By Gergo Varga, Senior Content Manager, SEON
Gift cards continue to become increasingly popular and 2021 is projected to be the worst year ever for gift card fraud. What brought this on and how can retailers protect themselves?
Gift cards are by no means the first type of payment that comes to mind for most online and offline business owners—and not for consumers, either. However, recent figures demonstrate just how popular this payment (and gifting) method has quietly become.
The Meteoric Rise of Gift Card Payments
According to the Global Gift Cards Market Survey 2021 published on MarketWatch in September, last year, the market size of gift cards was $295,210 million in the USA alone – and is projected to jump to $440,460 million by 2027.
Possibly due to the pandemic and social distancing measures in place, 2020 saw impressive changes in the gift card landscape. Comparing December of that year with the same month in 2019, per-retailer sales of individual gift cards jumped more than 100 percent from 15,848 to 30,774, says coupon website SaveMyCent, in a feature. The same source highlights how, interestingly, social media has blossomed into a marketplace for gift cards too, with 46 percent of U.S. consumers who purchased such a card doing so on a social media website.
One last relevant data point worth mentioning to prove the rise and rise of gift cards comes from financial services powerhouse Fiserv’s “Gift Solutions” report into industry trends. Published in June, it revealed how in 2021, U.S. consumers are going to be depositing more money on their gift cards, with 23 percent putting $50-$100, compared to 18 percent doing the same in 2020.
Gift Cards as a Tool for Fraud
Clearly, consumers have developed a liking for the convenience and flexibility of gift cards, and companies, including retailers and startups, are responding by enabling and promoting this service, as well as introducing novel related products. For example, we have seen mobile apps such as Gyft developed to help consumers keep track of their various gift cards, including topping up easily and tracking how much each has left at any time.
But this increase in the use of gift cards comes with several pain points for merchants, who have to deal with both new methods of fraud as well as new methods of concealing fraud, all based on gift cards. Because gift cards are anonymous, easy to trade, frictionless and work both online and in store, they involve fewer checks and verifications, as we explain in an article about gift card fraud at SEON. Thus, gift cards and prepaid cards enable fraud much more easily than their bank-issued counterparts. Gift card fraud methods vary, but the below are of major concern to e-commerce stakeholders:
- Fraudsters buying gift cards with stolen credit cards, to hide their tracks. Although it is a consumer whose funds are being used, they are likely to start the chargeback request process once they realize, ultimately costing you and your business.
- Gift card return fraud, where they’ll buy from your store using a stolen bank card, return the item and ask for the refund on a gift card. This is effectively money laundering and these funds can both incur chargebacks or even get confiscated as evidence.
- Gift card number generation, where criminals hack into your systems and generate gift cards for their own use, effectively stealing your merchandise by paying with non-existent funds.
- Gift card brute force attack, where they run scripts to try different combinations of digits at your checkout, trying to guess at valid card numbers.
One point to stress is that while gift cards are typically used in card-not-present (CNP) payment scenarios such as online and on the phone, gift card fraud can also take place in hybrid forms of payment (for instance, paying via app but in person) as well as in-person payments. This is especially concerning if you take into account that the 58 percent of people in the above-mentioned Fiserv research who both prefer to receive and to give physical rather than digital gift cards are likely to believe themselves (and the stores they buy from) safer because they have a tangible, rather than digital, card.
Card scams are soaring in 2021, which is projected to be the worst year yet for gift card fraud, warn Google and the Cybercrime Support Network through their Scam Spotter campaign. But businesses ought to take heed, too, as we have seen.
Gift Card-Related Scam and Fraud Prevention
Obviously, shoppers have developed a preference for gift cards and merchants are happy to oblige, but this very clearly comes with more risks for retailers, who are already facing challenges in keeping themselves safe at minimal cost and with minimal friction for consumers. In fact, even gift cards issued by major credit card companies such as Visa hide similar risks for companies.
Consider, for example, how MasterCard’s ID Theft Protection is also valid for its prepaid/gift cards. This is appealing to the consumer, who feels safer, but also means that it can thus trigger chargeback requests on a gift card too, costing e-shops money, time and even their smooth collaboration with payment processors.
In the face of these issues, organizations in e-commerce, payment processing, and adjacent fields ought to show vigilance as well as a proactive attitude. In 2021, fraud prevention solutions are highly sophisticated and adaptable, fine-tuning their response to each customer and each payment according to what they know about the customer and their actions.
How does this work? Primarily through online fingerprinting, which generates risk scores for each transaction and/or shopper driven by several data points. These factors are incredibly diverse and can include things such as how many times this IP address was seen on the website before (via velocity checks); whether the shopper’s email address has an online presence (via data enrichment); the size of the browser’s HTML5 canvas; whether they are using a VPN or proxy; the number of fonts installed on the user’s device; and so on.
Each of these pieces of information does not say much in isolation, but when combined they us to make informed guesses at the user’s intentions. From there, and according to the merchant’s risk appetite, the shopper’s actions can be approved, blocked, or trigger additional checks and/or manual review. Thus, the fraudster attempting to guess at gift card numbers, or to use a stolen gift card will return a higher risk score, despite their best efforts. Meanwhile, shoppers found to be legitimate will continue their shopping journey without any friction, completing an easy and pleasant transaction—thus becoming more likely to return soon.
Gergo Varga has been fighting online fraud since 2009 at various companies—even co-founding his own anti-fraud startup. He's the author of the Fraud Prevention Guide for Dummies – SEON Special edition. He currently works as the Senior Content Manager / Evangelist at SEON, using his industry knowledge to keep marketing sharp, communicating between the different departments to understand what's happening on the frontlines of fraud detection. He lives in Budapest, Hungary, and is an avid reader of philosophy and history.