Fraud detection in Zinrelo's Refer a Friend module

The document explains the fraud detection mechanisms built into Zinrelo's Refer a Friend module.

Zinrelo’s Refer A Friend (RAF) functionality is built in such a way that it mitigates the possibility of fraud to a huge extent. The functionality relies on fraud prevention by making it difficult to game the system rather than relying upon techniques that gather critical data like user’s IP and geo location.

Here is how Zinrelo’s RAF functionality works:

  1. Users share their referral link either via the standard Refer A Friend widget or the Refer A Friend activity under their loyalty dashboard powered by Zinrelo.

  2. Friends click on the link and land on the website. On the website, as soon as they land, they see a popup with a message that says that because they were referred by another user, they are eligible for a reward. The popup asks them to enter their email address to get their reward.

  3. Friends then enter their email address to get a reward coupon on their email address.

  4. When a friend creates an account and makes their first purchase, the user who referred this friend earns a reward.

This is how the above approach helps us prevents fraud :

  1. In order to get their referral link, users have to authenticate themselves with the website. They cannot simply enter an email to get their referral link.

  2. Before launch, Zinrelo recommends importing all your existing users to Zinrelo to help Zinrelo identify existing customers. In order to get a reward, a friend has to be a new customer. If they enter an email address that already has an account, the reward coupon will not be emailed to them.

  3. In order for the referrer to get a reward, the friend has to make a purchase.

  4. Zinrelo also recommends that the coupons dispatched to the friends be set up as-

a. One time single use coupon code.
b. Only valid on first order.

  1. The only way that remains for someone to game the system is to have multiple legit accounts with different email addresses which no system will be able to prevent. In order to mitigate this, Zinrelo recommends setting up a moderation process before dispatching the referral reward to the sharer.

  2. Zinrelo also has the ability to have frequency caps on the number of times a sharer may get rewarded in a given time frame.

With #2, #5 and #6, ZInrelo is able to prevent 95% of the potential fraud. Any additional measures will only add a small incremental protection at the cost of user inconvenience because it will likely disqualify some genuine referrals as well. E.g. IP address is shared by all users in a company so IP based blocking may block a colleague referring another colleague

Summary:

  1. The functionality relies on fraud prevention by making it difficult to game the system rather than relying upon techniques that gather critical data like the user's IP which only provide small incremental benefit at the cost of user inconvenience.

  2. Zinrelo’s approach prevents fraud to a great extent. The small amount of fraud that may happen is when someone has multiple legit accounts with different email addresses which will be harder for any system to mark as fraudulent.

  3. Zinrelo recommends various techniques like frequency caps, setting the coupon to be valid only on first order , and a manual review process to mitigate the risk of fraud.