The landscape of gift card fraud has shifted dramatically. Two years ago, the dominant attack vector was simple: stolen card numbers and brute-forced PINs. Today, the threat surface has expanded to include AI-generated synthetic card data, sophisticated carding networks, and real-time balance-draining schemes that can empty a card within seconds of activation.
What's Changed in Fraud Patterns
Traditional rule-based fraud systems โ threshold alerts, velocity checks, IP blocklists โ were effective when attacks were slow and predictable. Modern fraud operations are industrialised. They operate with the same engineering discipline as legitimate SaaS businesses: automated infrastructure, rapid A/B testing of attack vectors, and near-instant pivoting when defences adapt.
In 2026, three trends dominate the threat landscape:
- Distributed low-velocity attacks โ Instead of 1,000 checks from one IP, modern fraud bots distribute requests across thousands of residential proxies at sub-threshold rates, invisible to legacy velocity systems.
- Synthetic card number generation โ ML models trained on leaked card datasets can generate statistically valid card numbers for specific networks, dramatically increasing hit rates on brute-force attempts.
- Supply chain compromise โ Attackers target the gift card supply chain directly, intercepting activation codes before cards reach retail shelves.
How the MCL AI Model Works
Every card check through the MyCardLiaison API passes through a real-time scoring pipeline built on a gradient-boosted ensemble model trained on 2+ billion historical transactions. The model evaluates over 40 behavioural and contextual signals in under 5ms, returning a 0.00โ1.00 fraud score alongside the balance response.
{
"status": "active",
"balance": 250.00,
"fraud_score": 0.89, // HIGH RISK โ block recommended
"fraud_signals": [
"velocity_anomaly", // card checked 12x in 3 minutes
"proxy_ip_detected", // residential proxy network
"sequential_pan_pattern" // card number near sequential series
],
"ai_verified": true
}
Configuring Fraud Thresholds
Every integration has different risk tolerance. A gift card resale marketplace might accept higher false-positive rates to protect inventory, while a loyalty platform prioritises frictionless experience. MCL allows you to configure custom score thresholds and automatic block rules per API key.
For most Growth and Enterprise customers, a threshold of 0.65 strikes the right balance โ catching ~94% of fraudulent checks while maintaining a false-positive rate below 0.3%.
What's Coming Next
Our Q2 2026 roadmap includes real-time network-level anomaly sharing between MCL customers (with full anonymisation), giving the fraud model early warning signals when a new attack pattern emerges against any card on the platform โ benefiting all customers simultaneously.
Every plan includes real-time fraud scoring โ even the free tier.
Get API Key Free โ