What is promo abuse?

The offers most vulnerable to abuse include:

• Referral programs.
• Sign-up bonuses.
• Free trials.
• Introductory pricing.
• Coupon and discount codes, and
• Loyalty codes.

Promo abuse tends to be most problematic in industries where promotional campaigns are a primary driver of customer acquisition. These include eCommerce, food delivery, ride-sharing and streaming platforms.

The practice is also prevalent in online gaming. Companies in that industry lose up to 15% of their gross revenue from bonus abuse with around 26% of all online accounts fraudulent in some way.

How promo abuse is carried out

Central to most forms of promotional abuse is the creation of multiple accounts.

At the most simplistic level, a customer may create several email addresses (and fake personal details) to claim the same new customer discount or referral bonus multiple times. This process is sometimes called “gnoming.”

Here are some other common forms of promo abuse:

• Promo code stacking – where multiple codes are used in one transaction to receive a more significant discount than the promotional offer intended.
• Loophole exploitation – where users exploit vulnerabilities in the code redemption process. These include the manipulation of code usage limits and the circumvention of eligibility criteria.
• Referral bonus abuse – where users create fake accounts and refer themselves to a company to collect both the referral bonus and the new customer incentive.
• Voucher abuse – vouchers with formulaic codes such as “XMAS2024” or “SAVE10” are easily intuited by some customers. These individuals obtain discounts with codes that weren’t meant for them, or worse still, share the voucher code with others.

More sophisticated scams involve the use of tools to mask IP addresses such as VPNs and TOR browsers. Accounts may also be created to claim bonuses with stolen identity credentials.

Two impacts of promo abuse on businesses

One customer receiving a $15 referral bonus may seem trivial at first glance.

However, the consequences are more serious when one considers that many individuals are repeat offenders and work in organised rackets.

Below we’ve listed two impacts of promo abuse on businesses when the practice is carried out at scale.

Reduced revenue

The most obvious consequence for businesses is a reduction in revenue.

In 2014, a user discovered a loophole in Uber’s referral system and exploited it to amass $50,000 in ride credits.

At the time, the company’s referral program offered $20 to the user for every acquaintance who signed up to the platform through their code.

Over an eight-week period, the user emailed the manipulated promo code “Uber$20FreeRide” to over 700 people. He also shared the code on Reddit and others found it via Google after the search platform ranked the Reddit post for several cheap ride-related keywords.

Poor marketing spend and user retention

For companies that rely on promotional campaigns to attract customers, increase brand awareness and drive sales, promo abuse is especially detrimental.

Promo abuse inflates customer acquisition metrics with inauthentic users. This skews the data on customer behaviour and makes it harder for businesses to track user engagement and craft strategies for long-term retention.

Retention of existing, legitimate customers can also be problematic. When loyal customers realise that abusers receive better deals, they may lose trust in the brand and take their business elsewhere.

How can businesses prevent promo abuse?

Businesses can take proactive measures to prevent promo abuse without alienating their legitimate customers.

Here are some of the most effective strategies:

Robust KYC procedures

Implementing a robust know your customer (KYC) process helps verify the identity of users before they can claim promotional offers.

This can be as simple as the use of multi-factor authentication to verify email addresses, phone numbers or even identities for high-value promotions.

More complex solutions involve machine learning algorithms to develop risk scores for each customer.

These are based on methods such as:

• Fingerprinting – to identify and track users who abuse promo codes and/or create accounts on the same device.
• IP fraud score analysis – where the risk associated with a user’s IP address is scored. An IP address associated with a VPN, proxy server or location that differs from the user’s account details is considered high risk.
• Behavioural checks – to analyse patterns and detect abnormal behaviour such as the creation of multiple new accounts in a short period.
• Velocity checks – these measure the speed with which promo abuse occurs. For example, how quickly a user claims rewards or vouchers after account creation.

Note that businesses must always be wary of the friction that additional verification checks introduce for legitimate customers.

Communicating terms and conditions

One of the most simple ways to reduce promo abuse is to create clear and enforceable terms for promotional offers.

These terms should specify:

• Who is eligible for the promo.
• How many times it can be used.
• How violators are punished.
• When the promotional expires, and
• Any other restrictions.

While clear terms and conditions do not deter every fraudster, communicating them across multiple channels does discourage promo abuse and educates customers on the potential consequences.

Taking the time to define terms and conditions also forces businesses to think about how their promotions could be exploited in the first place, and prepare accordingly.

Smarter code management

Some platforms (such as Voucherify) offer enterprise promotion software that enables businesses to build, manage and track coupon codes at scale.

Businesses can protect themselves from coupon fraud by assigning them to individual customers. They can also set redemption limits and specify that codes are for one-time use only.

Limit the value of promotions

Promotions need to be attractive enough to entice new customers to become repeat customers. However, if the offer is too enticing, it inevitably attracts exploitation.

Businesses need to be careful when offering cash reward schemes in particular. These are especially vulnerable to fraud because of the attractiveness and versatility of cash.

Cart abandonment offers are also well-understood and easily manipulated. It is important to err on the side of caution with discounts: sometimes a short email is all that is required to remind the customer to complete their purchase.

Summary:

• Promo abuse refers to the exploitation of promotional offers such as discounts, coupons, sign-up bonuses or referral rewards by users in ways that are unintended by the business.
• Common forms of promo abuse include discount code stacking, voucher abuse, referral bonus abuse and loophole exploitation – where vulnerabilities in the promo redemption process are exploited.
• There are several ways a business can proactively protect itself from promo abuse. Robust KYC procedures and clearly defined terms and conditions are good places to start.