US20110282789A1 - Card false-positive prevention - Google Patents

Card false-positive prevention Download PDF

Info

Publication number
US20110282789A1
US20110282789A1 US13/138,286 US201013138286A US2011282789A1 US 20110282789 A1 US20110282789 A1 US 20110282789A1 US 201013138286 A US201013138286 A US 201013138286A US 2011282789 A1 US2011282789 A1 US 2011282789A1
Authority
US
United States
Prior art keywords
transaction
region
communication device
data identifying
mobile communication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US13/138,286
Inventor
Pat Carroll
John Petersen
Jonathan Alford
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Valid soft (UK) Ltd
Validsoft Ltd
Original Assignee
Valid soft (UK) Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Valid soft (UK) Ltd filed Critical Valid soft (UK) Ltd
Publication of US20110282789A1 publication Critical patent/US20110282789A1/en
Assigned to VALIDSOFT UK LIMITED reassignment VALIDSOFT UK LIMITED ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: ALFORD, JONATHAN, CARROLL, PAT, PETERSEN, JOHN
Assigned to STATE OF CONNECTICUT DEPARTMENT OF ECONOMIC AND COMMUNITY DEVELOPMENT reassignment STATE OF CONNECTICUT DEPARTMENT OF ECONOMIC AND COMMUNITY DEVELOPMENT SECURITY INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: VALIDSOFT UK LIMITED
Assigned to VALIDSOFT LIMITED reassignment VALIDSOFT LIMITED ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: VALIDSOFT UK LIMITED
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/18Payment architectures involving self-service terminals [SST], vending machines, kiosks or multimedia terminals
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3224Transactions dependent on location of M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/107Network architectures or network communication protocols for network security for controlling access to devices or network resources wherein the security policies are location-dependent, e.g. entities privileges depend on current location or allowing specific operations only from locally connected terminals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/043Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
    • H04W12/0431Key distribution or pre-distribution; Key agreement
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/126Anti-theft arrangements, e.g. protection against subscriber identity module [SIM] cloning
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information
    • H04W4/021Services related to particular areas, e.g. point of interest [POI] services, venue services or geofences
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/63Location-dependent; Proximity-dependent
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information
    • H04W4/029Location-based management or tracking services

Definitions

  • This invention relates to determining the validity of a requested transaction and to false-positive prevention such as card present false-positive prevention. More particularly, this invention relates to financial transactions and to card-present false-positive prevention as well as to cross-border card present false-positive prevention.
  • a false-positive event occurs when a user attempts to carry out a legitimate financial transaction which is declined because the financial provider (for example an issuing bank providing customers with a debit card or credit card) has incorrectly identified that transaction as being potentially fraudulent.
  • the transaction may be a cross-border card-present transaction.
  • a cross-border transaction may be on in which the transaction occurs in a different region to the region where the user is registered with the financial provider. That is to say, a cross-border card-present transaction could be one where a user withdraws cash from an ATM (automated teller machine) using his credit or debit card abroad or one where a user purchases goods at a Point-of-Sale (PoS) using his credit or debit card abroad.
  • ATM automated teller machine
  • PoS Point-of-Sale
  • the card In both cases, the card must be physically present at the point of the transaction e.g. at the ATM or PoS. This is in contrast to a card-not-present transaction where the details of the card are present, for example the name of the card holder, the card number, expiry date, as well as security information. The card itself is not present at the location where the transaction is carried out.
  • a card-not-present transaction may occur as a result of an internet or mail order transaction.
  • the transaction may be a cross-border transaction, i.e. one where the transaction occurs in a country other than the country where the cardholder's issuing bank issued the card.
  • Chip and PIN personal identification number
  • skimmed (counterfeit) cards are simply used at ATMs and PoS devices in countries that don't support Chip and PIN, such as the US, when verification reverts to the card's magnetic stripe.
  • Chip and PIN technology allows payment using debit or credit cards. Instead of using a signature to verify payments, the card user must enter a PIN number known only to the card holder.
  • Banks and other financial service providers generally attempt to prevent card-present fraud through the use of 3rd party software risk engines or in-house logic within the real-time authorisation process in an attempt to determine whether a transaction is likely to be fraudulent. Others will decline all cross-border transactions unless the cardholder has previously supplied the financial service provider with an accurate travel itinerary (which may still prove insufficient).
  • the financial service provider because the financial service provider has declined the transaction, it usually contacts the cardholder to confirm whether the transaction was actually fraudulent. This is done either manually by fraud centre operators, which is very expensive, or electronically by outbound dialling services, some of which can be inefficient and expensive. In many cases, however, because of the time taken for the financial service provider to instigate this process, the cardholder contacts the financial service provider directly (from abroad) to attempt to resolve the issue.
  • a method for deriving probability data relating to the validity of a requested financial transaction comprises the steps of: receiving location data relating to a requested transaction; receiving data identifying a mobile communication device associated with a person requesting the transaction; determining from Home Location Register (HLR) data for the mobile communication device location data for the mobile communication device; comparing the location data relating to the transaction with the location data from the mobile communication device; and determining probability data relating to the validity of the requested transaction in dependence on the result of the comparison.
  • HLR Home Location Register
  • apparatus for deriving probability data relating to the validity of requested financial transaction comprises: means for receiving location data relating to a requested transaction; means for receiving data identifying a mobile communication device associated with a person requesting the transaction; means for determining from Home Location Register (HLR) data for the mobile communication device location data for the mobile communication device; means for comparing the location data relating to the transaction with the location data from the mobile communication device; and means for determining probability data relating to the validity of the requested transaction in dependence on the result of the comparison.
