As loyalty programs shift from paper and plastic to apps and websites, they are increasingly tracking a currency more valuable than the amount you’ve spent, and this is your personal data. Programs begin to know things about you like your favorite flavor, when your craving strikes, how you pay, along with your billing and contact information.
With so much personal data being stored among these programs, hackers are showing up and using it to their advantage. One loyalty-fraud prevention group estimates at least $1 billion per year being lost to crime related to these programs. Some criminals are stealing customer credentials to log in and tap into separate accounts, while others deplete balances or sell points. In the past year, we have seen these types of attacks against large well-known brands, like Southwest Airlines and their reward account miles or Marriott’s Starwood Preferred Guests.
Loyalty programs can be seen as a “honey pot for hackers” since they tend to be the path of least resistance, meaning they are easy to sign up for, with flimsy passwords, and often neglected by users. Security among the programs has not kept up pace. As important as loyalty programs are to the brand and the consumer using them, there needs to be an equally important focus on keeping consumer information safe from hackers. Many companies have recently revamped their programs, and some are strengthening their defenses by adding dual authentication or facial recognition. To learn more about these recent and ongoing attacks, and the efforts to protect against them, visit here.