How to Reduce Bonus and Promo Code Abuse in Food Delivery [Guide]
Prevent promo code abuse in food delivery apps: Learn about the growing issue of bonus abuse fraud and how to combat this sophisticated threat.
Promo Code Abuse in Food Delivery: Why It’s a Problem and How to Deal With It
While account takeover and card-not-present fraud receive more attention, bonus and promotion abuse have become a serious concern for gig economy apps over the past few years. According to a 2021 Ravelin report, there was a 57% increase in promotional abuse from the previous year, with ride-hailing and food delivery apps being hit the hardest. Rather than subsiding after the pandemic, promo abuse has only become more sophisticated as bad actors learn the most efficient ways to execute it. Platforms that overlook promotion abuse risk supporting bad actors instead of new user acquisition.
How does promo abuse in food delivery work?
While it may not be worth the trouble to block a single customer using both their personal and work email addresses to use a promo code twice, organized fraudsters can leverage the loopholes that exist to execute these scams at scale. This usually involves using multiple devices to install several instances of the app or app cloning techniques to run multiple instances of the same app on each device. If able to create multiple accounts, they then claim as many promotional credits and discounts as possible. Using this strategy, a single individual can make thousands in misappropriated promotional funds and tanking return potential of the acquisition campaign.
However, to make matters worse, these schemes often involve many people hired to execute the fraud. In a “fraud farm,” a team of people can have dozens of devices at their disposal. Successfully banning a user here and there is not going to prevent a scam like this from continuing, and it may lead to significant losses for the affected company over time.
Additionally, it is often difficult for platforms to see the full extent of the promotional abuse problem they’re dealing with. Without the ability to recognize the same person regardless of the device or account they are using, there is no reliable way to tell the difference between bad actors and legitimate customers.
How does promo abuse hurt delivery platforms?
While the most damaging promo abuse schemes rely on multiple people, devices, and accounts, even a solo operator can exploit a promotional campaign. In 2015, an Uber user changed his personal referral code to “uber$20freeride” and mailed it to his entire contacts list, after which it eventually started ranking in the top search engine results for “Uber promo code.” By changing the code to something more SEO-friendly and allowing strangers to use his referral code, the rider broke Uber’s policy requiring users to actually know people who sign up using their referral code.
The user in question managed to earn around $50,000 in Uber credits and eight weeks’ worth of free high-fare rides (>$200) before Uber flagged his account and uncovered what had happened. Uber’s typical margin per ride is 25% of the fare; given that the rides were taken using credits, that means Uber was out their typical 25% take as well as the driver’s 75% for each of these high-fare rides, both for this rider and potentially anyone else who learned how to exploit the referral code in the same way. Safeguarding digital coupons has only become more prevalent since 2015, with digital coupon redemptions surpassing $90 billion in 2022.
At scale, the impact only worsens. The fake accounts created by a fraud farm or a single dedicated bad actor can number in the thousands, negatively impacting a company’s ability to gather data about new user signups, the success of promotional campaigns, the best use of campaign budgets, and growth metrics for reporting. According to Forter, 81% of coupon abuse attempts are from people who have already previously abused coupons in the past.
Depending on how robust an app’s signup process is and which personal information is required, the only limit a potential fraudster has is their own time and dedication to the scheme. In other words, fake promo code abuse via multi-accounting is an example of a low risk and high reward scam.
Giving promotional credits allocated for hundreds or thousands of different users to only a few represents an ineffective use of that budget and can present a skewed picture of marketing metrics. In 2019, CustomerGlu found that surveyed companies were spreading anywhere from 4-16% of their annual revenue on offers campaigns—a significant amount. In other words, promo abuse can cost a company significant amounts of money that they won’t earn back in the form of new user acquisition.
How can food delivery apps reduce promo abuse?
As mentioned above, promo abuse can quickly turn into an “unknown unknowns” situation for fraud and risk teams. Because it is difficult to track the same users across new accounts and devices, it is difficult to measure the full scope of the problem. What we do know is that multi-accounting is one of the main techniques enabling promo abuse. So how do platforms put the brakes on multi-accounting?
Using a location technology that includes strong tamper-detection is one effective approach. Incognia’s location technology uses highly precise location signals to capture behavior data and create a highly individualized “location fingerprint” for each device. The high precision of the location signals used means that even if a bad actor switches devices, they can still be identified and blocked with place-level accuracy, meaning higher successful ban rates and lower false positives.
Location intelligence can also provide context that enables fraud terms to intervene further upstream in the user journey. Incognia’s Suspicious Locations feature is one example of that context at work; Suspicious Locations can identify areas with a high density of risky devices (i.e., devices previously associated with fraud cases, devices using app cloners or app tampering tools, etc.) and give platforms the option to preemptively block activity from that location, preventing promo abusers from multi-accounting. Customers also have the opportunity to add flagged locations to a watchlist that can be made available to other Incognia customers, strengthening the intelligence capabilities of fraud teams across the customer consortium.
Promotional campaigns are effective customer acquisition tools. Things go wrong when bad actors find loopholes to channel the rewards intended for the many to just a few. More effective device fingerprinting and user identification signals, like tamper-resistant location, can prevent multi-accounting and protect promotion campaigns.
To read about how Incognia helped one food delivery company reduce fake account creation by 51% and overall fraud losses by 5%, explore the food delivery case study here.