Digital Coupon Fraud by Jay Johnson and Patrick Seaman January 2013 STRATEGIC WHITE PAPER STRATEGIC WHITE PAPER CHALLENGES • Fraud efforts increasingly sophisticated • Costs US businesses $500m TAKEAWAYS • Learn scope & scale of modern coupon fraud • Learn how today’s digital coupon providers are combatting coupon fraud
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
DigitalCouponFraud
by Jay Johnson
and Patrick Seaman
January 2013
STRATEGIC WHITE PAPERSTRATEGIC
WHITE PAPER
CHALLENGES
• Fraud efforts increasingly sophisticated
• Costs US businesses $500m
TAKEAWAYS
• Learn scope & scale of modern coupon fraud
• Learn how today’s digital coupon providers are combatting coupon fraud
With a focus on digital coupons, this White Paper is intended to provide an overview of the problems brands and retailers face from coupon fraud in general, and the counter measures leading digital coupon platforms are employing to combat coupon fraud and “misredemption.”
Coupons are a huge staple of life in the United States, and, increasingly, around the world1, such as the 629% growth seen in India in 2011.2 Online and mobile coupons lead the growth.
In July 2012, Arizona law enforcement discovered $25 million in counterfeit coupons in what was described as “the largest counterfeit coupon ring in the country.”6
"These aren't '50 cent off' coupons. These are 'free item' coupons… you get this
coupon from her for $10 and you can get a $70 item...If you can get an unlimited
number of those, think how this grows."
– Business Insider
Organized Coupon Fraud Crime
In 2008, coupon clearinghouse International Outsourcing Services was indicted for a scheme to dump large numbers of unused coupons into the legitimate stream of incoming coupons, defrauding providers of more than $250 million over 10 years.7
Businesses and industry groups are very serious about the issue, as evidenced by a recent $100,000 reward9 regarding the arrest and conviction of sophisticated counterfeit coupon making individuals. See the example counterfeit coupon:
These sophisticated counterfeit coupons, complete with watermarks, barcodes and other information that would not appear on legitimate coupons, are often posted on sites such as 4chan.com, (which is infamous for file torrents, adult content, child pornography, anti-Semitic, racist content – alongside innocuous material ranging from sports to origami).
Note that Coupons, Inc. Coupons never have their logo on the face of the coupon as is shown in the previous slide.
More common fraud involves individuals and store employees, such as the Hanford California Walmart employees who defrauded their store out of up to $25,000.10 Employees printed phony coupons from the internet, including one that claimed $50-dollars off a $50-dollar American Express gift card.
Police said the operation was sophisticated, involving cashiers who would ring up the coupons and customer service managers who would approve the transactions and barcodes that would successfully scan at the cash register. It wasn't until Walmart received thousands of coupons back from the manufacturers that they realized the coupons were fakes.
Another example is a University Student who the FBI estimate defrauded Procter & Gamble out of $200,00011. The student counterfeited coupons designed to look like real coupons from the website www.smartsource.com. The coupons ranged from lower priced items like energy drinks and cosmetics to expensive items like XBOX's and PlayStations.
The student also went so far as to give out advice to other people about how to commit this kind of fraud on hacker-affiliated websites
Two men were arrested on Long Island for using expired coupons at multiple stores. Target stores alone reported $570,000 in losses12.
The men would persuade cashiers to swipe the coupons four or five times to build up the dollar amount. Target's internal security discovered a pattern in the scam, fired several cashiers and alerted police.
Four Kroger cashiers were arrested for defrauding Kroger out of $70,000 by using override keys to change coupon discount amounts13. The cashiers claimed they were paid by the owners of a flea market to override coupons that did not match the merchandise being checked out.
The list goes on and on. Coupon fraud costs stores, brands, manufacturers – and consumers.
Coupon fraud affects large and small businesses alike. Counterfeit manufacturer coupons target the full spectrum of retail brands ranging from Pepsi to Coke, Frito Lay to Nestle, from Unilever to Hershey’s, Dunkin Donuts, Kellog, Kimberly-Clark, Hasbro, Raovac, Georgia Pacific, Energizer, Clorox, ConAgra, Folgers, Reynolds, Pfizer, Kraft, 3M, P&G, Butterball, Rain-X, Palmolive, Del Monte, Ben & Jerry’s, and on, and on, in a seemingly unending list.14 Even brands that don’t issue coupons are affected by counterfeit coupons. Both brands and retailers lose millions each year to coupon fraud.
For national brands, fraud losses could be a significant annual report line item, along or combined with shrinkage, or lumped in with chargebacks from vendors, cash loss, or markdowns. Smaller businesses, using coupons to drive customers, don’t have deep pockets and can be driven out of business by fraudulent coupon use or even group discount sites, like Groupon.15
Historically, the coupon redemption process has not provided a great deal of data to help measure fraud. The Loss Prevention Research Council reports16 that, overall, 80% of retailers “don’t know” what percentage of coupons received in their stores are fraudulent.
It should come as no surprise, then, that there is something of an arms race between those who issue coupons and those who (ab)use them.
Digital coupon services and platforms, such as Coupons.com, Coupon Factory and Qples Coupons, have developed and employ many strategies to combat coupon fraud and abuse.
This White Paper will review many of these, however, some specific technologies, techniques and proprietary methods will not be discussed in detail, to avoid providing ammunition to fraudsters.
Fraudsters look first for loopholes and weaknesses to exploit – such as using a coupon intended for one product – for a different one, or using expired coupons, etc. It doesn’t stop there. Like currency counterfeiters, this is a technological arms race. Coupon counterfeiters and legitimate coupon issuers are in an escalating war of measures and countermeasures.
