How to Prevent Coupon Fraud and Abuse in 2023?
Keeping track of coupon redemptions is an uphill battle, even for the most prominent businesses. At one point or another, coupon abuse has affected a vast majority of companies, and this shameful statistic is actually growing alongside the popularity of online promotions.
In fact, around 90% of US consumers admit to using coupons while shopping, while 73% of US retail executives have reported some level of promo fraud. At the same time, businesses in the US lose $300 million up to $600 million each year as a result of coupon fraud. Worryingly enough, 81% of coupon abuse attempts are said to come from serial abusers.
The problem gets particularly serious when it comes to loyalty and referral programs abuse. Alongside coupon, discount, and refund abuse, instances of loyalty and affiliate fraud are some of the most frequent types of ecommerce abuse. Each of them impacted around 25% of the merchants surveyed in 2022. Code cracking, account takeovers, and the use of fraudulent email addresses have become pressing threats to your campaigns.
With the above in mind, the limits of coupon usage should be adjusted to your marketing goals and be flexible enough to face the dynamics of unexpected business changes. With this article, we will show you how to restrict coupon usage and make redemptions a reliable measure of campaign success.
Here is a quick list of my top tips for preventing coupon fraud:
- Generate hard-to-crack codes.
- Limit the number of coupon redemptions.
- Control the coupon activity period.
- Assign unique codes to single customer profiles.
- Introduce budgetary limits.
- Use cart- and order-based coupon redemption criteria.
- Introduce email verification for digital offers.
- Invest in behavioral analytics to detect suspicious activity.
- Monitor IP addresses with a web beacon.
- Create geo-located coupons.
- Monitor redemptions to detect suspicious behavior.
- Control the coupon distribution.
- Avoid coupon stacking
- Use a staging environment to test coupons.
- Control access to your promotion software.
- Don’t reveal everything.
- Invest in a reliable service provider.
I will elaborate on these later in the article, but first, let’s take a closer look at what coupon misuse actually is and what forms it takes.
What is coupon misuse?
Coupon fraud happens when an individual intentionally takes advantage of a coupon offer by using a coupon they are not eligible for, redeeming the coupon multiple times, or using coupons in other ways for monetary gain. Businesses worldwide use coupons to attract and engage potential customers; however, they find it increasingly challenging to target and control coupon usage. Coupon fraud is a threat to both businesses and customers who may be wrongly accused of coupon misredemption or pay more due to retailers trying to mitigate the losses that stem from discount abuse.
What are the most common forms of coupon abuse?
Coupon fraud may take a variety of forms, as the creativity of fraudsters is endless. Let’s have a look at some of the most common types of coupon fraud that affect ecommerce businesses:
- Code cracking
- Redeeming the code multiple times
- Redeeming someone else’s code
- Creating multiple user accounts to take advantage of discounts for new users or referral programs
- Using fake email addresses
- Excessive code sharing to unintended channels and audiences
- Excessive discount stacking
- Abusing cart abandonment promotions
- Abusing affiliation programs
- Creating fake orders to redeem a referral code
- Sending fake complaints to obtain a promo code
- Abusing possible loopholes in a given campaign
As digital coupon fraud becomes increasingly sophisticated, you need to take proper anti-fraud measures to face non-stop bugs exploitation, poor programming, and password cracking software.
How to combat coupon fraud and abuse?
Adequate limits on coupon usage translate into a more accurate ROI and more conversions. By implementing the following tips to your coupon strategy, you can eliminate misuses that misshape campaign metrics and burn your promotional budget.
1. Generate hard-to-crack codes
First things first. You might have implemented the most sophisticated back-end anti-fraud measures but still fail to protect your coupon codes effectively. If you release coupon codes in the form of a firm prefix and two random characters (e.g., THANKU##), the chances of customers guessing the codes are pretty high. Randomly generated codes with an approximate length of 8–12 characters should be unguessable and unique enough.
Let’s take an 8-character long string with 63 possible characters. That gives us 248,155,780,267,521 possible codes (63^8). With random codes, the chances of customers taking an educated guess at the code combination are scant.