  • HLR Home Location Register
  • Preferred embodiments of the invention derive probability data relating to the validity of a requested financial transaction by receiving location data relating to a requested transaction; receiving data identifying a mobile communication device associated with a person requesting the transaction; determine from Home Location Register (HLR) data for the mobile communication device location data for the mobile communication device; compare the location data relating to the transaction with the location data from the mobile communication device; and determine probability data relating to the validity of the requested transaction in dependence on the result of the comparison.
  • HLR Home Location Register
  • FIG. 1 shows a schematic diagram of the system architecture of an embodiment of the invention.
  • FIG. 2 shows a flow diagram showing the main steps performed by an embodiment of the invention.
  • a false positive prevention system comprises a server or computer 101 .
  • the server or computer 101 determines whether a transaction is likely to be fraudulent or not, as described in further detail below.
  • the system can further comprise a mobile network data aggregator 103 ; mobile networks, 105 , 106 , a mobile communication device (not shown), a bank 107 , and a customer 109 .
  • the system may also comprise a resolution system 111 , although this feature is not essential, and so it is shown in dashed lines in FIG. 1 . The main steps carried out by an embodiment of the invention will now be described.
  • a user first starts a transaction at a means for performing or carrying out a transaction, at step 201 .
  • the means for carrying out the transaction may be an ATM or PoS. If the transaction is being requested at an ATM, the user inserts a card into the ATM and enters his PIN number. Alternatively, if the transaction is being carried out at a PoS, then the user may physically pass the card to the retailer who inserts the card into a card reader for processing. The user may optionally enter a PIN, if the card is a chip and PIN card. Other verification schemes such as signature may also be used, alternatively or in addition to a PIN.
  • the card comprises data associated with an individual or user which allows the user's account to be identified. Usually this information is in the form of a sequence of decimal numbers.
  • the ATM or PoS then contacts the financial service provider (card issuer) 107 at step 203 , and the Issuing bank or financial service provider 107 authorisation process starts.
  • the financial service provider receives a transaction request, at step 205 .
  • the ATM or PoS sends information enabling the identity of the card holder to be deduced. This information may comprise the card number and may be sent by conventional means or using wireless means known to the skilled person. The information also may be sent in any suitably encrypted form known to the skilled person.
  • the bank or financial service provider 107 may optionally perform additional processing to determine (using software risk engines or in-house logic) whether the transaction is likely to be fraudulent, for example if the transaction is for a large amount. However, if the financial service provider 107 determines that the transaction is likely to be genuine, then it can proceed directly to the authorisation process, at step 217 , allowing the transaction at step 219 . If the financial service provider determines that the transaction is likely to be fraudulent, then it passes the request to the server, 101 .
  • the financial service provider passes the transaction information directly to the server 101 .
  • the server 101 may be located within the financial service provider's organisation. However preferred embodiments have a server 101 which is physically separate from the financial service provider, and the transaction information (for example card number or/and name or/and transaction amount) is sent using wireless or conventional wire technology to the server, 101 .
  • the transaction information for example card number or/and name or/and transaction amount
  • the server 101 then extracts country code information contained within the transaction information, at step 207 .
  • the financial service provider extracts the country code information from the transaction information.
  • the financial service provider may also assign a reference number to the transaction. This has the advantage that potentially sensitive financial information such as the card number does not have to be sent to the server 101 .
  • the financial service provider searches a customer data base or look up table for information identifying a mobile communication device, as shown in table 1.
  • the look up table has card holder identifying information for each card holder and also information enabling the card holder's mobile communication device to be determined.
  • the card holder identifying information for each user is associated with at least one piece of information enabling the card holder's communication device to be determined. If the mobile communication device is a portable telephone, then this information may be the (unique) telephone number of the portable telephone associated with the user carrying out the transaction. Further, each card holder may have more than one entry in the look up table because they may have more than one card with the financial service provider.
  • the financial service provider then sends the information identifying the mobile communication device as well as the extracted country code (i.e. location) relating to the transaction to the server 101 .
  • a transaction reference number is also sent. This could be an arbitrary number assigned to the transaction by the financial service provider. This information may be sent in an encrypted form.
  • the server 101 receives the information identifying the mobile communication device (mobile telephone number) of the customer 109 from the issuing bank it then performs a HLR lookup from a commercially available database.
  • An HLR database is held by every mobile network provider and comprises information on that provider's permanent subscribers. Included in the information is the Network Country Code to which a subscriber is currently assigned, for use with customers who are roaming.
  • the HLR database is frequently updated to take account of changes in the user's position.
  • the server 101 performs the HLR lookup by opening one or more communication channel(s) to a mobile network data aggregator 103 , at step 209 .
  • the network data aggregator holds HLR information for mobile communication devices registered with a mobile network provider.
  • the network data aggregator may have HLR data of more than one mobile network service provider 105 , 106 . This has the advantage that it is not necessary to interrogate each service provider separately in order to obtain the HLR data of a mobile communication devices registered with different service providers.
  • the network data aggregator 103 is able to extract the Mobile Country Code (MCC) indicator held for every permanent subscriber within the Home Location Register (HLR) database of the subscriber's mobile network, at step 211 using the information enabling the card holder's communication device to be determined (i.e. mobile telephone number).
