January 10, 2019
Protecting Digital Identities Against Holiday Gift Card Fraud
Posted December 22, 2015
Spending on gift cards increases each year – an estimated 93 percent of U.S. consumers purchase gift cards totaling $100 billion in spending. Unfortunately, cybercriminals are also finding ways to cash in on the popularity of gift cards. This leaves retailers with the pressing issue – how can they capitalize on gift card revenue without increasing the risk for fraud?
Gift cards represent an important revenue stream – avoiding them entirely will likely lead to lost sales. Yet with the high transaction volumes during the holidays, retailers don’t have the bandwidth to manually analyze gift card sales or redemptions. And the fraudsters count on the fact that retailers are too busy to track them.
While in-store fraud presents its own challenges, online activities and digital identities are even more difficult to protect against cybercriminals. They act on a global level and attempt to compromise digital identities for fraudulent purchases and financial gain. With so many physical and virtual gift cards flowing through the economy, it’s not difficult for criminals to misdirect some of them, capitalizing on the profit.
The gift that keeps on taking
The gift card fraud risk doesn’t stop on December 25, as the cards purchased for the holidays will be redeemed throughout the year (and for years to come). Likely everyone has experienced a time when a gift card was found collecting dust a few years after receipt.
The flexibility and anonymity of gift cards are very attractive for criminals, as a gift card is like cash in hand. Here are a few of the most common online risks involving gift cards.
- Stolen virtual gift cards: For those last-minute gifts or those who are hard to buy for, nothing is as convenient as online gift cards or e-certs. In fact, approximately 63 percent of consumers who bought gift cards last holiday shopping season purchased them online. If a cybercriminal intercepts the digital certificate and steals the account information or redemption code, they can get to the goods, rather than the intended recipient. Cybercriminals often exchange electronic gift cards for real physical goods, which they can then resell for profit in other countries or on auction sites.
- Gift cards purchased with stolen credit cards: A gift card is one way to turn a stolen credit card into cold hard cash. Following recent, high-profile data breaches including the U.S. Office of Personnel Management, Trump Hotel Chain and Experian/T-Mobile, consumers and businesses are facing the downstream effects, and countless credit card numbers have been exposed. Cybercriminals often take advantage of the after-effects of data breaches to purchase large quantities of physical or electronic gift cards using stolen credit cards. They then either resell the gift cards or use them to purchase goods for resale.
Protecting online gift card transactions
One way gift card cybercrime can be prevented is by analyzing online gift card purchases for the presence of stolen credit cards. These can be detected through a variety of risk factors, including a single device using several different credit cards or a transaction where the actual location of the device does not match the credit card holder’s address. Businesses should subject these transactions to additional scrutiny or real-time step-up authentication.
Fortunately, retailers don’t have to tackle cybercriminals alone this holiday season. One of the most effective ways to protect gift card transactions and user accounts this holiday season and beyond is by leveraging global shared intelligence to differentiate between authentic and fraudulent transactions. Rather than relying on static data, using global shared intelligence brings together all aspects of a person’s online devices and behavior into one unique digital identity – including email addresses, geo-locations, devices and both personal and business personas. Retailers can collaborate with other businesses to share information about accounts, devices and online personas involved in fraudulent activities – escalating any transactions from these sources to a higher risk category and requiring additional screening.
Leveraging global shared intelligence also helps retailers strike a balance between implementing effective cybercrime prevention strategies and interfering with the customer experience. By differentiating between low and high risk transactions, retailers can ensure accounts and gift cards are protected without making trusted customers face arduous authentication steps.
The gift card challenge will linger long after all gifts have been taken from under the tree. Gift cards are a popular year-round vehicle for fraud. However, any protections retailers and other businesses put in place for the holiday season will protect against fraudulent transactions and activity year round.