You may use alphanumeric character sets to combine letters and numbers, this way preventing fraudsters from guessing the code. Coupon code patterns based on more elaborate (and less obvious) prefixes and postfixes and combinations of lowercase and uppercase letters will also be of use.
Your promotion engine, such as Voucherify, should offer advanced code settings to enable generating varied code patterns that are hard to guess and counterfeit.
2. Limit the number of coupon redemptions
Whether you run a fixed-code campaign or a campaign of unique coupons, you should set the total number of code redemptions according to your goals:
- Coupons can be redeemed only once.
- Coupons can be redeemed X number of times.
- Coupon redemptions are unlimited (not recommended).
The most popular marketing strategy limits voucher usage to once per customer. This practice is common, especially in companies that use public, fixed-code campaigns. The once-per-customer rule is useful in campaigns tuned toward acquiring new customers. After a valid order, you can be sure that a new client won’t use the code again. Other benefits appear while running A/B tests.
By placing a cap on the total number of redemptions, you ensure that the promotion won’t kill your stock. You can also use it to increase users’ engagement by running promotions similar to: “$20 off for the first 200 shoppers with the code ACME2023.”
If you use customizable promotion software like Voucherify, you should be able to set the desired code redemption limit right at the level of creating a campaign. You may choose to limit the redemptions per code, per customer, or per campaign. This approach will definitely protect you from exceeding your campaign budget, and consumers won’t be able to use the same coupon twice.
Learn more: What discount limits should you use?
3. Control the coupon activity period
The more attractive the incentive and the longer the activity period, the bigger the chances of attracting fraudsters. Your coupon campaigns should have firm time limits, such as start and end dates. You can also introduce more time-specific limitations that would make the code redemption even more restrictive. Your coupon campaigns should always end automatically without any intervention needed from your development team to prevent campaign overspending.
Learn more: What are flash promotions?
When setting up a new promo campaign with your promotion tool, make sure to establish the right time frame for your project that will help you meet your business goals related to your campaign and avoid exceeding your profit margin. In Voucherify, you can decide that your campaign will launch and expire on specific dates or that it will be active only on certain days. What’s more, by setting a narrow time limit for a campaign, you will create a sense of urgency that will incentivize end users to take part in the flash campaign.
4. Assign unique codes to single customer profiles
If you intend to run a coupon marketing campaign with unique coupon codes, you should first individualize them (assign them to individual customers). By attaching discount codes to customer profiles, you get better control over how your promotions play out and quickly target codes at the most valuable customers, especially those with the highest CLV rates. This way, only selected customers can redeem the given bulk of codes, protecting your coupon campaign from fraud attempts.
In Voucherify, you can use the “customer allowed to join the campaign only once” option to prevent customers from taking advantage of your promotions, in addition to making selected codes redeemable only by the coupon owner. Besides, it’s possible to build specific customer segments and validation rules to make the coupon valid only for customers who meet all of the conditions you defined and create specifically targeted campaigns.
5. Introduce budget limits
There are multiple ways to guard yourself against exceeding the campaign budget. Here are some of them:
- Limited total number of discount codes that can be generated and redeemed within a single campaign.
- Limited total value of orders made with a particular coupon batch.
- Limited total value of redeemed discounts per campaign or order.
This can be based on either the overall campaign budget you have or, more specifically, a limit on the total amount of coupon discounts you give. You can also introduce restrictions on the total discount value. For instance, you can decide that the maximum discount value is 50$, nevertheless the original order amount and discount value.
Your promotion software should provide all of these functionalities to help you impose the desired budget constraints on your campaign.
6. Use cart- and order-based coupon redemption criteria
Thanks to cart- and order-based limits, you can allow discounts only when the cart value gives a beneficial balance between promotion costs and profits. Moreover, with a minimum amount spent and product-based rules, you can inscribe up-selling and cross-selling into your coupon strategy and maximize your customers’ buying potential. You can use multiple limitations to make sure that only desired orders can be discounted:
- The order must include/exclude selected products.
- The minimum/maximum order value.
- The required minimum/maximum price of all/different products in the cart.