  • MCC Mobile Country Code
  • HLR Home Location Register
  • the MCC code associated with the information identifying the mobile communication device (telephone number) is then passed to the server 101 .
  • the server 101 compares the received country indicator contained within the (cross-border) ATM or PoS transaction with the received Mobile Country Code (MCC) indicator.
  • MCC Mobile Country Code
  • the probability of a transaction being legitimate is calculated. There are a number of ways in which this may be performed. The simplest way in which a legitimate transaction is detected is if the extracted country code of where the transaction is taking place matches the determined MCC indicator. For example, a transaction with an extracted country code relating to Australia will have a high probability of legitimacy if the determined MCC indicator also relates to Australia. In this case, the transaction is likely to be legitimate, because it is most likely that the legitimate card holder is in the same or a similar location to their mobile communication device. For a legitimate transaction the legitimate card holder carrying out the transaction is likely to have the mobile communication device on their person. In this case, the location of the transaction will be the substantially the same as the location of the user's mobile communication device.
  • the HLR data of a mobile communication device can be determined using techniques known to the skilled person, for example using the mobile GSM (Global System for Mobile) network or using 3 rd generation mobile networks. This allows the position of the mobile communication device to be determined to an accuracy of at least 50 m.
  • GSM Global System for Mobile
  • system can be configured so that a transaction is determined to be genuine only if the thus determined location of the mobile communication device is within a predetermined distance of the location where the transaction is occurring, for example 50 or 100 m.
  • the system is configured such that a transaction is determined to be genuine only if the mobile communication device is determined to be in the same city or state or country as the place where the transaction is taking place. This embodiment is useful because card users frequently leave mobile devices at home or in hotels when performing a transaction.
  • the transaction country code will not match the MCC indicator, even though the transaction is being carried out by a legitimate user. This could occur if the transaction is taking place close to the border of a country, for example the border or France and Germany.
  • the MCC indicator is determined to be close to a border, the transaction may be allowed even though the transaction country code and the MCC indicator do not match, provided the transaction is occurring in a country which neighbours (i.e. within a predetermined distance) of the country code determined using the MCC.
  • the system may also determine the probability of a transaction being fraudulent, at step 213 , rather than just determining whether the transaction is genuine ( 1 ) or fraudulent ( 0 ). In this case a number between 0 and 1 may be assigned to the transaction.
  • the probability of the transaction being fraudulent is larger when the distance between the location of the transaction and the user's mobile communication device is larger.
  • the transaction request is updated with the determined probability value, for example 0.9 (meaning that there is a 90% probability that the transaction is genuine) or whole number for example 1 or 0 (meaning that the transaction has determined with 100% probability of it being genuine or fraudulent).
  • the probability is then passed to the bank or financial service provider 101 as part of the transaction information, and at step 217 , the bank or financial service provider allows or denies the transaction in dependence upon the determined probability. If the transaction is allowed it is completed at step 219 .
  • embodiments of the invention reduce the incidence of false-positive transactions.
  • Embodiments of the invention therefore, to achieve maximum effectiveness, require cardholders to take and activate their mobile communication devices (mobile phones) abroad (though not necessarily to carry them on their person) and also require issuing banks to record accurate mobile phone information on their cardholder databases. This is an increasing trend due to the increasing incidence of cross-border false-positives and is actively encouraged by banks.
  • the Association for Payment Clearing Services (APACS) advises card holders to make sure their card company has up-to-date contact details for them, including a mobile number, especially if travelling overseas.
  • an automated resolution process at step 221 , is provided, however this is optional. This allows for the immediate and automatic resolution of any transaction declined through having a low probability of legitimacy (potentially fraudulent transaction).
  • the automated resolution process predicts if the decline is a true-positive (fraudulent transaction) or false-positive (legitimate transaction).
  • the automated resolution process connects the cardholder directly with the bank or financial service provider (i.e. fraud department) to resolve the issue of the fraudulent card and any previous fraudulent transactions. Alternatively it can update the cardholder's information and request the cardholder to resubmit the declined transaction. Because the resolution process can occur immediately the transaction is declined, it streamlines the process, provides a better customer experience and provides the opportunity for the cardholder to retry the transaction, in the case of false-positive, whilst still in the vicinity of the original declined transaction.
  • Embodiments of the invention use HLR information in conjunction with card-present financial transaction data to predict the probability of legitimacy.
  • HLR databases to determine the country location of a subscriber has advantages over techniques such as Latitude/Longitude tracking in terms of cost, timeliness and privacy.
  • Embodiments of the invention allow more true positive cross-border card present financial transactions to be identified, while also reducing the number of false positive transactions.
  • Embodiments of the invention also allow invalid mobile telephone numbers to be identified (ones that are no longer in use) using the HLR information thereby avoiding processing errors. This also allows these numbers to be identified and for the financial service provider to request new telephone numbers from the card holder.
  • Embodiments of the invention can run as a hosted service or in-house. Although embodiments of the invention have been described with reference to financial cards, it is not in fact necessary for any card to actually be present when the transaction is taking place. For example, a user may use biometric information such as finger print(s) or retina scan(s) as a unique identifier of their account whilst also giving authorisation information.
  • the authorisation information can be an additional PIN or can be the biometric information itself.
  • a user can be provided with a unique combination of code or/and pin number to enter at an ATM. This allows their financial service provider to provide the user with cash from the ATM without the need for a physical card. The withdrawn cash is then debited from the user's account which is identified using the unique code.