The following sections describe many of the forms of coupon fraud and what is being done about it. The tables in each section describe examples of exploits and problems, and, using publicly available information, how the leading digital coupon providers approach each issue.
Please note that coupon issuers usually state that they do not publicly disclose all of their methods and strategies. So, the examples below are not comprehensive, but provide a high level overview of the kinds of issues digital coupon providers face.
Like taking a twenty-dollar bill and copying it on a photocopier, one of the simplest forms of coupon fraud is the practice of printing duplicate copies of genuine coupons that were intended for single use (such as one per household or person), and redeeming multiple coupons at a store or stores. Retail chains try to train checkout clerks to spot and avoid redeeming copied coupons, but this is an uphill battle.
To combat coupon copying, several methods are commonly used, including forms of watermarks, micro-printing, special color features, and technology that prevents or makes it difficult to print more than one coupon on a computer. Digital coupon providers often do not display the actual coupon on the computer screen, to prevent screen grabs. They will sometimes also prevent the redirection of a print to, for example, “Print to PDF” or other feature that would save a local digital image.
Another coupon exploit is to use a coupon for a different product than it was intended for. In some cases, the barcode on a coupon can be “matched” at a store register with another product from the same manufacturer. This practice received media attention when the reality TV series “Extreme Couponing” appears to have shown17 a couponer having “decoded” barcodes and constructing a list matching those codes with products other than the intended ones. The industry has made changes to the barcode technology to attempt to block this exploit.
Some digital coupon providers now add some level of personal information to the coupon, such as a name, email address and even some level of address information such as city and state and zip code. One method used is to simply ask the user to type in their information. A common method for doing this is via Facebook.
Companies ask you to “Like” them, granting them permission to pull the users information. The practice is growing fast, and businesses like the idea of being able to learn more about their customers. Not surprisingly some couponers advocate18 creating fake Facebook and email accounts to avoid having their information printed on the coupons.
In addition to legacy barcodes, many coupons have now added a new barcode standard “GS1 DataBar Barcode”19 that significantly increases the amount of data stored in the code. Instead of 12 digits, the DataBar can store up to 74 characters.
The new standard provides minimal human-readable text, making coupon “decoding” much more difficult. Phase-in of the new standard is ongoing as older point-of-sale systems need to be updated to support the new standard.
Sites like couponsthingsbydede.com and thecouponmaster.com/ not only aggregate coupons, but charge handling fees to consumers. Coupons often say on the coupon itself that any transfer makes the coupon void. Purchasing coupons is a transfer.
“We're not a fan of that… The way they acquire those coupons is not
always legal." -- Curtis Tingle, senior vice president at Valassis, publisher the
RedPlum circular that reaches more than 60 million households 42 times a year…20
In 2008, coupon clearinghouse International Outsourcing Services was indicted for a scheme to dump large numbers of unused coupons into the legitimate stream of incoming coupons, defrauding providers of more than $250 million over 10 years.21
“IOS directed its employees in a Mexican coupon processing plant to mix the
unredeemed coupons with the redeemed ones. The brokers signed up stores that
would claim the coupons came from them for a piece of the payback.”22
As with the above table comparing general features, the table that follows lists various fraud prevention features that the example companies list or describe on their websites, press releases or are described elsewhere.
The availability of information varies from company to company. Some features may be substantially the same, but are described with different terminology between companies.
If an answer was not found, it is left blank and does not imply a yes or a no.
Like many areas of the economy that have radically changed due to the pressure of rapidly evolving technology, the coupon industry is typical. Institutional inertia keeps many long-standing industry processes and practices intact. Not surprising given the 330 billion coupons issued annually in the USA alone23.
Early pioneers in change, especially industry giant coupons.com, founded in 1998, fought long battles of industry acceptance and the negative press of early fraudsters giving “printable coupons” a bad name.
With newspaper circulations in a long-term decline (see list of defunct newspapers24), there is much hope for the rapidly growing online and mobile space – which includes the online editions of many newspapers and magazines.
Next-generation digital coupon platforms fully embrace both traditional distribution models as well as the emerging markets generated from social media and, increasingly, mobile.
Control over the lifecycle of a coupon, with real time redemption, advanced analytics, and direct connections with the actual consumer via social distribution significantly increase the value of a single legitimate coupon redemption.
At the same time, these advances in digital coupon sophistication raises the stakes in the continuing conflict with counterfeiters.
Jay Johnson is CTO of Qples.com, a next-generation digital coupon platform with industry leading security and analytics. Mr. Johnson founded Thunderduck Social Hatchery in 2000 as a web development and web marketing company. Thunderduck was rebranded as Qples – “Coupons People Share” and expanded operations to include both the USA and India. Contact Jay at [email protected], and www.linkedin.com/in/jayjohnsonqples.
Patrick Seaman is Chief Technology Advisor to Pepperwood Partners and COO of the social publishing platform company WhichBox Media. Seaman is the former COO of the video eCommerce company Cinsay, and former Director of Technology at Broadcast.com. Patrick serves on the Advisory Board of Kraftwurx Inc, and Qples, Inc. and on the UT Dallas School of Natural Sciences & Mathematics Advisory Council, and is an IEEE member. Contact Patrick at [email protected], [email protected] and www.linkedin.com/in/patrickseaman/.
Pepperwood Partners is a boutique investment banking advisory firm headquartered in Dallas, Texas. Pepperwood provides a suite of investment banking advisory services to businesses in the technology, media, telecom, nanotechnology, energy and alternative asset sectors. With a strong focus on institutional relationships in the Russian, European, and CIS regions, Pepperwood works with businesses to achieve capitalization and growth objectives.