ARTICLES 

A trusted online identity verification against loyalty fraud

Online fraud comes in many forms, loyalty program fraud is one that frequently goes unmentioned. Fraud targeting customers’ loyalty accounts within the retail, travel, and hospitality industry has increased during the covid-19 pandemic. In the aftermath, there are incentives to protect account holders by implementing online identity verification.

Customer relation without ID verification

For consumers, loyalty programs provide added value and a better customer experience. From a business point of view, loyalty programs are about holding on to customers by rewarding those who use the company’s services often. Both ends of this customer relation spectrum are being negatively impacted by today’s alarming growth in loyalty fraud mainly caused by the low level of identity security. By utilizing identity fraud or leverage a series of brute force attacks, stolen credentials, and automated cyber-attacks criminals gain access to someone’s account and can reap the reward points. Another fraud method is to open multiple accounts under different identities to take advantage of the often-offered signup benefits and then transfer all the points earned from signup to one account for redemption. Regardless of the method, the criminals’ end goal is always monetization, and targeting the obvious loopholes of loyalty programs can be very lucrative. The global loyalty management market was valued at 3,5 billion EUR in 2020 and is expected to reach 12 billion EUR by 2026, according to the Morder Intelligence report. Loyalty fraud is estimated to cost program operators about 1 billion EUR every year.

Customer relation without ID verification

Loyalty fraud targets the identity unknown

There are many reasons why loyalty programs constitute attractive targets for fraudsters. In matters of protection and security, these programs have lagged compared to other financial services, making loyalty accounts low-hanging fruit to fraudsters. Without a secure and accurate identification process the risk of accounts being compromised lurk at every step of the customer journey, from the sign-up process to the transaction and final redemption of points. Paradoxically, the value and liquidity of reward points have gone up considerably in the last decade as loyalty programs have become more evolved. Another reason why loyalty fraud is on the rise is the coronavirus pandemic that prompted airlines, hotels, and other loyalty programs to extend the expiration on reward points and such since consumers couldn’t use them due to global lockdown. Since loyalty account holders were unable to travel or stay at hotels, they lacked an incentive for checking their account balances. The pandemic lockdown thus created the best of conditions for an account takeover to go unnoticed. For whatever reason, the topic of loyalty fraud repeatedly slips under the radar while other types of fraud vectors generate a lot of attention and news. Meanwhile, many loyalty programs and online services face trust problems since a trusted online identity can’t be established without stringent identification requirements reinforcing personal account protection.

ZignSec Online Identity Verification

Online identity verification connects your customers’ digital identity to their real-life identity to ensure that customers are who they say they are. Enabling a swift and easy customer onboarding with a high level of identity assurance is essential for all online services. For companies in the financial services industry identity verification serve as a core component to comply with Know Your Customer (KYC) regulations and Anti-Money Laundering (AML) rules. But regardless of digital business, identity verification is crucial to uphold personal account protection and to enable secure customer onboarding since the potential for fraud is especially high during the first interaction with someone registering for a service or opening an account. ZignSec Online Identity Verification is seamlessly integrated into the customer journey, allowing a balance between convenience and security during crucial customer interactions. In the case of loyalty programs, online identity verification could easily be implemented during customer registration, or when the account holders cash out their bonus points and rewards. Loyalty program managers within the retail, travel and hospitality industry that connect with ZignSec are capable of verifying the identity of any user worldwide. Via a single interface, we grant your company access to a comprehensive range of the best-of-breed identity solutions available globally, giving you the capacity to swift and accurately identify all of your customers regardless of what type of valid ID document they use.

Get in touch

    Cookie Policy

    Effective date: January 1, 2020

    This notice explains ZignSec’s approach to cookies and other online data collection technologies.

    When you visit our websites, use our mobile apps, engage with our online ads or emails, we collect information, using technologies such as cookies, pixel tags (also called web beacons), browser analysis tools and server logs. Each of these technologies is explained below.

    1. How We Use Cookies

    We use cookies and other online data collection tools for several many different purposes.

    Strictly necessary cookies and tags are used by ZignSec to support the basic operations of our websites and apps. They enable core website functions, such as authentication, security, network management and accessibility. You may be able to disable these by changing your browser settings, but this may affect how the website functions.

    Performance and operation cookies and tags are used by us and our service providers to manage our websites. These activities may include collecting analytics about visitors to our website and collecting information about website usage. We use the information to compile reports and to help us improve the website. These cookies help us gather data to optimize our website’s performance.

    Site experience cookies and tags are used to support your experience and include user-selected options and site navigation aids.

    Marketing and personalization cookies are used to enable social sharing and to deliver interest-based ads to you online.

    Social media cookies and tags used by us and social media platforms to enable users of the platforms to share content across our sites. We also work with social media platforms to deliver ads to you when you use these platforms. This targeting is done by the platform under its own terms of use.

    Advertising cookies and tags used by us, our service providers and third parties to personalize the ads delivered to you on our site and on other sites. These cookies collect data about your online activity and allow ads to be displayed that may be of relevant interest to you. These cookies also record which ads you have seen and whether you engaged with the ad. These cookies help make sure that the ads you see are valuable to you and not repetitive.

    While we do not give any personally identifiable information to the third-party advertising companies, we may place third-parties’ cookies and tags when you visit a ZignSec website. This practice allows these third parties to collect information from you using these technologies on our websites. The information they collect is subject to their own privacy policies.

    Uses of cookies can vary by country or state. More information is provided in the supplemental privacy notices posted in the Privacy Center or in the relevant website or app.