- The minimum number of purchased items.
- Discount applicable only to selected products/SKUs, not whole orders.
You can establish complex product-based limitations in the Voucherify campaign creator. For instance, you can use product filters to exclude selected products from the campaign or group them into collections with applicable discounts to decide which items are covered by the promo code.
7. Introduce email verification for digital offers
Unfortunately, some customers will seek creative ways to attempt fraud. Often, these customers register using fake or different email addresses to take advantage of your digital promotions. Here is what you can do to protect your incentives from email coupon fraud:
- Double opt-in
The double opt-in feature is used to verify the email address of your customers. By sending them a verification email before finishing registration, you can check if the address exists at all in the first place. Verifying customers’ email addresses will help you combat fraud attempts and fake email addresses.
- Block email aliases
An email alias is an additional name for an email account. Fraudsters often use aliases to sign up for loyalty or referral programs to use your incentives multiple times. You should automatically block email aliases from receiving coupon codes and other promotional messages, for example, by blocking email addresses containing “+” in your promotion software.
- Request unique email addresses
You should block users from taking advantage of your incentives by using the same email address over and over again. Your promotion engine should automatically remember and store all the email addresses to prevent users from creating duplicates. To make this measure more effective, you should also remember about lowercasing email addresses: e.g., these two email addresses should be recognized as the same, not unique ones – JeNNa@voucherify.io and JENNa@voucherify.io.
- Watch out for patterns in email addresses
While tracking customer registrations with your promotion software, pay special attention to the email address patterns. If you see a persistently recurring motif, if a certain name-surname-number combination pops up all too often, or if you are suspicious about other similarities between specific email addresses, you may want to verify the users in question.
8. Invest in behavioral analytics to detect suspicious activity
I’m sure you know what Google Analytics is and how helpful it can be for tracking what’s going on in your store. Behavioral analytics delivered by Google Analytics, Woopra, and other analytics tools should tell you a story of customer activity. How does it translate into more secure coupon campaigns? Well, for instance, you can track which customer started referring friends or abandoning orders right after account creation (without even browsing the store), as real shoppers tend to shop around a lot longer. After the suspicious behavior is detected, you can block the user account and reach out to them to verify their identity and intentions.
9. Monitor IP addresses with a web beacon
Many companies offer special sign-up incentives dedicated to new customers only. Welcome coupons are a great way to increase your conversion rates; however, they also attract fraudsters who will open many accounts to receive the discount multiple times. Luckily, you can block these accounts from being opened by placing a web beacon on your site. A web beacon is a code snippet from Google that transmits data from your site into your Google Analytics account. With the help of a web beacon, you can check the device and the IP address of customers attempting to register and successfully block any fraudulent activity.
10. Create geo-located coupons
Geolocation lets you tailor your coupon marketing strategy to a target location. It is not only a fantastic tool for delivering more accurate and timely incentives but also a creative way to secure redemptions. The catch is to monitor customer data and verify their location once the redemption takes place. Such a workflow can be managed with an efficient flow of data between your CRM and promotion software. You can easily create coupon codes limited to a specific country, city, or postal code to track if and where your coupon codes are the most popular.
In your promotion engine, you may want to build special location-based customer segments that will be eligible for selected campaigns. With such geofenced campaigns, you will be able to dynamically monitor users’ locations based on custom attributes and verify their eligibility this way. It’s a good idea to combine geofencing with other redemption limits to secure the campaign even better.
11. Monitor redemptions to detect suspicious behavior
It’s done – you have released a coupon campaign out into the wild. Now, you might be wondering if your campaign is doing fine. Use promotion software with a dedicated analytics view to see all campaigns’ redemption rates to compare them at a glance. By doing so, you’ll quickly figure out the critical parameters of your successful campaigns, and you’ll be able to fine-tune future campaigns.
If you are worried about monitoring failed redemptions that may indicate a fraud attempt, you can connect your redemption gateway to a webhook. Webhooks will transmit the notification about a failed redemption directly to your marketing team (via Slack, email, or another tool). You can use Zapier to model such marketing automation with Voucherify Promotion Engine.
