The rise of loyalty program fraud and how businesses can avoid it

Share on facebook
Share on twitter
Share on linkedin
Share on email

Loyalty and reward programs are much-loved by South African consumers. This as an estimated 75 percent of all economically active South Africans make use of them, which is understandable given the benefits often attached with joining a specific service or provider.

There is a darker side to loyalty programs, however, with fraud being a growing problem locally. This issue is having a negative impact on businesses in particular, many of which state that they lack the resources and necessary skills to deal with fraud on their platforms.

As such, these businesses stand a lot of lose if this problem remains unaddressed.

To gain more insight into how large an issue this is for local businesses, as well as how this type of fraud takes place and how best to combat it, we recently spoke with Deven Govender, principle commercial optimisation specialist at Merchants South Africa.

Hypertext: We’ve seen a sharp rise in fraudulent activity on loyalty programs. Why do you think this has been the case?

Deven Govender: I would talk to three main points here.

While most organisations have invested in cybersecurity upgrades to combat fraud, the focus has mainly been around credit card fraud and protection of personal information. At best, companies will do the bare minimum to comply with legislated policy such as PCI (DSS) and POPIA.

Consequently, loyalty systems are often not in the business’ scope for cybersecurity implementation or upgrades. Fraudsters have identified this as a weak point and have capitalised on the opportunity. 

As far as customer experience strategies go, loyalty programs are often adopted late within the strategy. When they are adopted, it is often done, again, at the lowest cost possible. Subsequently the systems, processes and technology that support the loyalty program will in rare cases be integrated into the larger operational processes, systems and technology. 

This creates loopholes in the system for fraudsters to manipulate and exploit.  

Due to the lack of – or even dis-investment in – loyalty programs, they often do not work, or deliver on customer expectations. In my experience, this can cause customers to lose faith in the system and stop using the program. Most customers don’t even bother to close their accounts, with 54 percent of loyalty accounts lying dormant

Hypertext: Given an estimated 75 percent of economically active South Africans make use of such programs, how much do local firms stand to lose if this remains unaddressed?

DG: Looking at an example, successful loyalty programs have an active participation rate of around 75 percent across the air-travel industry. Of this around 14 percent of customers spend, on average, three times more per annum – according to internal research carried out at Merchants. 

If companies do not invest in proper protocols to avoid fraud, the loss in revenue will far outweigh the initial investment required.

In addition to losing repeat revenue, loyalty program fraud, in many respects, also contravenes legislative policy such as POPIA in South Africa and GDPR in Europe. Organisations in breach can face significant penalties from the regulatory authorities.

Hypertext: Why do you think local firms have been lax in securing this element of their business?

DG: Apart from the cost of implementation and integration, loyalty programs are often seen as cost or liability centres of the organisation.

Loyalty programs are also often implemented as a reactive strategy to keep up with competitors, with little due diligence conducted into how the program can become a revenue generation mechanism for the business. 

As a result, these programs can return little to no value for the organisation and generate negative customer experiences. Despite this, businesses will often not cancel these programs due to the fear of the company Image being tarnished.  

Hypertext: Now that more firms have been made aware of the extent of the problem, what are some of the first steps they can take in securing themselves?

DG: The first step is customer education. For the active customer base, it is important that customers take steps like resetting their passwords often and keeping track of their loyalty point earning and spending on a regular basis.  For non-active members, accounts either need to be closed or suspended.

Another important factor is the integration of the loyalty program with operational systems, processes and technology. Loyalty programs need to be integrated into CRM, Point of Sale, ecommerce and other critical systems.

Analytics on loyalty earnings and spend are also critical in identifying anomalies and can act as a pre-cursor to fraudulent activity. In the very likely event that loyalty programs utilise third-party partners for redemption, integration into third-party systems will also aid in fraud mitigation

Companies also need to include the loyalty program activity into their internal audit, compliance and regulation procedures, and this should even sit as a line item on the corporate risk register.

Lastly, companies need to look at refreshing their loyalty programs, when it comes to earnings and redemption, at least once a year to alleviate fraudulent activity. This will also have a positive impact on the customer experience and increase participation levels within the program. 

Hypertext: Is there ever any concern that if too many security measures and procedures are put in place, it would negatively impact customer experience?

DG: Most customers who use loyalty programs are likely to make use of services like online or mobile banking and other products in the market that already require a high level of security.

These customers are already accustomed to these controls, and in all likelihood will not have altered experiences, apart from a potential increase in positive experiences.

Token authentication, biometric authentication and two-factor authentication are widely used methods which customers are familiar and comfortable with.

Of course, the experiences can always be enhanced by integrating loyalty program applications within existing sales and service application channels.

Hypertext: What role can a customer experience partner play in handling fraud and abuse issue?

DG: Customer experience partners can play an important role, particularly when it comes to systems integration. The failure of most loyalty programs, either because of fraud or poor participation, lies primarily in the initial design of the program. 

A customer experience partner can identify what the entire customer experience journey will look like for the organisation, taking into account every single customer touchpoint.  

We can also identify where the risk areas are in terms of fraud and customer dissatisfaction.

Taking both these points into consideration, we will be able to provide the cost benefit analysis for implementation and ensure that the implemented loyalty program is safe, increases customer satisfaction and loyalty, and, importantly, increases customer spend through the program, which creates a new revenue stream for the business.

Hypertext: Gamification is a potential means of curbing fraud and abuse. How would it be implemented in a loyalty program?

DG: The number one reason gamification is incorporated into any organisation is to drive engagement from employees, customers, suppliers, or any stakeholders within the business ecosystem. 

The nature of gamification is to drive participation to create value, easy and positive experiences, as well as well as to promote the organisation’s value proposition.  

In the context of customers, a well-crafted gamification program or solution will increase participation, thus increase the member base and spend. 

A great gamification solution, like Discovery Health as a good example, will have the loyalty program integrated into the primary company website or mobile application, meaning that there will be a higher level of authentication.

Hypertext: Apart from fraud, what other elements of the loyalty program experience can stand to benefit from partner advise or input?

DG: The true purpose of a loyalty program is to do exactly what it says, to drive increased loyalty in customers. Loyal customers are less likely to churn, will recommend your business, and will ultimately spend more with your business.

As mentioned previously, loyal customers are likely to spend three times more with you per annum.

Loyalty programs are critical and relatively cost effective tools to drive revenue, gain customer insights across the entire customer journey and touch points for improvements, drive new products and services, increase company goodwill on the balance sheet, and create a significant competitive advantage for the company.

Hypertext: Looking forward do you think more companies will indeed turn to customer experience experts to assist with fraud and abuse, or will this problem continue until truly significant losses are felt?

DG: This depends on the current design of the loyalty program, and the value the company is deriving from it. 

Companies that have well designed programs which generate commercial and customer value and insight will be more proactive in wanting to mitigate the risk and transform their loyalty program in line with their existing digital transformation strategies.

Unfortunately, companies that currently derive little commercial or customer value from their loyalty programs will exclude or limit the scope of loyalty program transformation in their digital transformation strategies.  

A customer experience expert will consider the transformation of loyalty programs strongly, whether a company is undertaking digital transformation strategies or customer experience strategies.

Robin-Leigh Chetty

Robin-Leigh Chetty

Editor of Hypertext. Covers smartphones, IoT, 5G, cloud computing and a few things in between. Also a keen photographer and dabbles in console games when not taking the hatchet to stories.