The fight back: loyalty card subversion / by Dan Lockton

J Sainsbury, Colliers Wood. This photo's been used before on the blog It's inevitable that for every attempt to cajole or impose control on users, there will be some people who seek to avoid or circumvent it. As Crosbie Fitch put it in a recent comment, "humans are designed to explore the parameters of their environment and to adapt to them".

Supermarket loyalty cards are an interesting example of this. Whilst not a rigid method of control - more a method of persuasion - their ubiquity and fairly clear agenda make them common target for intentional avoidance, or subversion. For every person who hasn't signed up out of just-not-being-bothered, there is probably at least one who doesn't trust what will happen to his or her data, even if it's only a vague feeling of unease. And there is a small segment of customers who will (admirably) attempt to manipulate the system, either for their own gain, or simply out of an inquisitive or rebellious spirit.

Image from Cockeyed.comImage from Cockeyed.com

Rob Cockerham's 'Ultimate Shopper' is one of the most famous (and apparently successful) 'white hat' attempts to subvert a loyalty card system: Rob replicated the barcode (scanned by the cashier) from his Safeway Club card, and sent out dozens of copies of it to friends and readers of his website, with the aim of creating an 'interesting' customer profile on Safeway's system: one who bought vast quantities of products each month, right across the country:

I want to take the credit for all of my shopping, and for your shopping too!

...

Anyone who does this will be lumping their shopping data together with mine. Together we might amass a profile of the single greatest shopper in the history of mankind.

You will still get club card savings, but you will miss out on the odd promotions they have from time to time. Actually, some promotions are awarded at the register, so you may continue to benefit from those, although the rewards will be utterly unpredictable.

Actually cloning the data on the magnetic strip, to create a more foolproof (and less detectable) set of cloned cards, would be another step. Depending on the structure of the supermarket's loyalty scheme, there may well be thresholds above which the 'rewards' for customers increase substantially, and assuming the participants in the cloning scheme can work out a fair or acceptable way to share their rewards, this could mean greater benefits for all of them than actually using their cards individually.

An alternative scheme is Rob Carlson's 'Giant BonusCard Swap Meet' where card-holders from Giant ("a large supermarket chain in the Baltimore/DC area") swap details with other card-holders in order to give themselves more privacy - from a 2003 article:

Carlson's site works like this: You enter your Giant card number on a form. It puts this number into a pool of numbers gathered from participants. Drawing from this pool, it displays for each visitor a bar-code replica of someone else's number, allowing the visitor to print it out and tape onto his or her own card. Should you actually take the time to do this and then visit the local Giant to use this card, you are, to Giant, someone else. If enough people do this, the argument goes, Giant's shopper profiles are rendered muddied and ultimately useless.

A Wired article from 2003 on Rob Cockerham and Rob Carlson's projects.

Are there other similar examples?

[An additional aspect of supermarket 'fight back' borders on actual theft but is surely extremely common: when supermarkets' self-service systems (e.g. for weighing loose fruit and vegetables) allow customers to print out an appropriate barcode label, there's also (inevitably) the possibility of the customer, er, adjusting the process in his or her favour. If I buy an organic apple that costs more per pound than a non-organic apple, and ostensibly looks the same, what's to stop me entering the details for the non-organic apple and thus paying just for that? There may be CCTV watching the self-weigh units, but is the resolution good enough to tell the difference between different types of apple? Will the checkout assistant be able to tell the difference?

Of course, where these self-print systems are used in conjunction with self-scan systems (where the customer uses the scanner), there's even more potential to 'get away' with things, whether that's just under-weighing your goods or just pressing the button for the cheapest item each time - often, in the UK, onions - no matter what you're weighing. There's also significant potential for legitimate mistakes here. Since the CCTV can't read at that resolution, and you have a barcode for each item, you'd probably get away with it. Please note, I'm not advocating this, just pointing out a particular weakness of this aspect of retailing technology.

Getting back to the point, if the above onion trick is combined with a loyalty card which tries to build a customer profile, we'd end up with a customer who buys an enormous amount of onions and no other loose fruit or vegetables. That might be suspicious in itself; if the customer has a loyalty card, he or she could be identified and investigated; otherwise there would be no way of tracing the mystery onion-buyer. Thanks to a friend for this observation]