Gift cards are the #1 scam payment method but have zero federal regulation

Gift cards have been the single most-reported payment method used in scams reported to the FTC every year since tracking began, surpassing wire transfers, cryptocurrency, and bank transfers. In 2024, $212 million in losses were reported through gift cards alone, and this is widely considered to undercount actual losses since most victims never report. Despite this, there is no federal law specifically regulating gift card security, requiring tamper-evident packaging, mandating fraud monitoring, or compelling issuers to freeze and return stolen balances. The only federal law touching gift cards is the CARD Act of 2009, which addresses expiration dates and inactivity fees -- consumer convenience issues, not fraud. This regulatory vacuum exists because gift cards span multiple jurisdictions and industries: the retailer sells the card, a third-party processor (like InComm or Blackhawk) manages the platform, and the brand (Target, Apple, Google) issues it. No single federal agency claims primary oversight. The FTC can investigate after the fact but has no rulemaking authority over gift card security. States are starting to act individually -- Maryland passed the first gift card security law in 2024 -- but a state-by-state patchwork creates compliance confusion and leaves consumers in 49 other states unprotected.