Loyalty Fraud: Combatting the growing trend
As companies build their defences against credit card fraud, fraud is rapidly being driven into the loyalty channel, according to Michael Smith, managing partner for Airline Information, which has published research into possible areas of weakness among loyalty reward programmes and their solutions.
Loyalty fraud has been around at least since American introduced the AAdvantage scheme some 30 years ago. During this time the fraud mainly centred around two groups of people: Employees who, for example, might swipe their own FFP card when customers were buying onboard duty free to earn extra mileage; and travel agents, who appear to sell highly discounted tickets but are, in fact, booking the seats using bartered miles (and of course, many of those so-called travel agents are not legitimate agents).
So, the first question the survey asked of loyalty programme operator was whether or not they have a problem with loyalty fraud. Perhaps not surprisingly, the overwhelming majority of respondents said they do have a problem. However, what is more interesting is 18% said they didn't have a problem and 10% don't think they have - which should be worrying for those that are being defrauded but simply don't know it.
As a follow up question for those companies that didn't think they had a problem or that they had no problem the survey asked why. Almost 40% of them had placed their faith in their systems to prevent fraud and some offered other loyalty incentives (other than points/miles) which lowered the ability to be defrauded.
Given that the majority of respondents say they have a problem, our next question turned to the scale of the issue. Trying to quantify the amount lost to fraud can be a difficult exercise and as this research was designed to understand more about the issues, rather than the financial amount lost, that question was specifically not asked. Instead the focus was on if it was a growing problem.
Of the respondents to this question (i.e. the ones that have identified that they have a fraud issue, so it excludes people who say they haven't got a problem) almost half said it was growing fast.
We then wanted to understand better where the frauds were coming from. Were they the long established frauds or were they new ones? We asked respondents to rank a range of different fraud types in terms of what they believed was the lost financial value. Staff frauds, like the example of the flight attendant using their own card for duty free can often be spotted by simple rules - watching for large numbers of transactions and are, therefore, easier to catch. However, catching "agency" frauds is much harder.
And that appears to be borne out the numbers. Agency fraud was ranked in the top three for 12% of respondents. Staff fraud was there too, being ranked in the top three by 12% of respondents. However, by far the biggest concern rated by respondents was customer fraud.
The customer fraud is now made up of two sub-categories. The first is where the customer is the victim of fraud - where their account is compromised and taken over and the second is where the customer is committing the fraud themselves. Loyalty account take over had the highest number of respondents ranking this as their number one problem. When read with the fraud growing significantly responses it could be tempting to draw a conclusion that this new type of fraud is behind the increase overall.
Another new area of fraud was customers buying miles using stolen credit cards. This ranked as a top three issue for the same number of respondents as account loyalty take over, however, it was their second/third concern rather than the main one. However, we know from one airline who sold 25 million miles to customers that were using stolen cards (they managed to recoup 23 million of them once they had discovered the fraud) that it is an area of concern.
Other areas that registered but were not the main areas were customers double dipping (being award miles in two programmes for one flight), e-mall frauds and another perennial favourite: gift cards.
Finally the survey asked those with a loyalty fraud problem what they thought was behind it, giving several possible options. The most prevalent response was "the ability to turn points/miles in to merchandise".
All of the responses led back to one thing: the change in accounting rules for customer loyalty programmes (IFRIC 13). These very sensible rules have driven considerable change since they were introduced starting in 2009 and adopted by the majority of countries in the world. Essentially, once a point/mile has been issued, the profit that part of the cost of sale can only be written to the bottom line when it is redeemed. As a result, programmes are developing ever more ways to letting customers turn their points/miles in to cash or near-cash (such as merchandise).
These accounting rules also lead to a boom of miles/points in circulation as programmes rushed to develop coalition programmes and extend out the number of earning opportunities. In places like Canada, you can earn miles for purchase of items like a carton of orange juice. With ever more miles/points in circulation and, especially for airlines, ever fewer seats to redeem on (for most programmes their flight capacity has only been growing marginally) leads to an almost perfect storm.
As the fraudsters have discovered that taking over a frequent flyer account (usually using computer malware) is easier than trying to take over a bank account, they have been increasingly clearing out unsuspecting customers' accounts. There is a well-documented example of a frequent flyer in Australia having his account cleared out for a flat screen TV that was not even delivered to his house.
So what is this all telling us? From the survey it's clear that loyalty fraud is an issue for many programmes. Some claim that their systems and process prevent this fraud, however, that is a very small percentage of our respondents and no system or process is going to be fraud proof for ever. With the new accounting rules leading to a boom in miles/points out there and more and more transactions happening online and subject to being hacked it is probably only a matter of time before there's a breach of one of the major programmes systems. Who would have thought a top notch retailer like Target would be hacked?
The day to day managers of these loyalty programmes are seeing the issue up close, and also see the potential for further problems. Hopefully, the they will also see the challenge to protect their businesses and, importantly, their brands' reputations, and take even more positive and protective actions.