Payment Dispute Standards and Compliance Council

Menu
  1. Home
  2. Research and Trends

Blog

Are Gift Card and Loyalty Card Scams a Growing Threat to Your Business?

Research and Trends

Gift cards and loyalty programmes have long been celebrated as pivotal tools for retailers. They don’t just offer convenience; they are powerful drivers of sales and customer attraction, and vital means for fostering long-term customer loyalty and repeat business. However, beneath their proven benefits lurks an increasingly sophisticated threat. A rising wave of fraud is now actively undermining the value and security these programmes are designed to provide. As a merchant, understanding this evolving landscape is no longer optional  – it’s critical. Is your business truly equipped and protected against this escalating criminal challenge?

How Big is the Financial Hit from Gift Card and Loyalty Card Fraud in the UK?

The financial impact of gift card and loyalty fraud in the UK is substantial. In 2024, £13.5 million was lost to gift card scams alone. This isn’t just about direct losses; it impacts your overall profitability. Globally, loyalty fraud now accounts for a significant 31% of all fraud attempts against online merchants, a figure projected to quadruple in the coming decade. While travel and hospitality were traditional targets, retail and e-commerce are increasingly affected.

Overall, consumer and retail fraud in England and Wales surged by 19% in 2024. A large part of this increase is Card-Not-Present (CNP) fraud – transactions made online or over the phone without a physical card. These figures clearly show that gift card and loyalty programme fraud is a core challenge, not a minor issue.

What Forms Do These Sophisticated Fraud Schemes Take

Fraudsters’ tactics are constantly evolving, making it difficult for merchants to keep up without robust defences. One common method involves physical tampering with gift cards, a scam known as ‘The Draining Gift Card Scam’.  Criminals steal card numbers and PINs before the cards are activated. Once a legitimate customer buys and loads funds onto such a card, fraudsters then quickly drain the balance, leaving both customer and merchant out of pocket.

While physical tampering isn’t a concern for digital gift cards, they are not without their own vulnerabilities. Fraudsters often use stolen credit card information to buy digital gift cards, leading to their misuse. In addition to this, digital gift card data can be compromised through cyberattacks.

Account Takeover (ATO) is another growing concern. Criminals gain unauthorised access to customer accounts, including loyalty programmes, using stolen login credentials from phishing or data breaches. Once inside, they can redeem the loyalty points or drain gift card balances. Phishing scams are also rampant, with fraudsters impersonating businesses or individuals to trick victims into revealing gift card details or buying cards for them.

Beyond initial fraudulent transactions, scammers also exploit return policies. Return fraud and policy abuse can involve buying items with stolen gift cards and then returning them for legitimate cash refunds or new, untraceable gift cards. Some scammers even try to manipulate system vulnerabilities to fraudulently inflate gift card balances.

Why Are These Scams Such a Headache for UK Merchants?

The impact on UK merchants extends beyond direct financial losses.

The direct cost of fraudulent transactions  – When a fraudulent purchase is made using a gift card or loyalty points, merchants often lose the value of the goods or services. This frequently leads to chargebacks, where a bank reverses a transaction due to a customer dispute. Chargebacks mean lost revenue and incur additional fees from payment processors, typically £15 to £25 per incident.

The erosion of customer trust and brand reputation  – It only takes one, widely publicised fraud incident to significantly harm a merchant’s image, leading to decreased sales and higher customer churn. Rebuilding trust is a long and difficult process.

Fighting fraud increases operational costs – Merchants must invest in advanced fraud prevention technology, dedicate staff to fraud detection, and potentially face higher insurance premiums. Managing fraudulent transactions also consumes valuable time and resources that could be used for core business activities and growth.

Legal and compliance risks  – The Payment Services Regulations 2017 (PSRs 2017) outline requirements for payment service providers regarding unauthorised transactions and refunds. While primarily focused on consumer protection, merchants who repeatedly experience unaddressed fraudulent transactions could face increased scrutiny from payment processors and even limitations on their ability to process card payments, especially if their chargeback ratio exceeds industry thresholds. Non-compliance with data protection regulations like GDPR, if customer data is compromised during a fraud incident, could also lead to significant penalties.

What Can Merchants Do to Fortify Their Defences?

Dealing with this multifaceted threat requires a proactive, multi-layered approach. Here are key strategies merchants should implement:

  • Robust Fraud Prevention Technology: Deploying advanced fraud detection tools using AI and machine learning is crucial. These systems analyse transaction data in real-time, identify suspicious patterns, and flag potential fraud before it escalates. Implementing secure payment gateways, Address Verification Systems (AVS), CVV2 verification, and multi-factor authentication (MFA) for high-value transactions or account changes, can significantly strengthen your defences.
  • Enhanced Physical Security for Gift Cards: For physical gift cards, use secure packaging that clearly shows signs of tampering. Implement strong inventory controls and train staff to inspect cards for irregularities before sale.
  • Strong Authentication for Loyalty Programs: For loyalty programmes, MFA for account logins and point redemptions is crucial. This prevents account takeovers even if login credentials are stolen. Encourage strong, unique passwords for customers.
  • Employee Training and Awareness: Your staff are often on the front lines. Comprehensive training on identifying common fraud tactics  – from tampered gift cards to attempts to manipulate individuals and suspicious usage patterns  – empowers them to be your first line of defence. Establish clear procedures for escalating suspicious activities.
  • Secure Data Handling and Compliance: Ensure all customer data, including gift card and loyalty programme information, is handled in compliance with regulations like the UK GDPR. Use Secure File Transfer Protocol (SFTP) and adhere to The Payment Card Industry Data Security Standards (PCI DSS). Regular security audits are essential to find and fix vulnerabilities.
  • Customer Education: Educate your customers to protect themselves. Provide clear guidelines on recognising phishing attempts, securing their accounts, and treating gift cards like cash. Educate them on how legitimate businesses communicate and what to do if they suspect fraud.
  • Proactive Monitoring and Analytics: Continuously monitor transaction data, spending patterns, and account activity for unusual trends. Analysing historical fraud data helps you anticipate new attack methods and make sure that your prevention strategies are effective.
  • Chargeback Solutions: Considering a partnership with a chargeback solutions company can provide an additional layer of defence, helping you recover funds and manage disputes when fraud inevitably occurs.

Are You Prepared to Defend Your Business Against Future Fraud Attempts?

The landscape of gift card and loyalty programme fraud in the UK is dynamic and constantly evolving. As criminal tactics become more sophisticated, it’s crucial for merchants to not only react to current threats but to proactively anticipate future ones. Investing in robust fraud prevention technologies, empowering your staff, and fostering a culture of security within your organisation are no longer optional  – they are fundamental pillars of modern retail. By taking these decisive steps, you can significantly mitigate financial losses, protect your hard-earned reputation, and ensure that your gift cards and loyalty programmes remain valuable assets, not just vulnerabilities.