Fraudsters target loyalty schemes for easier gains

It has become practically impossible to keep up with the number of loyalty-related security breaches. In today’s edition of “Who Got Hit?”, we read that Tesco is sending security warnings to 600,000 Tesco Clubcard loyalty members following fraudulent activities[1]. The breach is suspected to be attackers trying to ‘brute-force’ their way into the loyalty system, using stolen credentials, potentially from a different breach. In recent years, fraud associated with loyalty has been on the rise. According to a 2019 report by Forter was an 89% increase in loyalty related fraud, from the previous year.

The Yin Yang Twins: SRC and W3C’s Payment Request API

In the world of online payments (card not present), two issues that seem to be unavoidable are:

•   Continuous rise of card-not-present fraud.  Fraud rates for card not present are running at between four and ten times greater than card present depending on merchant sector

•   High cart or basket abandonment rates. Average e-commerce abandonment rate is of the order of 65%, with 24% of customers at merchants using 3DS 1.0 abandoning the transaction after starting the checkout process.

Mobile Payments and Acceptance: The Future Is Soft

The last year has seen a lot of activity in the mobile payment ecosystem with regards to the risk associated with Consumer Off The Shelf (COTS) devices becoming not only a payment method (Google Pay, Samsung Pay etc) but more significantly becoming payment terminals ready to accept payments. A ‘COTS device’ is a mobile device (e.g. phones & wearables) intended for distribution and use by the mass-market, and traditionally were not designed exclusively for making or accepting payments. 


Subscribe to our newsletter

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

By accepting the Terms, you consent to Consult Hyperion communicating with you regarding our events, reports and services through our regular newsletter. You can unsubscribe anytime through our newsletters or by emailing us.