Hopefully, since the introduction of EMV security for your credit card and 2-step verification for your eCommerce, you’re sleeping a little easier these days.
Not so fast, there, sleeping beauty.
Since some of their favorite victims – credit cards and digital commerce – are now more secure, sophisticated criminals are eyeing non-traditional markets. Their latest prey are Loyalty Miles and Points.
The idea is surprisingly simple. Cybercriminals hack into loyalty accounts, steal the points then sell them for profit on the dark web. We all know points can add up quickly; many consider loyalty points to be a type of currency holding true monetary value. The numbers support the argument – a whopping 72% of loyalty-program operations admit to experiencing fraud issues.
The companies administering loyalty programs, thankfully, can look to the payments industry for inspiration. Credit card companies and processors have already run the gauntlet, dedicating vast resources to secure sensitive data. Some loyalty programs are merging with established payment apps (which typically have higher thresholds for security and meet PCI requirements). Points are tracked and redeemed within the apps and mobile wallets. Another option could be the establishment of a self-regulating body for loyalty companies – a system like PCI with well-defined security measures and precautions.
In any case, consumers will be, well, loyal to loyalty platforms specifically calibrated to reduce fraud in a market where digital security is king.