Threats

Keep loyalty points and gift card balances safe

Ensure loyalty points and gift card balances are only used by your customers, not by criminal groups using malicious bots.

Video
  • 45%

    of loyalty accounts are inactive or never checked

  • $35

    on average stolen per customer account

  • $1 billion

    in loyalty points lost to fraud annually

How we stop loyalty point fraud:

  • Identify malicious intent icon

    Identify malicious intent


    We monitor all web traffic to your websites, mobile apps and APIs, and configure machine learning models to identify potentially fraudulent behavior.

  • React in real time icon

    React in real time


    With a high degree of accuracy, our mitigation service shuts down malicious bot activity, keeping fraudsters from generating codes or taking over accounts.

  • Pass on threat intelligence icon

    Pass on threat intelligence


    Our models improve with every visitor we analyze. We pass this intelligence to your fraud team so your organization is ready to act against future attacks.

Why Netacea?

Netacea uses cutting-edge technology and bot expertise to detect gift card abuse and loyalty point fraud. Our 0.001% false positive rate, protecting genuine customer experience.

  • Recognized by leading analysts  icon

    Recognized by leading analysts


    Forrester recognized our technology in their latest Wave, giving us top marks in the bot detection category – ensuring you’ll always detect and stop evolving threats.

  • One solution for all attack surfaces icon

    One solution for all attack surfaces


    Secure your APIs, websites, and mobile apps with a single product, offering zero-day protection from loyalty point fraud and gift card abuse.

  • Rapid implementation  icon

    Rapid implementation


    You can be up and running with our solution in as little as an hour, thanks to our raft of pre-configured integrations with leading content delivery networks, applications and platforms.

Why is loyalty point fraud problematic?

Fraudsters routinely target retailers, travel operators, and the hospitality sector with loyalty point fraud and gift card abuse schemes. These attacks damage revenue and push loyal customers away to competitors.

Frustration for your customers

When fraudsters steal loyalty points, customers lose out on rewards; cracked gift cards are also unusable by their legitimate buyers, causing understandable annoyance.

Frustration for your customers

Lost revenue reimbursing points

Criminals quickly spend their ill-gotten points on goods and services; yet, it's only fair that stolen balances are reimbursed to customers, costing your business twice as much.

Lost revenue reimbursing points

Time lost repatriating accounts

Loyalty point fraud often follows an account takeover attack, where fraudsters break into customer accounts. Returning control to accounts' rightful owners uses up time and resource.

Time lost repatriating accounts

Resources

Latest Loyalty Point Fraud Resources

Learn how much bot attacks cost your business

Use our bot calculator to quantify how much automated attacks are costing your business in revenue and infrastructure costs.

Learn more

Trusted by enterprises to stop loyalty point fraud

  • 5 Stars

    "My world is much quieter now!"

    "From having regular security incidents to nothing really happening is great. Looking at the mitigation graphs, lots happening, nothing getting through!"

    Internal Consultant, Telecommunications,
  • 5 Stars

    "Excellent product, great team"

    "Amazing bot detection and mitigation capabilities with a very low rate of false positives. Great customer service and support team."

    Administrator, Information Technology and Communications,
  • 5 Stars

    "Excellent company - real experts"

    "Excellent company - real experts in their field. We have successfully blocked scraping bots - reducing website load and preventing downtime"

    Head of SRE UK,
  • 4.5 Stars

    "Great supplier, very talented"

    "The professionalism of the team and company as a whole in delivers an excellent service for us, not only day to day, but on our key events."

    Consultant, Retail,
  • 4.5 Stars

    "Great product and great service"

    "Our on-call engineers can now rest easier at night knowing that automated and proactive threat blocking from Netacea is taking action in near real-time against numerous attacks."

    Administrator in Financial Services,

Frequently Asked Questions

Find out more about loyalty point fraud

  • How does loyalty point fraud work?

    Loyalty reward schemes are a regular feature of the eCommerce, travel and leisure landscape, with points accumulated based on repeated custom. Loyalty programs are as attractive to cybercriminals as they are to customers. Adversaries exploit loyalty schemes to purchase products or services to use or resell for profit.

    Adversaries will typically use easily accessible data leaks in credential stuffing attacks, targeting businesses with loyalty point schemes. When they get a hit, they can takeover exposed accounts and steal any points accumulated by the customer.

  • How does gift card cracking work?

    Whilst credit card cracking garners lots of mainstream attention, gift card cracking is a less well-known financial attack with a low-risk, high-reward profile for criminals.

    With the format of gift card codes known, automated bots can be programmed to brute force existing codes saved in the system. This can either run at high volumes or hide within typical traffic patterns to avoid detection in the long term.

    If gift card codes are generated by a web-facing API, attackers can also exploit this to generate new codes automatically, often without the knowledge of the target business.

  • How can you detect and stop loyalty point fraud?

    Although logging in and spending loyalty points, or inputting a gift card code are expected behaviors on web systems, there are telltale signs when these actions are undertaken by a bot.

    Sophisticated attackers will attempt to disguise their nature through means such as CAPTCHA bypass, device fingerprint emulation or rate limiting. However, Netacea uses advanced machine learning models to analyze every single request across websites, mobile apps and APIs, comparing intent to expected behaviors and patterns to flag and block the fraudsters.

Schedule Your Demo

Ready to get protected?

Stop worrying about loyalty points disappearing from customer accounts. Start gaining insight into attacker tactics and how Netacea keeps them at bay.

  • Agentless bot mitigation
  • Painless integration
  • Zero-dayprotection
Book demo