This highlights the problems with loyalty rewards that do *NOT* have computer auditing to the account.
Yesterday the Woolworths receipt hack received comprehensive coverage.
What it is that a person collects receipts from the bin or trolley in this case. Using these receipts, they then claim the benefits of the shop's loyalty program.
Here, the person did not even think she was stealing, nor did many in public.
The result is that the retailer pays the person who may not even shop at the store the benefits. This payout can be very high. For example, merchants are advised on discount vouchers to set the payout at 50% of the profit. Here you would be giving half the profits to someone who does not even shop with them.
It goes much deeper than that.
Loyalty rewards programs do not get much in the way of scrutiny. Security is often very lax as the rewards are not cash. That makes it open for abuse. This lack of oversight attracts thieves.
What you need to do is examine your loyalty programs for any such potential loopholes.
Then Make Your Reward Loyalty Program Secure