Protect Your Bottom Line Against Promotion Abuse

Fraud is a costly reality and a challenge to tamp down in today’s omnichannel retail environment. In 2023, the retail industry experienced the largest percentage (8.7 percent) of suspected fraudulent digital transactions globally, a 21 percent increase over the previous year, and 34 percent growth in suspected digital fraud volume year-over-year according to TransUnion’s 2024 State of Omnichannel Fraud Report. The most prevalent type of suspected fraud was promotion abuse, in which case bad actors take advantage of retailers by creating fake accounts to obtain multiple special offers and discounts, greatly impacting retailers’ bottom lines in the process.

Retail presents an attractive target for fraudsters, as new accounts can be established with relatively little information. Often, a name and phone number or email address are enough to get signed up and start taking advantage of promotional offers such as coupons or limited-time deals. For e-commerce merchants, taking a minimalist approach tends to sit well with consumers, who simply want a friction-free experience while shopping, whereas retailers that introduce more hoops to jump through usually face higher cart abandonment rates and see competitors pick up their lost sales.

Eliminating instances of promotion abuse fraud while continuing to offer compelling deals to prospective customers sounds like it might be too good to be true. However, retailers have opportunities to widen the gap between bad actors and verified consumers by arming themselves with the proper tools and processes to better protect their bottom line. Here are three steps to incorporate:

1. Integrate ID verification into sign-ups.

One of the easiest ways to help verify a prospective customer is to deploy identity verification based on contact information that the customer provides. Those basic pieces of information — name, phone number, email address — are tied to countless other pieces of data in the universe. It's critical that merchants examine these data points against one another before an account is created. Basic identity verification services can more rapidly and discreetly run contact information against rich data sets, including device and public data to uncover anomalies that alert retailers to risk.

2. Subject suspected bad actors to greater scrutiny.

Once an identity has been flagged as risky, that user can be funneled through additional authentication processes. Retailers can work with security specialists to create a protocol (e.g., using a one-time passcode (OTP) to verify possession of a phone number) that would capture more data to inform if a user is legitimate. While flagging false positives is a risk, it's likely to be a small group of customers who would be subjected to additional friction in the sign-up process. Most legitimate customers should move through the initial verification step with enough ease and speed that their customer experience would be preserved.

3. Augment efforts with sophisticated fraud-detection models.

As fraudsters increase their attacks on all fronts, retailers may benefit from incorporating more sophisticated fraud-detection models that can screen for synthetic fraud in both new accounts and in existing profiles. The objectives of applying such robust tools would be to, first, stop bad actors before they have a chance to infiltrate and exploit a retailer and, second, isolate any suspicious accounts for further investigation before costs are beyond recovery.

The customer experience is critical to making sales and generating revenues, and retailers can find a security approach that protects their own interests while clearing a path for legitimate consumers.

Richard Tsai is senior director of global fraud solutions at TransUnion, a company that offers total credit protection all in one place from credit score, credit report and credit alert.