Then they are free to stop offering gift cards.

Workaround I've experienced in practice: some stores only allow purchasing gift cards with cash. This doesn't allow online-only gift card purchases, so it's not a full solution, just a workaround.

I'm not sympathetic to this point at all. As Patrick McKenzie says, "the optimal amount of fraud is non-zero"[0]. Yes, fraud causes problems for retailers and issuers. But in cases like this one, the result of overreactions and incorrect handling of fraud is severe, mostly-intractable problems for customers. Customers who end up having very little or no recourse.

McKenzie's point is more about how businesses need to accept a certain level of fraud because trying to stamp all of it out will be more expensive and more damaging than allowing some of it. But I'd go further than that: companies should be required to accept some amount of fraud in order to avoid harming their legitimate customers. It should be just another cost of doing business.

[0] https://www.bitsaboutmoney.com/archive/optimal-amount-of-fra...

How it's zero traceability if Apple can see: 1. credit card used to by a gift card 2. who exactly redeemed a gift card.

It can be traced, the problem that they block accounts (probably using on FP prone algorithm) even if a gift card was not purchased using a stolen credit card.

It would be a suboptimal UX potentially (vs live funds on a physical gift card), but Apple could tie the gift card to an Apple ID at purchase with a QR code or something similar, and then permit gifting through the existing Apple ecosystem primitives. Apple could then enforce stronger controls as the value is transferred internally on their internal ledger. In financial services, its all about tradeoffs.

The optimal amount of fraud is non-zero (2022) - https://news.ycombinator.com/item?id=38905889 - January 2024

($day_job is financial services, a component of my work is fraud mitigation)

Why not just ban the user from using gift cards then, instead of banning their entire account between 30 different products under the same company umbrella?

They don’t need to fix insecurity of gift cards, they just need better access controls. Yet they have no incentive right now to tackle that.

> it’s worth calling out just how hard this problem is for retailers and issuers.

I'm having a hard time finding much sympathy. They could always, oh I don't know.. maybe just not sell gift cards? Or have a much lower maximum amount?

I mean yeah, you could take the view that technically the blame really lies with the people trying to use gift cards for theft, but that's not going to be productive.

You seem to be positing that retailers have not option but to issue gift cards and then deal with massive fraud. That's silly. How about not offering gift cards in the first place if you cannot manage the associated fraud without fucking over your customers?

And yet they continue to sell these cards. Why?

It's simple: they're essentially free money. The worst case for them is that the recipient of the card uses the full amount of the card. In that case, the issuer "only" makes the full profit on those sales. Often they do better: the card is used partially or not at all, then lost or forgotten about.

You can see how lucrative they are by looking at promotions. You can often find deals where you can buy a $100 card for $90, or similar. Why would you sell a dollar for 90 cents? Because you know that on average you're selling quite a bit less than a dollar.

As for the fraud risk... do they even care? When gift cards are used for crime, the issuer doesn't suffer. Maybe they have to deal with upset customers, but that's hardly new. Most of the time, the gift card is bought legitimately, given to criminals, resold, used by the secondary buyer, and the only one who suffers is the unfortunate scam victim who bought it.

It would be so easy to make gift cards more secure. Modern technology can do a lot better than an alphanumeric code under a sticky cover. The fact that they don't bother should tell you everything you need to know about how important fraud is for them.