This highlights the problems with loyalty rewards that do *NOT* have computer auditing to the account.
Yesterday the Woolworths receipt hack received wide coverage.
What it is that a person collects receipts from the bin or trolley in this case. They then claim the benefits of the shop's loyalty program using these receipts.
Here, the person did not even think she was stealing, nor do many in the public.
The result is that the retailer pays to the person who may not even shop at the store the benefits. This payout can be very high. For example, on discount vouchers, merchants are advised to set the payout at 50% of the profit. Here you would be giving away half the profits to a person who does not even shop with them.
It goes much deeper than that.
Loyalty rewards programs do not get much in the way of scrutiny. Security is often very lax as the rewards are not cash. That makes it open for abuse. This lack of oversight attracts thieves.
What you need to do is examine your loyalty programs for any such potential loopholes.
Then Make Your Reward Loyalty Program Secure