  • the present invention finds applicability in determining the validity or authenticity of any transaction being attempted at an ATM or PoS or any other means for carrying out a transaction.
  • the transaction may be a financial transaction.
  • embodiments of the invention may be implemented in hardware or software.
  • Embodiments may be implemented in the ATM or PoS or other means for carrying out a transaction, although, it is preferable to implement the system at a centralised computer or server 101 .
  • the system 101 may use Visitor Location register database information. These databases may be referred to as Location Register (LR) databases.
  • LR Location Register
  • the location data relating to where a financial transaction is being requested may comprise data identifying a region where a transaction is being requested.
  • embodiments of the invention may use an ATM country code indicator or a PoS country code indicator.
  • These financial transaction country indicators may be labels such as “UK” or “44” and serve to identify a particular region, but do not contain sufficient information to determine where the region is located or even where within the region the ATM or PoS is located or positioned.
  • the location data of the mobile communication device may comprise data identifying a region where a mobile communication device is located.
  • embodiments of the invention may use a Mobile Country Code (MCC) indicator, such as “UK” or “44”.
  • MCC Mobile Country Code
  • the server 101 may extract the Mobile Country Code indicator from the Home Location Register Data.
  • the server 101 may extract the Mobile Country Code indicator from the LR data of a number of mobile devices using the data identifying a mobile communication device which is associated with a person requesting the transaction.
  • the LR data corresponding to the mobile device of the user requesting the transaction may then be searched to extract the country code indicator. For example, a search for the field “MCC” in the LR database, will reveal a match, and the data value associated with that match is the MCC value or indicator.
  • the data identifying a mobile communication device may be a mobile telephone number or other subscriber information such as an International Mobile Subscriber Identity (IMSI).
  • IMSI International Mobile Subscriber Identity
  • the data identifying a region where a mobile communication device is located may be a label such as “UK” or “44” and serve to identify a particular region where the device is located, but do not contain sufficient information to determine where the region is located or even where within the region the device is located or positioned.
  • the server 101 does not know the position of the mobile communication device, so that a user's privacy is maintained.
  • the server 101 just knows what the value is of the identifier which represents a particular region. For example, if the user's mobile communication device is located within the UK, the data identifying the region where the mobile device is located may be a number such as “44”. This information does not allow the position of the mobile communication to be determined.
  • the indicator or data identifying a region where the financial transaction is requested are not unique. That is to say, all ATMs or PoSs within a particular geographic region are assigned a particular country indicator, such as “44”.
  • the indicator or data identifying a region where a mobile communication device associated with a user requesting a transaction is located is also not unique. That is to say, the mobile phone country indicator assigned to a particular phone is not unique and that a number of mobile phones within a particular region or country share the same code.
  • Having indicators which are not unique has the advantage that the step of comparing the data identifying a region where a financial transaction is requested with the data identifying a region where a mobile communication device is located is simplified.
  • a transaction may be validated or determined as authentic if the region identifier where the ATM or POS is located matches the region identifier where the mobile communication device is located.
  • the data identifying the regions where a mobile device is located also may comprise a city or state identifier. This identifier is also located in the HLR data.
  • these city or state identifiers are also not unique in that a number of mobile devices may be assigned the same city or state identifier. Further, the city or state identifiers may not contain sufficient information to enable the location of the region covered by the city or state to be determined or indeed to determine where within the city or state region the mobile device is located.
  • embodiments of the invention may receive the HLR data from a mobile network aggregator.
  • the transaction may be a card-present transaction or a card-not-present transaction or a cross-border transaction.
  • the location data of the mobile communication device may be receivable from more than one network aggregator.
  • the LR data may comprise data from more than one mobile network service provider. Further, a probability of legitimacy of the requested transaction may be determined in real time or post authorisation.
  • embodiments of the invention may decline a transaction if a determined probability of legitimacy is below a predetermined value.
  • the probability data may also be used to identify a false positive transaction.
  • the transaction data and the data identifying a mobile communication device may be received from a financial service provider.
  • the method may also comprise the step of automatically contacting the person requesting the transaction, for example via telephone.
  • Embodiments of the invention may also comprise the step of controlling a means for carrying out a transaction in dependence upon the result of the comparison. This step may be an alternative to the step of authenticating the transaction in dependence on the result of the comparison.
  • an ATM or PoS or other means for carrying out a transaction may be controlled such that cash is dispensed or such that the PoS performs the transaction.

Abstract

A method for authenticating a transaction is disclosed. The method comprises the steps of: receiving data identifying a region where a transaction is being requested; receiving data identifying a mobile communication device associated with a person requesting the transaction; determining from Location Register (LR) data for the mobile communication device data identifying a region where the mobile communication device is located; comparing the data identifying the region where the transaction is being requested with the data identifying the region where the mobile communication device is located; and authenticating the transaction in dependence on the result of the comparison.

Description

    FIELD OF THE INVENTION
  • This invention relates to determining the validity of a requested transaction and to false-positive prevention such as card present false-positive prevention. More particularly, this invention relates to financial transactions and to card-present false-positive prevention as well as to cross-border card present false-positive prevention.
