July 16, 2019
Airline Loyalty Programs Targeted by Fraudsters
Posted July 16, 2019
Over the last few years airline loyalty programs have started to offer more options to monetize air miles balances built up by their customers. This has not gone unnoticed by fraudsters. It takes a certain kind of person to knowingly book a flight with stolen air miles and then actually turn up to the airport and sit on that airplane. But account takeover, with the purpose of then purchasing a television, expensive cosmetics or ride sharing vouchers using someone else’s money (or in this case air miles) is a cybercriminal’s day job.
Basic Authentication at Risk
Unfortunately, when loyalty programs first went through a digital transformation process, enabling customers to access their accounts online, fraud was not a consideration, and a basic authentication process was generally put in place. Even less sophisticated fraudsters these days are able to beat basic authentication layers using compromised customer identities or credentials and the existing loyalty program system architectures are generally black boxes with no ability to modify or introduce risk-based assessments to the authentication process. This results in manual processes being required behind the scenes, as humans review loyalty program purchases by end customers in an attempt to distinguish between honest purchases and fraudulent activity. Airlines then have to balance the cost associated with large review teams with the competing expectations of their end customers’ friction-free and instant purchase expectations.
As loyalty programs are forced to go through a second round of digital transformation, in order to deal with the new threat from cybercriminals, they should look to put in place a flexible, layered defense system, that is able to respond to ever changing attack vectors. A risk-based authentication approach should drive smart decisioning around when and how to challenge a customer with strong authentication, based on elevated threats, whilst keeping good customer friction as low as possible.
Increasing Demand for Airline Loyalty Program Fraud Prevention
LexisNexis Risk Solutions has seen rapidly increasing demand from airline loyalty programs for our ThreatMetrix platform. Applying the expertise around account takeover protection learned from our extensive financial services experience, together with our detailed understanding of the traditional eCommerce buying process and associated fraud patterns, we are helping some of the world’s largest airlines close the door on loyalty program fraud.
To learn more about how a digital identity-based approach can help prevent travel fraud, read this solution brief from ThreatMetrix.