How Distributed Ledgers Can Put Points on Lockdown

The main draw of cashback and rewards apps is earning points for activities you’re already doing. You probably enjoy conducting business with a particular retailer. And if they have affiliation with points-based apps, you can accumulate rewards by purchasing items you’d buy anyhow. Win-win!

However, the primary drawback of rewards apps is point theft. Accounts are compromised frequently, with stolen points selling at a discount in underground economies.

Here at RedFOX Labs, we use emerging tech to replicate products and services with proven success. Cashback apps have seen rising popularity in multiple markets — which is why, starting with Vietnam, we’re building them for individual SEA countries.

But the user experience is at risk unless all points are secure. And that’s a gamble we’re not willing to take. For us, it’s paramount to build fantastic products that people want to use day in and day out.

Legendary tech investor and billionaire, Peter Thiel, agrees with that position. He had this to say about delivering what people want:

“The core thing is to have a great product, and then you can always improve and iterate on that in all sorts of ways.”

We also strive to make shareable apps that people can’t help but recommend to friends. But succumbing to an account takeover will force users to share their negative experiences. And that’s not good for anyone!

So, how do we make cashback and rewards apps highly enjoyable as well as immensely secure? We have a couple of ideas, and both involve the immutable protection of blockchain tech. Putting faith in math rather than people is how everyone gets along within trustless environments.

It’s important to note that we’ve yet to make any final decisions. But since our apps have yet to hit the market, the time to consider security options is now. With that in mind, let’s go over some of our recent thoughts on the matter…

The NFT Approach

Unlike bitcoin and ethereum and other fungible (interchangeable) coins, non-fungible tokens are unique creations. In other words, no two are exactly alike.

“Nakamoto’s Gaming Machine” from KOGS is a work in progress

And this uniqueness gives NFTs a powerful reach outside of blockchain gaming. Potential use cases spill over into industries such as healthcare, identification, and even the Internet of Things.

Imagine a smartphone app storing an NFT that acts as your digital passport.

But what if every new account within our upcoming rewards apps triggers the creation of a sidechain? Although invisible to the user — remember, simplicity comes first — new points mint NFTs inside individual accounts.

Another avenue is to create a master NFT for every account. Any point redemptions must coincide with the user’s NFT. No NFT present during point cashout? Sorry, but those points are unspendable.

Either way, NFT-powered redemption trims the demand for dark-market points. After all, nobody will buy ill-gotten points if they’re worthless without the proper NFT.

The Reflective Layer

As with NFTs, this method also involves an undetected distributed ledger. Points going into a user’s balance will trigger a corresponding blockchain transaction.

A secure blockchain can mirror in-app rewards points

Users can see the first layer only — the app’s graphical interface. But underneath lies a blockchain that mirrors accumulated points. Redemption first requires confirmation from the chain’s nodes. And without the user’s private key, hackers are powerless.

Another way to envision this scenario is to think of the blockchain layer as the parent, while all users are akin to children. Only the parent can issue points — somewhat like an allowance. And when any of the kids want to make a redemption, only the parent can verify whether or not purchases are acceptable.


The conventional recipe for launching a successful app is short and straightforward. Step 1 is building a great product. Step 2 is making improvements. But as we see it, security is a significant yet often overlooked component of step 1.

Because cashback and rewards apps issue points with monetary value, they naturally attract cybercriminals. But experimentation fosters progress. Since we run a sovereign blockchain under our control, we’re free to push boundaries and create unique methods for thwarting bad actors.

Point theft has a long history that predates blockchain-secured apps — which means we know precisely what crooks are after. Now it’s up to us to prevent villains from entering our ecosystem. And with lots of help from distributed ledgers, we’re confident in our ability to keep rewards points protected.

Hit subscribe to get an inside look at how we’re accelerating blockchain adoption in Southeast Asia and beyond!