    • BACKGROUND OF THE INVENTION
  • A false-positive event occurs when a user attempts to carry out a legitimate financial transaction which is declined because the financial provider (for example an issuing bank providing customers with a debit card or credit card) has incorrectly identified that transaction as being potentially fraudulent. The transaction may be a cross-border card-present transaction. A cross-border transaction may be on in which the transaction occurs in a different region to the region where the user is registered with the financial provider. That is to say, a cross-border card-present transaction could be one where a user withdraws cash from an ATM (automated teller machine) using his credit or debit card abroad or one where a user purchases goods at a Point-of-Sale (PoS) using his credit or debit card abroad. In both cases, the card must be physically present at the point of the transaction e.g. at the ATM or PoS. This is in contrast to a card-not-present transaction where the details of the card are present, for example the name of the card holder, the card number, expiry date, as well as security information. The card itself is not present at the location where the transaction is carried out. A card-not-present transaction may occur as a result of an internet or mail order transaction. Furthermore, the transaction may be a cross-border transaction, i.e. one where the transaction occurs in a country other than the country where the cardholder's issuing bank issued the card.
  • Cross-border card-present fraud is on the increase and now accounts for 40% of all card crime on UK issued cards. Technology such as Chip and PIN (personal identification number) is ineffective at preventing cross-border card-present fraud as skimmed (counterfeit) cards are simply used at ATMs and PoS devices in countries that don't support Chip and PIN, such as the US, when verification reverts to the card's magnetic stripe. Chip and PIN technology allows payment using debit or credit cards. Instead of using a signature to verify payments, the card user must enter a PIN number known only to the card holder.
  • Banks and other financial service providers generally attempt to prevent card-present fraud through the use of 3rd party software risk engines or in-house logic within the real-time authorisation process in an attempt to determine whether a transaction is likely to be fraudulent. Others will decline all cross-border transactions unless the cardholder has previously supplied the financial service provider with an accurate travel itinerary (which may still prove insufficient).
  • The main problem with the risk-engine approach is that risk engines are highly inaccurate in determining potentially fraudulent transactions. False-positive rates arising from such risk engines are extremely high, typically between 80% and 90%, resulting in substantial inconvenience and cost for the cardholders and banks alike. By false-positive rate, we mean the percentage of incorrectly declined transactions within the total number of declined transactions. Due to the high volumes and costs currently associated with determining false-positives, financial service providers cannot typically decline all of the transactions they would like to, resulting in fraudulent transactions being authorised. This arises when the cost of prevention exceeds the cost of fraud. The main costs to the financial service provider and the customer are incurred in the resolution process of a false-positive transaction.
  • Therefore, there is a problem that financial service providers often incorrectly identify and decline genuine transactions as potentially fraudulent, particularly when the transactions are carried out in an overseas country, which is not the card's country of issue, by the legitimate cardholder.
  • As a result, because the financial service provider has declined the transaction, it usually contacts the cardholder to confirm whether the transaction was actually fraudulent. This is done either manually by fraud centre operators, which is very expensive, or electronically by outbound dialling services, some of which can be inefficient and expensive. In many cases, however, because of the time taken for the financial service provider to instigate this process, the cardholder contacts the financial service provider directly (from abroad) to attempt to resolve the issue.
  • This is far from satisfactory because the cost of telephoning the financial service provider from abroad may be prohibitively high. Furthermore, the difference in time zone between countries may mean that the card holder is unable to contact the financial service provider if it is out of working hours in the country where the card was issued.
    • SUMMARY OF THE INVENTION
  • The invention is defined in its various aspects in the appended claims to which reference should now be made.
  • According to one aspect of the present invention, a method for deriving probability data relating to the validity of a requested financial transaction comprises the steps of: receiving location data relating to a requested transaction; receiving data identifying a mobile communication device associated with a person requesting the transaction; determining from Home Location Register (HLR) data for the mobile communication device location data for the mobile communication device; comparing the location data relating to the transaction with the location data from the mobile communication device; and determining probability data relating to the validity of the requested transaction in dependence on the result of the comparison.
  • According to another aspect of the present invention, apparatus for deriving probability data relating to the validity of requested financial transaction comprises: means for receiving location data relating to a requested transaction; means for receiving data identifying a mobile communication device associated with a person requesting the transaction; means for determining from Home Location Register (HLR) data for the mobile communication device location data for the mobile communication device; means for comparing the location data relating to the transaction with the location data from the mobile communication device; and means for determining probability data relating to the validity of the requested transaction in dependence on the result of the comparison.
  • Preferred embodiments of the invention derive probability data relating to the validity of a requested financial transaction by receiving location data relating to a requested transaction; receiving data identifying a mobile communication device associated with a person requesting the transaction; determine from Home Location Register (HLR) data for the mobile communication device location data for the mobile communication device; compare the location data relating to the transaction with the location data from the mobile communication device; and determine probability data relating to the validity of the requested transaction in dependence on the result of the comparison.
  • This allows the probability of legitimacy of a transaction to be determined to enable the issuing bank to better determine whether to allow or deny the transaction. This means that fewer false positive transactions occur, providing an improved service to the card holder and a reduction in cost to the issuing bank.
    • DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS
  • An embodiment of the invention will now be described, by way of example only, with reference to the accompanying drawings in which:
  • FIG. 1 shows a schematic diagram of the system architecture of an embodiment of the invention; and
  • FIG. 2 shows a flow diagram showing the main steps performed by an embodiment of the invention.
