Frequent flyer Programmes are clearly among the popular customer reward initiatives in the global airline industry.
Currently, there are more than 220 Frequent Flyer Programmes (FFPs) on the globe — a number that keeps growing.
Although United Airlines had tracked customers way back in the 1950s, the very first frequent-flyer programme was known to have been created in 1972 by a company called ‘Western Direct Marketing’ for the US-based United. Interestingly, it rewarded customers with plaques and promotional materials!
However, the first frequent-flyer programme that used mileage tracking to ‘reward’ passengers was launched in 1979 by Texas International Airlines.
Undoubtedly, FFPs have grown and become popular, but fraudulent activities too have become a major challenge for aviation’s loyalty programmes. It is not easy to spot “loyalty fraud” and the potential cost to airlines is huge, notes the International Air Transport Association.
An economist’s estimate provided by IATA shows some 23.8tn unredeemed miles in the industry, and with each mile valued at $0.01, nearly $238bn could potentially be at risk!
Cambridge Intelligence has reported that fraudsters have exploited several airline FFPs and that about 80% of frequent flyer fraud is discovered only by “pure accident”.
The schemes are popular with fraudsters because individual accounts are reasonably easy to hack, IATA points out. 
Industry experts say compromised accounts can even be used to launder money through the purchase of points.
Attracted by destination vacations, cash incentives and other luxury items, loyalty fraudsters have made frequent flyer miles a prime target, market analysts say. In January 2015, American Airlines reportedly had as many as 10,000 passwords hacked.
Another US carrier, United Airlines stated thieves made reservations or transactions with miles on up to three dozen accounts.
Alarm bells must start ringing whenever large transactions from unrecognised devices are detected; account access from multiple locations or repeated unsuccessful login attempts made to rewards websites, and tickets purchased under multiple names.
“Miles are money, which is what makes it so attractive and lucrative to fraudsters,” according to an IATA official.
In addition to hacking individual accounts, there are a number of methods used to trick FFPs, according to IATA. One travel agent, it said, stole 3.7mn airline miles from clients by telling them their cheap fares didn’t generate loyalty bonuses, instead adding the miles to her own account! Some 135 flights valued at well over $100,000 were booked before the scam was discovered, IATA said in a recent update.
Another method, the global trade body of airlines says, uses a phishing e-mail that appears to come from an FFP. People are easily fooled by this as they take little notice of what the e-mail address is and don’t suspect a scam asking them to log in to their account for a special offer.
E-mails about bank account details set off alarm bells but one from an FFP may well fall below the personal radar. And one click is all it takes for login details to be stolen, it warns.
Whatever the type of attack — other methods include infected shared computers and fake call centre attendants — FFP fraud is really hard to spot. 
From the user point of view, few people check their loyalty points daily. And from an airline standpoint, it may be that hackers get enough information to prove they are the real users.
“It’s hard to determine what might constitute unusual activity,” IATA cautions.
These days, people accumulate a mass of loyalty points through a variety of conduits and not just an airline booking. And the travel patterns of many FFP members are inconsistent, ebbing and flowing with business needs, the trade body points out.
Furthermore, FFP fraud might be seen by some as a “paper exercise”. Since airlines are effectively giving away unsold seats to frequent flyers, the real cost to them is minimal, they argue. 
The reality is different, of course. Especially, with so many partners offering potential purchases through FFPs, airlines could be forced to pay significant amounts of money.
To combat fraudulent activities like the ones on FFPs, IATA established what is called the Industry Fraud Prevention (IFP) project. 
Set up in 2016, IFP began laying the foundation for fraud detection and loss reduction, supporting airlines and establishing best practices and standards in all aspects of fraud prevention.
Crucially, the work has enabled benchmarking to improve industry performance. Although aviation is one of the most exposed to fraud by the nature of its transactions and loyalty schemes, it appears difficult to measure performance because there are no globally-agreed metrics. 
“The indications are that there is a huge disparity in fraud prevention performance between airlines, making the need for co-ordinated action obvious,” IATA said and noted it is working with member airlines to provide recommendations in card and FFP fraud prevention.
The trade body is also facilitating airline co-operation with international law enforcement agencies, particularly as fraudulent activities occasionally turn out to be related to other crimes, such as human trafficking, drug smuggling, and terrorism.
Most airline customer transactions are certainly genuine, but a small percentage is still fraudulent. To combat this and keep “loyalty fraudsters” at bay, tamper-proof technology coupled with a robust and large-scale data analysis is required.