    2. Your Choices

    For websites in the United States and Europe, ZignSec provides you with the ability to manage cookies that are not essential to display our website using “Manage Your Cookies” Many ZignSec websites only place marketing, personalization, and advertising cookies if you explicitly accept these cookies by clicking “Accept All Cookies” when you first visit the website. If you have accepted cookies, you adjust your preferences by using this link.

    You can manage cookies and delete cookies from ZignSec and other companies using your browser settings. Browsers such as Chrome, Internet Explorer, Firefox and Safari give you the ability to accept, reject or delete cookies. Visit the “help center” for your browser to learn more. Please note that your browser settings are not used to manage Flash or Silverlight cookies. To manage Adobe Flash Cookies, visit the Flash Player help page. To manage Microsoft Silverlight Cookies, visit the Silverlight section of Microsoft’s privacy statement.

    You can also take advantage of industry-sponsored programs that allow you to control the way companies advertise to you.

    The Network Advertising Initiative (NAI) manages an opt-out program for many third-party advertising companies. You can opt out of being targeted by NAI members by visiting https://www.networkadvertising.org/consumer/opt_out.asp.

    On some websites, you may see an AdChoices icon, which may appear on certain targeted ads. You may click on this AdChoices icon to learn more information about the collection and use of your information or to opt-out of such collection in the future. To learn more about the Digital Advertising Alliance Consumer Choice tool, please visit http://optout.aboutads.info.

    Additional information on cookies and online advertising choices are offered by:

    Adobe Marketing Cloud: If you would like more information on how to remove yourself from the tracking and reporting functions performed for this website by Adobe Marketing Cloud, please visit the Opt-Out page at http://www.adobe.com/privacy/marketing-cloud.html.

    Google: For information on how Google Analytics uses data please visit “How Google uses data when you use our partners’ sites or apps,” located at https://www.google.com/policies/privacy/partners.

    In most cases, the choices you make are linked to your browser. If you use different browsers or different devices, you will need to set your preferences on each one. Even if you opt-out, you may still receive ads that are not customized for you, unrelated to your browser settings.

    Although our websites currently do not have a mechanism to recognize the various web browser Do Not Track signals, we do offer our customers choices to manage their cookie preferences as described in the previous section. To learn more about browser tracking signals and Do Not Track please visit https://allaboutdnt.com/.

    Residents of some countries and states have additional privacy rights. Information on these rights is provided in the supplemental privacy notices posted in the Privacy Center.

    3. Social Media and other Platforms

    Our websites may enable you to interact with us and others via social media platforms. This functionality is enabled using social media cookies and tags. For example, some ZignSec websites allow you to sign in using social media platform credentials. Please read the privacy statements provided by your social media platforms to understand how they use your information and to manage your choices.

    We may display interest-based ads to you when you are using social media platforms. These platforms allow us to personalize the ads that we display to you. To enable delivery of these ads, we convert your email address into a unique number. The platforms also convert their user emails into unique numbers using the same process. This allows the records to be matched without any exchange of data elements that can identify you on their own. The platforms perform the matching as a service provider to ZignSec, and they do not retain or use the file that we send them for their own purposes. This process allows the platform to deliver our ads to our customers on the platform. The platforms may gain insights about individuals who respond to the ads we serve.

    4. Other Types of Online Data Collection

    Our server logs record information about users to our websites. We may use these logs for internal purposes, such as website administration, optimization and security. We may also use the data for fraud-protection, personalization and advertising.

    We collect device identifiers and other device-related information, including your device’s advertising ID if available. This information is used to identify the device and authenticate you. We may also use device-related information to associate you with different devices that you may use, including for fraud-protection purposes and to better target advertising. In many cases, you can reset your device’s advertising ID. Both Android and iOS devices enable you to reset your device identifier under the “settings” menu.

    5. A Guide to Cookies and Other Technologies

    Cookies

    Cookies are small text files that websites send to your computer or other internet-connected device to uniquely identify your browser or to store information or settings in your browser. Cookies allow us to recognize you when you return. They also help us provide a customized experience and can enable us to detect certain kinds of fraud.

    First-party cookies are those cookies that are placed by ZignSec. These cookies are used by ZignSec and include all the essential cookies.

    Third-party cookies are placed by another company, including service providers, social media cookies and third-party advertising companies. Cookies placed by third parties can be read by these third parties when you visit other sites in the advertising network, allowing a profile of your online behavior to be created so that the third party can deliver targeted ads from all its customers.

    Flash Cookies and Silverlight Cookies

    A Flash Cookie (also known as a Local Stored Object) is a small data file placed on a computer using Adobe Flash technology. A Silverlight Cookie is a small data file placed on a computer using Microsoft’s Silverlight technology. Flash and Silverlight are applications that allow delivery of dynamic content, such as video clips and animation. These cookies are used to personalize and enhance your online experience, deliver dynamic content, and for security purposes. They differ from “regular cookies” in that they are not managed using your browser settings. See Your Choices above for how to manage these types of cookies.

    Pixel Tags and Web Beacons

    Pixel tags (also called web beacons) are tiny graphic images and small blocks of code placed on website pages, ads, or in emails that allow us to determine whether you have performed a specific action. When you access the pages or you open an email, the tag lets us know you have accessed the web page or opened the email. These tools allow us to measure response to our communications and improve our web pages and promotions.

    Server Logs

    Server logs record activities on our websites. Other types of logs collect similar information from our apps. These logs record information about the device you use to access our website, your operating system type, browser type, domain and other system settings, as well as the language your system uses and the country and time zone where your device is located. Our logs also record the IP address of the device you use to connect to the Internet. An IP address is a unique identifier that devices require to identify and communicate with each other on the Internet. We may also collect information about the website you were visiting before you came to ZignSec and the website you visit after you leave our site.