12. Control the coupon distribution
If you decide to run an open-for-all coupon campaign, you need to be mindful of the coupon distribution process. Whether it’s an email marketing campaign or a quick text message, you always need to make sure that each coupon code is assigned to a specific marketing channel to track coupon ROI per channel easily.
Are you publishing multiple coupon campaigns on coupon-aggregating websites? Monitoring your campaigns in such a complex distribution model can be frustrating and inefficient, to say the least. The key is to regularly check if they stick to the promotion guidelines, e.g., if the deal is displayed at the right time and place. Other things to consider when partnering up with coupon aggregate websites include:
- Use a separate coupon campaign for each partner/distribution channel to figure out the attribution right away.
- Create separate redemption gateways to isolate coupon redemptions coming from different sources.
- Manage the lifecycle of your coupon codes by viewing the details of each coupon code.
With Voucherify’s distribution tracking functionality, you can control your codes so they don’t leak beyond your target audience.
13. Avoid coupon stacking
While combining various types of promotions may have a unique appeal to your customers, you may consider introducing some safety measures in your campaigns so that possible stacked redemptions don’t blow your campaign budget. You can block using certain coupons or promotions with each other and limit their joint application to a single product or order to prevent discount overuse. This is not to say that discount stacking is wrong in itself: rather than that, it’s a good idea to build your campaign rules in a way that attracts shoppers at the same time protecting your budget limits.
Learn more: What is discount stacking?
14. Use a staging environment to test coupons
Make sure that your coupon provider offers a sandbox mode where you can test your campaigns before release. You can also start by releasing small-scale incentives (e.g., for a particular location or store only) to check your coupons for any potential weakness without risking burning the whole promotional budget on the first campaign.
In Voucherify, you can use the Sandbox Project. This is a test mode that helps you run use cases and try out the engine’s capabilities. This way, you can check if the campaign you designed is fraud-proof, without compromising the security of the actual campaign.
15. Control access to your promotion software
I don’t want to feed the paranoia, but the security of your coupon offers can be undermined from the inside. Suppose your promotion management software is open-for-all, and its credentials are available to many of your employees. In that case, you run a risk of employees generating reusable discount codes for their personal use.
You should always ask the fundamental questions:
- Who should have access to the promotion engine?
- What should individual users see?
- What types of actions can they take?
With Voucherify, you can assign particular user roles to your teammates and adopt suitable approval policies to protect your digital campaigns from fraud. Thanks to limited permissions and user rights, you will have better control over any modifications to your coupon projects.
16. Don’t reveal everything
It goes without saying that your promotion terms and conditions should be transparent and easy to understand. However, by fully disclosing your coupon code limitations and restrictions, you open up a loophole for abusers to leverage. For instance, you don’t have to disclose the information that a cart-abandoned offer applies to all abandoned carts. To limit the potential of fraud, you can state that cart-abandoned offers will be available only for the first purchase, and not to existing customers. Be careful here, though – obscuring promotion conditions may violate the recent EU’s Omnibus Directive and lead to severe legal and financial consequences.
17. Invest in a reliable service provider
To protect yourself from coupon exploitation and extreme couponers, invest in a reliable SaaS provider that offers all of the voucher fraud prevention measures mentioned above. Pay special attention to high-level security of the promotion engine and check out functionalities such as redemption tracking or email verification. With a user-friendly interface of the promotion creator, you should be able to introduce all the desired budget limits to your campaign and thus shield your business from coupon glittering.
Manage your coupon campaigns to avoid coupon fraud
Mitigating and preventing fraud attacks targeted at your coupon campaigns requires taking appropriate measures and maintaining proper caution. When structured incorrectly, your campaign may bring more loss than profit. In fact, in 2021, the total revenue loss resulting from promo fraud in the US was approaching $89 billion annually.
But, as you can see from the article, there are multiple techniques you can implement to combat coupon fraud and abuse effectively. Sadly, developers are often bombarded with too many requests and unable to manage the coupon campaign and the core product. The best solution is to find professional promotion management software that will handle all the work for you.
Stop coupon leakage with Voucherify