By 2021, the global market for gift cards is expected to grow to over $500 billion. As such, it’s no surprise that many online retailers are taking advantage of this impressive growth by offering e-gift cards to their customers.
The 2020 holiday season in particular stands to be an exceptional year for e-gift cards sales, primarily due to COVID-19 concerns regarding in-person shopping. Additionally:
- It is expected that gift cards will make up 48% of planned holiday purchases.
- Many people have purchased gift cards as a way to support small businesses in the midst of the pandemic.
- Millennials and Gen Z comprise 140 million people in the US and frequently utilize their smartphones for purchases, which include gift cards.
If you are one of the millions of online retailers that currently offer, or are considering offering, e-gift cards, be sure to take all of the necessary precautions to protect your business and customers from falling victim to gift card fraud.
What makes e-gift cards targets for fraud?
According to CNBC, 1 in 5 gift cards received during the holidays are empty, having been drained of their value before the recipient can redeem.
Because they do not contain personal information, e-gift cards are nearly untraceable. While some retailer gift cards are more attractive than others, it is the cash value that thieves are after. Gift cards can be worth as much as 90% of the original value on the market, and even selling it for 10% is a profit when the cost to the criminal is zero.
What are the more common methods of fraud for e-gift cards?
The dark web offers a treasure trove of tactics, marketplaces and software for committing fraud.
For instance, in 2017, a gift card bot named GiftGhostBot was able to check 4 million card balances per hour, and once the balance was confirmed, it transferred balances. Recently, stolen e-gift card balances have been converted into Bitcoin and other digital currencies.
Additionally, many criminals will test stolen credit card numbers and information by purchasing several e-gift cards from different retailers. This confirms the credit card information is valid and typically doesn’t catch the eye of the cardholder or the issuing bank. Stolen credit cards are also used for online purchases that can be returned for credit via gift card, which often results in chargebacks.
Another way criminals can commit gift card fraud is via account takeovers. An account takeover occurs when a criminal quickly drains balances or transfers reward points in the form of gift cards. Many food and beverage retailers have auto-loading gift cards that, if compromised, can swiftly empty a customer’s bank account.
Yet another popular method of gift card fraud is email phishing. An attacker poses as a supervisor and requests an employee to purchase gift cards on their behalf and send them photos of the card numbers and the accompanying security codes.
Unfortunately, retailers face the double-edged sword of issuing chargebacks and honoring compromised e-gift cards or else facing the possibility of angry customers flooding social media with complaints. In addition to the revenue lost, future revenue and reputation can be affected as potential customers are less likely to shop at retailers associated with fraud.
Why isn’t this issue highly publicized?
Credit card fraud is front and center in the media for two primary reasons: First, the victims are typically private citizens, which makes for a more compelling news story. Second, credit card fraud involves personal data (and gift card fraud doesn’t), which garners far more attention from law enforcement.
Protect your business with gift card fraud prevention
Despite the challenges of gift card fraud, e-gift cards represent an incredible opportunity to incrementally increase your revenue overall, but in particular for the upcoming holidays. However, to ensure you guard your business as well as your customers, you will need help.
You need a technology that includes:
- Collective Intelligence. We establish a shared-data agreement across payment processors, fellow merchants and other partners, which allows alerts to be automatically applied when bad actors attempt to run scams against members inside the data consortium. All data is anonymous, and only meta data is logged.
- Machine Learning. Gone are the days of having a list of names or pictures of troublesome actors by the cash register. With potentially billions of individual accounts across hundreds of payment methods, it is impossible to track even for fraud prevention professionals. By utilizing the power of deep learning models, even subtle indications of fraudulent behavior are spotted.
- Entity Analysis. While there are certainly lone-wolf criminals, the ones that do the most damage and keep you up at night are typically part of a network of fraudsters. They share information, techniques and tools among one another and can wreak havoc across the retail space. Determining connections between bad data or individual criminals can preemptively save you from another attack down the road.