Blog Post

Phones Becoming Frontline in Credit Card Fraud Battle

Mobile phones are increasingly being tapped to serve as the first line of protection against credit card and banking fraud. Banks, credit card companies and start-ups are all looking to leverage the ubiquity of cell phones and their location capabilities to help combat fraudulent activity.

The latest example is ClairMail, which today announced a new mobile fraud prevention product for financial institutions customers that allows them to monitor their transactions and get alerts based on pre-set conditions. Users can get alerts when transactions exceed certain limits and can resolve transactions disputes from their phone. ClairMail already powers the mobile banking services for eight of the top 12 banks in North America and is in a good position to leverage its integration for better fraud protection.

But it’s hardly alone in this battle. As I’ve reported recently, more and more start-ups are looking to leverage the power of the phone to beef up fraud security. Start-up BillGuard is building a fraud protection system that uses crowd-sourced information along with other real-time fraud data to help alert users on their computers and phones. BankSimple, another New York start-up is creating an online banking service that focuses on mobile phones and will leverage the phone’s location to aid in fraud detection.

That’s where things get really interesting. The phone is great for instant feedback and monitoring, which allows users to spot fraudulent purchases. But when you add location into the mix, it gives customers, banks and financial institutions a better shot at sensing criminal behavior. If you use your card in New York and your credit card is suddenly charged in San Francisco, that should be a red flag. Similarly, if your phone says you’re in Berlin on vacation, there’s no reason for a bank to put a hold on your account because it already knows you’re in Germany.

That’s increasingly where this battle is going. In December, Visa Europe announced it was partnering with ValidSoft, a company that determines whether a user’s mobile phone is in the same place as the merchant or ATM where your card is being used. If ValidSoft sees a discrepancy, it sends an alert. Finsphere, a fraud monitoring service, launched a similar service in October called PinPoint that monitors a user’s credit or debit card usage and cross references that with the user’s phone location, their past transactional history and other signals to determine if a transactions requires an alert. The service, powered by Location Labs, does not require GPS to establish a user’s location.

Leveraging phones, especially their location, makes sense because in many cases, banks just look for larger pattern discrepancies. By arming users with instant feedback and the ability to tie their location into fraud detection, it closes the window of opportunity for criminal activity. We have our phones with us at all times so we should employ them to the fullest to undercut the threat of fraud.

Sharing location is still a sketchy proposition for many users, however. A recent survey conducted by Microsoft (s msft) found that concerns about privacy were the biggest impediment to adoption of location-based services. Perhaps that’s why Gartner said by 2015, it expects 15 percent of all payment card transactions (s IT) will be validated using mobile location and profile information. But I think fraud detection might actually be one of the cases where users who appreciate security enhanced through location can better comprehend the benefits location-enabled services.

Related content from GigaOM Pro (subscription req’d):

4 Responses to “Phones Becoming Frontline in Credit Card Fraud Battle”

  1. I have bank accounts both in Europe and in the US and I’m always shocked just how underutilized mobile phones are in the US. And that using them in some way for banking sounds like a grand new concept. The ability to make and monitor payments on cell phone has been around in Europe for maybe 10 years, and don’t get me started on Japan. For web-based payments, there is mobile-based authentication (you initiate a wire transfer and get a SMS with a code which you have to enter to the Internet banking system for the payment to be really sent). And speaking of monitoring, for about the same time (10+ years) I get alerts (admittedly sans location data) when my cards are charged, when, for what and the amount. This is such a second nature, that I almost tremble in fear what may be happening with my US-based credit card at any moment, as no mobile alerts are available. You guys need to push your banks to adopt mobile much more, it’s no rocket science and it’s been around forever.

  2. Jeff Pomeroy

    This is a step in the right direction. However, the reality of today’s world and location via GPS is that it isn’t very reliable. Being indoors, weather conditions, etc. are all very common factors that would prevent this type of technology from actually functioning as it has been described in the article.

    Again, it is good to see these types of approaches being developed. There are a variety of factors to consider when implementing this if you are a financial institution. Example – Person is indoors, phone can’t provide location = does the transaction get declined? Or better yet – Person goes to store and forgets their phone.

    As the article suggests, this approach makes sense. I just wouldn’t look for it to be as seamless as everyone suggests.

  3. Just wondering: Is this a problem in areas of the world where there is a normative use of mobile banking or money transfers? Just feels like the solution presented by these services could be minimized or avoided if the mobile was the credit card.