In 2016, the U.S. gift card industry was worth $127 billion. That figure is expected to reach $160 billion by 2018. It’s little wonder why. Everyone loves them! From the retailer’s point of view, customers who shop using a gift card oftentimes spend more than the initial value of the card. As for the customers themselves, gift cards allow them to buy whatever they want in their favorite stores (or even wherever they want, depending on the nature of the card).
Retail stores and shoppers aren’t the only ones who appreciate gift cards, however. Fraudsters gravitate towards them because their flexibility makes for a quick sale on peer-to-peer (P2P) marketplaces. But considering there are many kinds of gift cards, it’s difficult for merchants to consistently vet for fraud without negatively affecting customers’ shopping experiences. As a result, we can expect gift card fraud to persist for the foreseeable future.
If gift card fraud is here to say, merchants, consumers, and the security community must learn as much as possible about gift card fraud. Fortunately, Riskified anticipated that need, which is why the SaaS fraud and chargeback prevention technology provider published a report on the subject. Here are five findings that stand out from the company’s study.
Plastic vs. Digital
There are three types of gift card sellers: retailers that require customers to redeem their gift cards at one of their stores, merchants that specialize in selling gift cards, and marketplaces that facilitate the P2P exchange of gift cards. All these sellers might offer plastic gift cards, digital gift cards, or both. Not surprisingly, digital gift cards are more prone to fraud than plastic gift cards. Instantaneous delivery to an email account means a fraudster can flip a card on a marketplace in seconds, whereas legacy fraud systems mostly detect physical gift card fraud. In general, marketplaces see more valid gift card orders than retailers and merchants because they commonly offer secondhand gift cards at a price that’s oftentimes less than their value. Fraudsters have no reason to seek these discounts. At the same time, new gift card orders are five times more likely to be fraudulent than “used” gift cards.
Open-Loop vs. Closed-Loop
Breaking the industry down even further, there are “open-loop” gift cards and “closed-loop” gift cards. The latter term refers to cards that are redeemable only at a specific retailer, while the former commonly bears the logo of a major credit card company and is usable anywhere. Fraudsters generally gravitate to open-loop gift cards. Indeed, Riskified found that less than 80 percent of open-loop gift card orders are valid, as compared to 90 percent of closed-loop gift card orders. These orders also tend to be more expensive on average than their closed-loop counterparts ($342 vs. $159). Looking back to the previous section, open-loop digital gift cards are eight times more likely to experience fraud than open-loop plastic gift cards and 20 times more susceptible to fraud than closed-loop plastic gift cards.
Brands’ Cards Hold Unequal Risk
Not all gift cards that are closed-loop have the same risk profile. For instance, gift cards for retailers that specialize in gaming consoles and consumer electronics are more susceptible to fraud than home goods stores. The electronics and gaming industries see more fraud attempts in general than other retail sectors, so this increased risk naturally permeates gift card orders. Concurrently, some retailers offer so many types of goods that their closed-loop gift cards are more open-loop in nature. These vendors include Amazon, Walmart, and even iTunes.
Mobile vs. Desktop
The rate of gift card orders varies according to medium. Riskified found that orders placed via mobile phones are riskier than their desktop counterparts. A partial explanation for this trend is that close to three quarters (73 percent) of gift card orders completed on a smartphone involve digital cards. Even so, acknowledging the fact that desktops are responsible for three-quarters of all gift card purchases, the greater gift card fraud rate on mobile phones is surprising.
Additional Risk Factors in Customer Orders
There are some tell-tale signs in a shopper’s profile that could indicate a gift card order is fraudulent. For example, email addresses with providers like Gmail are good indicators of safety because they require users to enter in personal information about themselves. Dot-org and dot-edu emails also tend to be safe due to institutional affiliation. By contrast, fraudsters are more prone to abuse providers like “mail.com,” “icloud.com,” and “outlook.com”. In addition, these fraudsters commonly use a proxy to hide their IP address, fail to link their email address to the customer’s name, and send digital gift cards to themselves instead of another email address.
Anti-Fraud Tips for Retailers and Customers
To discourage gift card fraud, Riskified recommends that retailers cross-reference customers’ personal information, nurture returning customers, offers promos and discounts on gift cards, and make personalization options available. Meanwhile, customers should purchase gift cards only from reputable vendors and inspect physical gift cards for signs of tampering.
For more information about gift card fraud, read this article published on The State of Security.