October 22, 2018 CPG, Customer Data & Analytics, Financial Institutions, Loyalty Strategy, News, Retail, SmartJourney®, Telco, Travel & Hospitality

3 Steps to Limiting Loyalty Fraud

How to limit loyalty fraud

Loyalty programs provide opportunities for people to get free stuff. As part of the loyalty game, engaged loyalty members look for ways to earn more points faster, which brands may provide through accelerated earn opportunities like double- or triple-points days, or buy 3 get 1 free offers, etc. However, as loyalty grows more complex, these earn opportunities may inadvertently create unplanned loopholes, which savvy members will certainly find. Remember when airlines had hidden cities? We’d book our flights through those cities to save money and/or earn extra miles. Unfortunately, unintended loopholes such as these can create an opportunity for loyalty program fraud. When looking to limit loyalty fraud, we recommend a three-pronged approach: Prevent-Detect-Monitor.


Discourage fraud from the start by incorporating preventative tactics in your program design. Starting with a deep understanding of the vertical and business purchase patterns by customer type, you and your provider can build a base fraud model founded on proven methods, economic modeling and avoidance of unintended consequence. Be sure to leverage information like compliance for CPG clients or segment types in retail to predict behavior trends.

However, fraud is not a clear-cut case of right or wrong based on a set of rules. In the cases where some fraud is acceptable to a brand, monitoring and reporting are essential functions to understanding the impacts on the program. Your loyalty vendor should focus on helping you predict potential fraud scenarios, and leverage machine learning tools to develop predictive models to analyze behaviors ongoing, as well as provide fraud scores for each member on a regular basis.

Your tech platform should also support your anti-fraud design. At the minimum, your provider needs to adhere to international ISO security standards (ISO 27002) and PCI DSS (Payment Card Industry Data Security Standards), while also taking into consideration industry best practices such as NIST, ITIL, COBIT. Risk should be mitigated through SOC I and SOC II Type II compliance, with an overall security posture tested on a regular basis.

Impenetrable hosting is necessary to keep customer data secure. Use secure web services with access controlled dedicated tokens while moving data.

And of course, all these tactics are much more effective when combined with proper user training, which your provider should provide or direct you to.



Administration of the program and the ability to run reports that highlight anomalies are a key strategy to detect potential program misuse. Regularly monitor your customer activity for:


  • Redemption and trends that exceed established point or value thresholds
  • Point or reward activity that does not align with a member’s value segment
  • Point earning that exceeds total or frequency thresholds
  • Frequent return patterns
  • Goodwill adjustment user activity that exceed necessary levels
  • Member logins that show who has accessed the member portal and when they accessed
  • Excessive user activity
  • Segmentation reporting to ID in order to review mailing addresses
  • Employee account activity



If program misuse is detected and action needs to be taken on a member’s account, use a full customer service view to further research and respond. Transactions, point amounts, achievements and redemptions can all be managed to provide control over the program and members in relation to fraud. Accounts may also be placed in a status that prevents loyalty activity as appropriate for the level of program misuse expected.

Unfortunately, even with the best of preventative measures, program misuse may occur. In this unlikely event, audit logs and reporting can help trace the source and eliminate the root cause. It’s best to work with your loyalty provider and security team on a fraud management design and program that works best for your business.

Aimia uses its proprietary SmartJourney® methodology to develop a program design that helps prevent fraud. We work with each client to create a strategy to mitigate potential for loss that does not require burdensome processes for administrators and avoids undermining the value of the loyalty program to members. After implementation, managing loyalty program misuse requires vigilance. Aimia is focused on supporting each client’s loyalty program success and in doing so lends ongoing support to guide program misuse management. For more information, email loyalty@aimia.com.


facebook share icon twitter share icon linkedin share icon

Ready to get started?