After the Choice Platform became available in high street shops (Introducing GiftChoice for Ultimate Gift Card Experience – A Product I am Proud to Lead), it was only a matter of time before it became a target for scammers. It was 4 AM in the USA, and I was in deep sleep enjoying my holiday when my phone buzzed with a message from my lead developer. Something wasn’t right. Our analytics showed that we were issuing more vouchers than actual sales—which meant only one thing: either we were doing something wrong, or we were being scammed!
I jumped out of bed and called my team. After investigating, we found out how the scammers were pulling it off, and honestly, I had to admire their creativity.
How the Scam Worked
Here’s what they were doing:
- They’d load up their shopping basket with groceries and 4-5 GiftChoice cards.
- At the checkout, they made sure the cashier scanned the gift cards first—activating them in our system.
- While the cashier scanned the other items, they quickly scratched the gift cards, got the voucher codes, and redeemed them online immediately.
- Within seconds, they received their preferred retailer gift card in their email.
- Then, they’d pretend they “forgot their wallet” and ask to cancel the purchase.
- The cashier could cancel the groceries but not the gift cards because they had already been redeemed.
And the end result? We were losing money by sending them gift cards without a sale.
A Quick Fix at 4 AM
We needed a complete solution, but a clean, fullproof solution required cooperation from retailers, payment processors, and our partners—which would take multiple days. But we couldn’t afford to lose money while waiting for a permanent fix.
So, I came up with a quick and simple hack:
➡️ Add a 30-minute delay before a card could be redeemed.
How This Stopped the Scam Instantly
When a cashier swipes the card, it gets activated in our system, and our redemption process checks if the card is active before processing it. I simply asked my team to add a rule that says a card must be activated for at least 30 minutes before it can be redeemed. Luckily, we managed to add this rule in a stored procedure that was quick to implement without any release procedure.
🚀 Result? The scammers were blocked immediately.
The best part? 99.99% of our real customers do not redeem their gift cards right after buying them, so the delay didn’t affect them at all. But for scammers, it completely ruined their plan.
It wasn’t the most high-tech solution, but sometimes, the simplest ideas work best. This quick fix stopped the fraud overnight and saved us a ton of money. The scam on the Choice platform was a wake-up call, but it also showcased our team’s ability to think on our feet and act decisively under pressure.
Moral of the story? Even on holiday, always be ready to think on your feet.