    •
  • Referring to FIG. 1, a false positive prevention system comprises a server or computer 101. The server or computer 101 determines whether a transaction is likely to be fraudulent or not, as described in further detail below. The system can further comprise a mobile network data aggregator 103; mobile networks, 105, 106, a mobile communication device (not shown), a bank 107, and a customer 109. Furthermore, the system may also comprise a resolution system 111, although this feature is not essential, and so it is shown in dashed lines in FIG. 1. The main steps carried out by an embodiment of the invention will now be described.
  • Referring to FIG. 2, a user first starts a transaction at a means for performing or carrying out a transaction, at step 201. The means for carrying out the transaction may be an ATM or PoS. If the transaction is being requested at an ATM, the user inserts a card into the ATM and enters his PIN number. Alternatively, if the transaction is being carried out at a PoS, then the user may physically pass the card to the retailer who inserts the card into a card reader for processing. The user may optionally enter a PIN, if the card is a chip and PIN card. Other verification schemes such as signature may also be used, alternatively or in addition to a PIN. In all cases, the card comprises data associated with an individual or user which allows the user's account to be identified. Usually this information is in the form of a sequence of decimal numbers.
  • The ATM or PoS then contacts the financial service provider (card issuer) 107 at step 203, and the Issuing bank or financial service provider 107 authorisation process starts. In this, the financial service provider receives a transaction request, at step 205. The ATM or PoS sends information enabling the identity of the card holder to be deduced. This information may comprise the card number and may be sent by conventional means or using wireless means known to the skilled person. The information also may be sent in any suitably encrypted form known to the skilled person.
  • Once the bank or financial service provider 107 has received the transaction request, it may optionally perform additional processing to determine (using software risk engines or in-house logic) whether the transaction is likely to be fraudulent, for example if the transaction is for a large amount. However, if the financial service provider 107 determines that the transaction is likely to be genuine, then it can proceed directly to the authorisation process, at step 217, allowing the transaction at step 219. If the financial service provider determines that the transaction is likely to be fraudulent, then it passes the request to the server, 101.
  • However, if the financial service provider does not perform this additional processing, then it passes the transaction information directly to the server 101.
  • In one embodiment, the server 101 may be located within the financial service provider's organisation. However preferred embodiments have a server 101 which is physically separate from the financial service provider, and the transaction information (for example card number or/and name or/and transaction amount) is sent using wireless or conventional wire technology to the server, 101.
  • In one embodiment, the server 101 then extracts country code information contained within the transaction information, at step 207.
  • In an alternative embodiment, the financial service provider extracts the country code information from the transaction information. The financial service provider may also assign a reference number to the transaction. This has the advantage that potentially sensitive financial information such as the card number does not have to be sent to the server 101.
  • The financial service provider then searches a customer data base or look up table for information identifying a mobile communication device, as shown in table 1.
  • TABLE 1
    Part of a look up table in an issuing bank.
    Card Holder Name Card number Telephone number
    Mr A Smith 5432 1234 5678 9998 00 44 7981 123 789
    Mr A Smith 5432 1234 5678 9999 00 44 7981 123 789
    Mr N Jones 5432 1234 0123 4567 00 44 7981 567 831
  • It does this by using the card holder identifying information (for example the card number) to search a look up table. The look up table has card holder identifying information for each card holder and also information enabling the card holder's mobile communication device to be determined. The card holder identifying information for each user is associated with at least one piece of information enabling the card holder's communication device to be determined. If the mobile communication device is a portable telephone, then this information may be the (unique) telephone number of the portable telephone associated with the user carrying out the transaction. Further, each card holder may have more than one entry in the look up table because they may have more than one card with the financial service provider.
  • The financial service provider then sends the information identifying the mobile communication device as well as the extracted country code (i.e. location) relating to the transaction to the server 101. Preferably, a transaction reference number is also sent. This could be an arbitrary number assigned to the transaction by the financial service provider. This information may be sent in an encrypted form.
  • The server 101 receives the information identifying the mobile communication device (mobile telephone number) of the customer 109 from the issuing bank it then performs a HLR lookup from a commercially available database. An HLR database, is held by every mobile network provider and comprises information on that provider's permanent subscribers. Included in the information is the Network Country Code to which a subscriber is currently assigned, for use with customers who are roaming. The HLR database is frequently updated to take account of changes in the user's position.
  • The server 101 performs the HLR lookup by opening one or more communication channel(s) to a mobile network data aggregator 103, at step 209. The network data aggregator holds HLR information for mobile communication devices registered with a mobile network provider. The network data aggregator may have HLR data of more than one mobile network service provider 105, 106. This has the advantage that it is not necessary to interrogate each service provider separately in order to obtain the HLR data of a mobile communication devices registered with different service providers.
  • The network data aggregator 103 is able to extract the Mobile Country Code (MCC) indicator held for every permanent subscriber within the Home Location Register (HLR) database of the subscriber's mobile network, at step 211 using the information enabling the card holder's communication device to be determined (i.e. mobile telephone number). The MCC code associated with the information identifying the mobile communication device (telephone number) is then passed to the server 101.
  • The server 101 then compares the received country indicator contained within the (cross-border) ATM or PoS transaction with the received Mobile Country Code (MCC) indicator.
  • At step 213, the probability of a transaction being legitimate is calculated. There are a number of ways in which this may be performed. The simplest way in which a legitimate transaction is detected is if the extracted country code of where the transaction is taking place matches the determined MCC indicator. For example, a transaction with an extracted country code relating to Australia will have a high probability of legitimacy if the determined MCC indicator also relates to Australia. In this case, the transaction is likely to be legitimate, because it is most likely that the legitimate card holder is in the same or a similar location to their mobile communication device. For a legitimate transaction the legitimate card holder carrying out the transaction is likely to have the mobile communication device on their person. In this case, the location of the transaction will be the substantially the same as the location of the user's mobile communication device.
