Episode 24 “Loyalty Programs Thrive If Brands Stop Account Takeovers ”
Loyalty programs are a powerful way for companies to engage and grow a customer into a brand evangelist. But if an account takeover occurs and customers lose rewards points, miles, or sensitive personal payment information, major brand damage occurs. Understanding the motive behind fraudulent account takeovers is a start. Next, companies must protect a customer’s reward account with the same diligence that is given to monetary transactions.

Learn more at Kount’s resources library

Video Transcript

Rich Stuppy: Loyalty fraud is I think another surprising aspect in the QSR fraud ecosystem. The idea that an entity, or a fraudster will take over an account that has a certain amount of maybe digital gift card value, or loyalty points, that can be used to purchase things. They will then go to either a dark web, or an open web marketplace, where they will say, "Here's an account that has $100 worth of value in it. I will sell it to you for $30." That's a way that they monetize the taken-over account, and obviously when your customers realize that their hard earned loyalty points are gone, it's quite a bad customer experience for them.

Tricia Phillips: Account takeover is a broad category. There a lot of reasons that a fraudster might take over an account. One is to drain loyalty points. One is to trade value between multiple accounts. Sort of a money laundering activity. Another is to use that taken over account to buy goods.
We see some really complex fraud attacks, that are touching the QSR space, where the QSR isn't the ultimate purpose. They're just being used. Let's say there's a drug runner, and they need someone to run an errand for them. A very bad errand for them. They might say, "Hey I'll give somebody a free pizza if they run this across the street for me." Somebody will say, "Yeah, sure." You look at it and you're like, "What is the point of this? Why would a fraudster waste stolen goods for a $20 pizza?” Then you realize that it's part of a much larger fraud ring.

Rich Stuppy: A fraud instance to be aware of is many times a QSR app will basically be a wallet. That wallet has an automatic top up provision to it, or auto reloading provision. The fraudsters will take over the account. They will drain it down to the level where the auto reload happens, and that can cause a series of charges very, very rapidly on an individual wallet.

Read More