way of encouraging customers to keep coming back. But these same value-added services can also cost businesses in the travel and entertainment industries millions each year through loyalty program fraud.
How Criminals Use Stolen Data to Cheat Loyalty Programs
Loyalty programs represent huge reserves of value being carried on travel and entertainment businesses’ balance sheets. As such, they are increasingly popular targets for fraudsters. Consider, for example, how one might employ a botnet attack to rack-up unearned points:
- The criminal acquires stolen cardholder information in bulk.
- The criminal deploys a botnet attack to buy numerous tickets with an air carrier.
- These transactions accrue thousands of loyalty points.
- The criminal cashes-in or transfers the loyalty points before the fraud is discovered.
- The cardholder discovers the fraud and files a chargeback to recover the funds.
The carrier loses profits generated from the ticket sale and is responsible for applicable chargeback fees. It also loses the value of the loyalty points redeemed by the fraudster, and if the breach is discovered too late, the carrier won’t even have time to resell the ticket to recoup some of the lost revenue.
Stealing Unused Loyalty Points
More than $48 billion in airline miles and other rewards benefits went unredeemed as of 2016. Customers often forget about these rewards, making them a very enticing target for fraudsters—skilled criminals who hack into customers’ accounts to access and redeem program points.
Fraudsters might also steal from customers who are saving their points over long periods of time. This form of loyalty fraud carries the added baggage of depriving legitimate customers of their cash-equivalent points.
Some of the most popular targets for criminals redeeming customers’ points include:
- Digital gift cards
- Flight upgrades
- Plane tickets
- High-value merchandise that is easy to resell
Hackers steal millions of dollars in reward point value each year. Like other fraudulent attack schemes, the criminals responsible leave the merchant on the hook to reimburse customers for the reward points already redeemed.
Here, the real danger of loyalty program fraud is that the damage is already done by the time merchants recognizes a breach. With airline tickets, for example, the fraudster hits a merchant, then leaves their victim to deal with angry customers and lost opportunities for ancillary revenue. Even worse, each ticket stolen by a criminal is a seat that the carrier cannot sell, costing them several hundred dollars per attack.
The Essential Guide to Global eCommerce
Our new whitepaper takes a close look at eCommerce practices around the world. We carefully examined data on markets from Africa to Asia and beyond, all to assemble a thorough, predictive picture of where eCommerce is headed over the next several years.FREE DOWNLOAD
How to Address Loyalty Program Fraud
Loyalty programs are a great way to boost customer retention and turn casual shoppers into die-hard supporters. To be effective, however, programs must go hand-in-hand with practices aimed at preventing loyalty program fraud. To make this approach work for you, be sure to adopt necessary precautions such as:
Look to the Experts
Of course, there is only so much businesses can do to identify and intercept these attacks. While many of the same tools and strategies used to fight traditional fraud are applicable to rewards programs, it’s difficult for businesses to manage so many kinds of fraud.