  • The HLR data of a mobile communication device can be determined using techniques known to the skilled person, for example using the mobile GSM (Global System for Mobile) network or using 3rd generation mobile networks. This allows the position of the mobile communication device to be determined to an accuracy of at least 50 m.
  • In one embodiment the system can be configured so that a transaction is determined to be genuine only if the thus determined location of the mobile communication device is within a predetermined distance of the location where the transaction is occurring, for example 50 or 100 m.
  • In an alternative embodiment, the system is configured such that a transaction is determined to be genuine only if the mobile communication device is determined to be in the same city or state or country as the place where the transaction is taking place. This embodiment is useful because card users frequently leave mobile devices at home or in hotels when performing a transaction.
  • In some cases, the transaction country code will not match the MCC indicator, even though the transaction is being carried out by a legitimate user. This could occur if the transaction is taking place close to the border of a country, for example the border or France and Germany. In this case, if the MCC indicator is determined to be close to a border, the transaction may be allowed even though the transaction country code and the MCC indicator do not match, provided the transaction is occurring in a country which neighbours (i.e. within a predetermined distance) of the country code determined using the MCC.
  • The system may also determine the probability of a transaction being fraudulent, at step 213, rather than just determining whether the transaction is genuine (1) or fraudulent (0). In this case a number between 0 and 1 may be assigned to the transaction.
  • In one embodiment, the probability of the transaction being fraudulent is larger when the distance between the location of the transaction and the user's mobile communication device is larger.
  • At step 215, the transaction request is updated with the determined probability value, for example 0.9 (meaning that there is a 90% probability that the transaction is genuine) or whole number for example 1 or 0 (meaning that the transaction has determined with 100% probability of it being genuine or fraudulent). The probability is then passed to the bank or financial service provider 101 as part of the transaction information, and at step 217, the bank or financial service provider allows or denies the transaction in dependence upon the determined probability. If the transaction is allowed it is completed at step 219.
  • In this way, embodiments of the invention reduce the incidence of false-positive transactions.
  • A consequence of reducing the incidence of false-positives is a potential increase in the detection of true positives (fraudulent transactions) by allowing more suspect transactions to be declined. By true positive we mean a fraudulent transaction declined for being identified as potentially fraudulent. Embodiments of the invention therefore, to achieve maximum effectiveness, require cardholders to take and activate their mobile communication devices (mobile phones) abroad (though not necessarily to carry them on their person) and also require issuing banks to record accurate mobile phone information on their cardholder databases. This is an increasing trend due to the increasing incidence of cross-border false-positives and is actively encouraged by banks. The Association for Payment Clearing Services (APACS) advises card holders to make sure their card company has up-to-date contact details for them, including a mobile number, especially if travelling overseas.
  • In a further embodiment, an automated resolution process, at step 221, is provided, however this is optional. This allows for the immediate and automatic resolution of any transaction declined through having a low probability of legitimacy (potentially fraudulent transaction). The automated resolution process predicts if the decline is a true-positive (fraudulent transaction) or false-positive (legitimate transaction). Depending on which outcome, the automated resolution process connects the cardholder directly with the bank or financial service provider (i.e. fraud department) to resolve the issue of the fraudulent card and any previous fraudulent transactions. Alternatively it can update the cardholder's information and request the cardholder to resubmit the declined transaction. Because the resolution process can occur immediately the transaction is declined, it streamlines the process, provides a better customer experience and provides the opportunity for the cardholder to retry the transaction, in the case of false-positive, whilst still in the vicinity of the original declined transaction.
  • Embodiments of the invention use HLR information in conjunction with card-present financial transaction data to predict the probability of legitimacy. Using HLR databases to determine the country location of a subscriber has advantages over techniques such as Latitude/Longitude tracking in terms of cost, timeliness and privacy. Embodiments of the invention allow more true positive cross-border card present financial transactions to be identified, while also reducing the number of false positive transactions.
  • Embodiments of the invention also allow invalid mobile telephone numbers to be identified (ones that are no longer in use) using the HLR information thereby avoiding processing errors. This also allows these numbers to be identified and for the financial service provider to request new telephone numbers from the card holder. Embodiments of the invention can run as a hosted service or in-house. Although embodiments of the invention have been described with reference to financial cards, it is not in fact necessary for any card to actually be present when the transaction is taking place. For example, a user may use biometric information such as finger print(s) or retina scan(s) as a unique identifier of their account whilst also giving authorisation information. The authorisation information can be an additional PIN or can be the biometric information itself.
  • In other embodiments, a user can be provided with a unique combination of code or/and pin number to enter at an ATM. This allows their financial service provider to provide the user with cash from the ATM without the need for a physical card. The withdrawn cash is then debited from the user's account which is identified using the unique code.
  • It will be appreciated that the present invention finds applicability in determining the validity or authenticity of any transaction being attempted at an ATM or PoS or any other means for carrying out a transaction. The transaction may be a financial transaction. Further, embodiments of the invention may be implemented in hardware or software. Embodiments may be implemented in the ATM or PoS or other means for carrying out a transaction, although, it is preferable to implement the system at a centralised computer or server 101. In addition to using Home Location Register database information, the system 101 may use Visitor Location register database information. These databases may be referred to as Location Register (LR) databases.
