Details on the new anti card fraud mobile phone technology
A new Israeli technology brought to the U.S. by Secure Identity Systems (SIS) thwarts credit and debit card fraud, and potentially stops ID thieves in the act. This in turn helps banks better protect customers, stem losses due to fraud, and attract new depositors with free identity protection services.
The technology, dubbed mConfirm, uses any mobile phone to match the location of a consumer and their payment card. If the locations don’t match, the transaction is flagged and risk systems alerted, so that action can be taken immediately. Already proven highly successful at Visa CAL, a major Israeli credit card issuer and processor, mConfirm significantly improves fraud detection and reduces false alert rates without slowing down the transaction process.
The mConfirm technology, which is being provided to U.S. banks exclusively by SIS and offered to consumers free of charge, does not require GPS-enabled phones or changes to existing card processing systems. The system uses two factors—location-based behavior analysis and cellular phone location analysis—to develop a fraud risk score, which is the chance a transaction is fraudulent. The system works with some of the most popular commercially available cell phones and domestic wireless networks, including Apple iPhone, RIM Blackberry, LG, AT&T, Nokia, Motorola, Samsung, and even prepaid services.
Once a bank is set up with mConfirm, they can provide the technology to depositors and credit card customers as a value-added free service, bundled with checking and savings accounts, credit cards, and so on. While the location-based behavior module does not rely on cellular location data, and therefore can automatically be provided to bank customers, the cellular location module is an opt-in service. The mConfirm system soon pays for itself through reduced losses, and through increased revenue by attracting security-conscious depositors and borrowers.
To implement the mConfirm technology, banks install PC-based software on their server and administration terminals where risk management staff monitors and responds to alerts. Once the software is installed and staff trained (typically a two-week process), mConfirm works silently and automatically. When a consumer’s payment card is swiped, the transaction is intercepted at the bank by mConfirm and evaluated on its potential for being fraudulent. The card terminal’s location coordinates are then extracted from the transaction data. mConfirm logs in to the consumer’s wireless phone network, and compares the current location of the consumer’s mobile phone to that of the card terminal. Their proximity generates a rating. The further apart they are, the higher the rating, indicating that the transaction is at higher risk for fraud.
mConfirm simultaneously analyzes the consumer’s transaction history, including merchants patronized, amounts spent, dates and times, locations, etc. The technology compares the transaction to the consumer’s buying pattern. This comparison is also rated, with differences creating a higher rating, and again signaling higher fraud risk. Card-holder privacy is guaranteed, as no additional customer details are needed – only what the bank already has through its regular transaction processing.
These two ratings are combined to create a risk score that is based on a scale of 1 to 1,000, with 1,000 representing the highest probability of fraud. If the score falls within the red zone, the bank blocks the transaction. The statistical probability of a legitimate transaction scoring in the red zone is zero, meaning mConfirm virtually eliminates the possibility of fraudulent transactions occurring on protected accounts. If a cell phone is not present, available or involved (for those not yet signed on the program), the system will alert the bank’s risk department through the location-based behavior analysis.