business news in context, analysis with attitude

The New York Times over the weekend had a story about how “ loyalty programs, as they shift from paper and plastic to apps and websites, are increasingly tracking a currency that can be more valuable than how much you spend: personal data. As a result, the programs know things about you that some of your friends may not, like your favorite flavor (mango), when your cravings strike (early afternoon) and how you pay (with your Visa), in addition to billing details and contact information.”

As this shift takes place, the story points out, “hackers are in close pursuit.” The story notes that conservative estimates are that “$1 billion a year is lost to crime related to the programs,” and that fraud related to digital loyalty programs more than doubled between 2017 and 2018.

The Times points out that “loyalty programs are ‘almost a honey pot for hackers,’ said Kevin Lee, a risk expert for the digital security firm Sift. They tend to be, he said, ‘the path of least resistance’: easy to sign up for, shielded by flimsy passwords and often neglected by users. The programs, and their appetite for data, have grown, but security has not kept pace.”
KC's View:
Two things here.

One, retailers have to remember that if things go south in their loyalty programs because of hackers, they are going to have to take responsibility, because consumers are going to assign the blame to them. Just deal with it, and don’t try to pass the buck.

Second, there was an interesting line in the story: “There are at least 3.8 billion rewards memberships in the United States, more than 10 per consumer, according to research from LoyaltyOne, a loyalty advisory company.”

This makes me wonder how many of those loyalty memberships are with competing companies … how many people belong to three or four supermarket programs, two or three drug store programs, etc… And if they indeed to multiple programs in single retail segments, how loyal are they really?