Hello,

We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not an Insider? Subscribe now for unlimited access to online articles.

Business Report

Who Are You?

Banks are using mobile technology to build better profiles of credit card customers that will be harder to fake—or shake off.

I often travel to different countries chasing stories. It’s hard for me, let alone my credit card issuers, to predict where I’ll be at any given time. This summer, for example, I moved from Madrid, Spain, to Oaxaca, Mexico, and in November I made quick trips to both California and Nicaragua. Confused by my unpredictable spending patterns, my credit card companies often block my legitimate transactions.

In this mobile, data-driven era, there must be some better way. After all, California friends may have heard about my trip ahead of time via Facebook, and my U.S. mobile operator might have noticed my new location when I plugged its SIM card into my phone at the border. But still, “your bank is the last to know,” says Loc Nguyen, chief marketing officer of Feedzai, a mobile payments firm in San Mateo, California. Sure enough, when I tried to buy a bunch of hiking gear on arrival in California, my card froze and I had to call the issuer to verify my identity.

Banks and merchants want to know who is wielding a given credit card because they, not the cardholder, are on the hook for fraudulent transactions. And such fraud is rising, according to the 2014 Lexis Nexis annual fraud study. Worldwide, fraudulent card transactions have reached around $11 billion a year, and the U.S. may account for about half of that. Europe’s share was 1.33 billion euros ($1.7 billion), according to a European Central Bank report.

This story is part of our March/April 2015 Issue
See the rest of the issue
Subscribe

New technologies try to address this problem by merging a broader range of financial data, mobile-phone data, and even social-networking data to better establish the likelihood it’s actually you behind the transactions racking up on your cards or mobile device. Nguyen says that Feedzai’s system can improve fraud detection rates from 47 percent to almost 80 percent. ­Chirag Bakshi, founder and CEO of Zumigo, a company in San Jose, California, that provides location-based mobile services, says his company’s data algorithms reduce fraud losses by at least 50 percent.

“When fraudsters steal your identity, what they can’t do is steal your behavior,” Nguyen says. That, in fact, has long been the principle behind credit card fraud alerts. But a conventional credit card company is relying on information from your past to guess whether each attempted transaction is genuine. Today’s new technologies tap into your mobile phone and its more up-to-date information to see if your current behavior matches your purchase.

“[We can use] a SIM card as a proxy for a person,” says Rodger Desai, CEO of Payfone, which works with banks, mobile operators, and fraud detection companies to assess the legitimacy of a given payment. Payfone builds a profile of a user and tracks more than 400 types of data to create what it calls a persistent identity. Change phone company? Noted. Someone steal your phone or clone it? The company will catch that, too. Even if you’ve canceled your cellular data plan, it has ways of flagging the activity of someone who then tries to use the phone’s Wi-Fi connection.

Zumigo adds location information gleaned from partnerships with mobile network operators. It checks the name and address attached to the mobile device in a given transaction against Equifax’s credit records to confirm the buyer’s identity. Feedzai’s software combines that kind of information with current and historical location data to draw inferences such as whether it would be possible to travel from the site of an already approved purchase at, say, the airport to a shop in town in the amount of time between the transactions. The use of this method, Nguyen says, is what allows Feedzai to detect 80 percent of fraudulent transactions, rather than the 47 percent achieved by conventional methods, without adding more of the sort of false alarms to which I am growing accustomed.

Some companies are trying to build deeper identity profiles for mobile payments based on social-network data. It’s a tempting target. If I ask my friends for advice on rain jackets and I’m a member of a mountaineering club, it would lower the odds I might trigger a fraud alert at a shop selling outdoor gear. But that kind of information requires permission from users, and experts say it can be a source of false signals as well as reliable information.

Mobile-data-based identity systems have their limits. After my November trip to Southern California, I flew to Nicaragua. At the airport, I called my card providers to alert them to my travel. But in Managua, I paid cash for a local SIM card at the bus station, to avoid the roaming charges from my home mobile operator. It required no registration forms, and I hopped on the bus to read the news and handle e-mail. Without trying, I might have outpaced the futuristic systems designed by Feedzai, Zumigo, and Payfone. Could I have then booked a hotel for the night on my phone with the new SIM card while riding the bus? Probably not.

Hear more about security at EmTech MIT 2017.

Register now

Uh oh–you've read all of your free articles for this month.

Insider Premium
$179.95/yr US PRICE

More from Business Impact
The Future of Money: 2015

How technology advances are changing the economy and providing new opportunities in many industries.

Want more award-winning journalism? Subscribe and become an Insider.
  • Insider Plus {! insider.prices.plus !}* Best Value

    {! insider.display.menuOptionsLabel !}

    Everything included in Insider Basic, plus the digital magazine, extensive archive, ad-free web experience, and discounts to partner offerings and MIT Technology Review events.

    See details+

    What's Included

    Unlimited 24/7 access to MIT Technology Review’s website

    The Download: our daily newsletter of what's important in technology and innovation

    Bimonthly print magazine (6 issues per year)

    Bimonthly digital/PDF edition

    Access to the magazine PDF archive—thousands of articles going back to 1899 at your fingertips

    Special interest publications

    Discount to MIT Technology Review events

    Special discounts to select partner offerings

    Ad-free web experience

  • Insider Basic {! insider.prices.basic !}*

    {! insider.display.menuOptionsLabel !}

    Six issues of our award winning print magazine, unlimited online access plus The Download with the top tech stories delivered daily to your inbox.

    See details+

    What's Included

    Unlimited 24/7 access to MIT Technology Review’s website

    The Download: our daily newsletter of what's important in technology and innovation

    Bimonthly print magazine (6 issues per year)

  • Insider Online Only {! insider.prices.online !}*

    {! insider.display.menuOptionsLabel !}

    Unlimited online access including articles and video, plus The Download with the top tech stories delivered daily to your inbox.

    See details+

    What's Included

    Unlimited 24/7 access to MIT Technology Review’s website

    The Download: our daily newsletter of what's important in technology and innovation

/
You've read all of your free articles this month. This is your last free article this month. You've read of free articles this month. or  for unlimited online access.