First, the bad news! Fraudulent activities in the loyalty marketplace continue to grow and evolve. Attacks in the airline and hotel industries, long the main target of loyalty fraudsters, are now joined by attacks on programs in gaming, retail, and other verticals. Value propositions which increasingly adopt pure monetization tactics — gift cards, cash back, coupons, and vouchers for huge discounts at the POS — make loyalty currencies even more attractive to the fraudsters. COVID helped accelerate all this activity.
Now, the good news! The Loyalty Security Association (LSA), an industry group dedicated to fighting and reducing loyalty fraud, continues to assemble the brightest minds and newest technologies to battle the bad guys. Started in 2016 by various stakeholders with Loyalty, Fraud Prevention and Cybersecurity backgrounds, LSA continues to build the only industry platform for collaboration around the growing issues of loyalty program security. The Association provides companies and organizations that have or are involved with loyalty programs a platform where they can find resources, Best Practices, tools, training, and peers with whom they can discuss security issues.
The Wise Marketer was in virtual attendance at LSA’s 2020 fall conference. Some key takeaways are summarized below:
- New cyber security solutions continue to evolve to protect all digital assets from internal and external attacks. Some solutions focus on authenticating accounts and/or transactions; others look at maximizing revenues (approving good customer/good transactions) vs. minimizing fraud (denying bad customers/bad transactions). Behavioral biometrics are coming to a program near you very soon.
- Consumers are increasingly aware. In a recent survey, 84% of consumers expressed more loyalty to brands that had strong security controls. People are increasingly skeptical of governmental leadership in the security arena; they now expect corporate leadership to take the reins and help protect their personal information, their points, miles, and anything else fraudsters can get their hands on.
- Despite the popular belief that all loyalty fraud attacks come from hackers who are on the outside breaking in, two other sources were commonly discussed: policy abuse by members themselves and internal associates/vendors with access to the program. A review of program terms and conditions can certainly help with the abuse issues.
- COVID-19 changed the way people work. Loyalty call center operations were particularly affected by remote agents plugged into a variety of different systems and networks just to get access to the member information they needed to do their job. Security experts and IT teams had to scramble (some are still scrambling) to prevent intrusion of home-based systems that they never really counted on previously.
- Loyalty Security starts with planning. It may take months to discover the fraud, additional months to respond and fix the problem. Costs associated with a loyalty breach are estimated to be in the millions per incident. Reputation damage, accelerated by social and viral mechanisms, may be an even bigger loss to the company. Programs need to be well prepared. The time to handle fraud possibilities is not in the moment!
The LSA provides its members with a Best Practices Guide and additional resources to help loyalty programs in their fight against fraud. For additional details visit their website.
We strongly urge your organization to join the association and collaborate with others on this important industry issue.
And look for a new course about Loyalty Fraud coming soon to The Loyalty Academy curriculum.
Mike Capizzi is the Dean of The Loyalty Academy and a Certified Loyalty Marketing Professional™ (CLMP).