Banks are closely following an emerging technology BillGuard is testing that would monitor the whereabouts of mobile devices to detect payment anomalies.
The New York tech firm, which combs consumers' transaction data to find suspicious purchases after they post, is tracking phone locations in a bid to better detect shady point-of-sale purchases.
"We are using the location of a phone as a data source," said Yaron Samid, BillGuard's founder and chief executive. "It's a very high-value alert."
The device is almost always close to its owner and can serve as another method to spot potential fraud scenarios that transaction data alone might overlook.
BillGuard's geolocation enhancement, which requires users' consent, comes as financial institutions are publicly exploring ways to use location-based services to prevent fraud and avoid blocking transactions without cause.
Westpac in Australia, for example, updated its app in August to monitor customers arriving at airports, while prompting them to inform the bank through the app about specific dates and locations of overseas travels. Then, Lone Star National Bank in Texas partnered with fintech firm OnDot last year to let customers set their card control preferences — including whether they want to let a banking app monitor their locations.
Wells Fargo, which launched an accelerator program in late August, also made location-based services company Zumigo Corp. one of the initiative's first participants.
Banks have long mined transaction data to block someone from buying something in Michigan an hour after swiping a card in New York. But spot checking whether the smartphone and card are in the same place could uncover red flags that transaction data alone might not spot.
"The mobile device adds a ton of context," said Julie Conroy, a research director for Aite Group's retail banking practice.
Take last year's Target breach, which compromised data of some 40 million debit and credit card users. Conroy said the criminals were selling the ZIP code of the breached store in addition to the stolen card data so that the mules could use counterfeit cards within the footprint of the genuine consumer. While the transaction data might have appeared fine, geo-location capabilities could have helped raise a red flag, she said.
BillGuard's Samid describes his company as a partner with banks in the fight against card fraud. Unlike financial institutions that try to prevent fraud before it happens, BillGuard is exclusively focused on scouting for suspicious activity after transactions post.
Users will receive the alerts as soon as BillGuard receives the data, which varies by bank and card issuers but typically hits the same day or within two days. Like all of its alerts, BillGuard users can dismiss the alert or pursue the problem.
The firm said it has been testing the location-monitoring service with a limited beta group of 7,000 cardholders. The location monitoring methods are supposed to be battery life friendly. In an online FAQ, BillGuard said it may only sample a person's geolocation two to three times a day and can often do so without activating the phone's GPS, which is a battery hog.
BillGuard did not immediately provide more detail on how it tracks the location data. Some companies gather location data through wireless triangulation, which works by collecting data from cell towers.
The firm's efforts are applauded by industry observers who perceive a growing appetite among consumers to let them choose stronger card controls in the wake of major data breaches.
Tracking mobile devices' locations can serve as a very powerful tool to catch fraud at the point of sale, said Al Pascual, director of fraud and security for Javelin Strategy & Research. Pascual said he views BillGuard's beta feature as a positive development for the financial services industry.
"This is a nice sign of where we are," Pascual said. "We are on the cusp of real consumer empowerment through the mobile device."
BillGuard's product should be appealing to consumers, said Jim Bruene, founder of The Finovate Group. Bruene, a fan of the update, said banks looking to do something similar must avoid the boy who cries wolf with too many false negatives, and thus, customer fatigue.
"You get 10 in a month and you get used to" the alerts, Bruene said.
Still, tech firms are convinced consumers want to have a stronger role in the way they monitor their cards. OnDot Systems, which sells card control software to banks, said consumers want to set user preferences — including monitoring mobile phones — to prevent problems on their cards much like any safety precaution.
"Why do you lock the house?" said Rachna Ahlawat, OnDot's founder and executive vice president of products. "It's more and more common for people to control their own [payment] instrument."