  • In one embodiment, the location data relating to where a financial transaction is being requested may comprise data identifying a region where a transaction is being requested. For example, embodiments of the invention may use an ATM country code indicator or a PoS country code indicator. These financial transaction country indicators may be labels such as “UK” or “44” and serve to identify a particular region, but do not contain sufficient information to determine where the region is located or even where within the region the ATM or PoS is located or positioned.
  • Further, the location data of the mobile communication device may comprise data identifying a region where a mobile communication device is located.
  • For example, embodiments of the invention may use a Mobile Country Code (MCC) indicator, such as “UK” or “44”. The server 101 may extract the Mobile Country Code indicator from the Home Location Register Data. The server 101 may extract the Mobile Country Code indicator from the LR data of a number of mobile devices using the data identifying a mobile communication device which is associated with a person requesting the transaction. The LR data corresponding to the mobile device of the user requesting the transaction may then be searched to extract the country code indicator. For example, a search for the field “MCC” in the LR database, will reveal a match, and the data value associated with that match is the MCC value or indicator. The data identifying a mobile communication device may be a mobile telephone number or other subscriber information such as an International Mobile Subscriber Identity (IMSI).
  • The data identifying a region where a mobile communication device is located may be a label such as “UK” or “44” and serve to identify a particular region where the device is located, but do not contain sufficient information to determine where the region is located or even where within the region the device is located or positioned.
  • Using data identifying a region rather than location data itself has advantages in that the server 101 does not know the position of the mobile communication device, so that a user's privacy is maintained. The server 101 just knows what the value is of the identifier which represents a particular region. For example, if the user's mobile communication device is located within the UK, the data identifying the region where the mobile device is located may be a number such as “44”. This information does not allow the position of the mobile communication to be determined.
  • Further, using data identifying a region rather than the location data itself also has the advantage in that the server 101 or computer does not know the position or location of the ATM or PoS where the user is attempting a transaction. This also has benefits to the user in terms of privacy.
  • Further, the indicator or data identifying a region where the financial transaction is requested are not unique. That is to say, all ATMs or PoSs within a particular geographic region are assigned a particular country indicator, such as “44”.
  • Further, the indicator or data identifying a region where a mobile communication device associated with a user requesting a transaction is located is also not unique. That is to say, the mobile phone country indicator assigned to a particular phone is not unique and that a number of mobile phones within a particular region or country share the same code.
  • Having indicators which are not unique has the advantage that the step of comparing the data identifying a region where a financial transaction is requested with the data identifying a region where a mobile communication device is located is simplified.
  • This is because it is not necessary to determine the distance of the ATM or PoS from the mobile communication device, for example using the position (x1, y1, z1) of the mobile device and the position (x2, y2, z2) of the ATM or PoS. All that is required is to compare the data or identifier of the region where the ATM or POS is located with the data identifier of the region where the mobile communication device is located. This simplifies, and hence, improves the response time of the system. It also advantageous in terms of increased privacy for the user.
  • A transaction may be validated or determined as authentic if the region identifier where the ATM or POS is located matches the region identifier where the mobile communication device is located.
  • In some countries additional identifiers of the region in which the mobile device is located may also be provided. For example, for transactions within the United States, the data identifying the regions where a mobile device is located also may comprise a city or state identifier. This identifier is also located in the HLR data. However, these city or state identifiers are also not unique in that a number of mobile devices may be assigned the same city or state identifier. Further, the city or state identifiers may not contain sufficient information to enable the location of the region covered by the city or state to be determined or indeed to determine where within the city or state region the mobile device is located.
  • As previously described, embodiments of the invention may receive the HLR data from a mobile network aggregator. Further, the transaction may be a card-present transaction or a card-not-present transaction or a cross-border transaction. The location data of the mobile communication device may be receivable from more than one network aggregator. The LR data may comprise data from more than one mobile network service provider. Further, a probability of legitimacy of the requested transaction may be determined in real time or post authorisation.
  • Further, embodiments of the invention may decline a transaction if a determined probability of legitimacy is below a predetermined value. The probability data may also be used to identify a false positive transaction. The transaction data and the data identifying a mobile communication device may be received from a financial service provider. The method may also comprise the step of automatically contacting the person requesting the transaction, for example via telephone.
  • Embodiments of the invention may also comprise the step of controlling a means for carrying out a transaction in dependence upon the result of the comparison. This step may be an alternative to the step of authenticating the transaction in dependence on the result of the comparison.
  • For example, if the data identifying the region where the transaction is being requested matches the data identifying the region where the mobile communication device is located an ATM or PoS or other means for carrying out a transaction may be controlled such that cash is dispensed or such that the PoS performs the transaction.

Claims (37)

1. A method for authenticating a transaction comprising the steps of:
receiving data identifying a region where a transaction is being requested;
determining from Location Register (LR) data for a mobile communication device associated with a person requesting the transaction data identifying a region where the mobile communication device is located;
comparing the data identifying the region where the transaction is being requested with the data identifying the region where the mobile communication device is located; and
authenticating the transaction in dependence on the result of the comparison.
2. A method according to claim 1 further comprising the step of receiving data identifying a mobile communication device associated with a person requesting the transaction.
3. A method according to claim 1 further comprising the step of receiving the Location Register data for the mobile device associated with the person requesting the transaction.
4. A method according to claim 2 in which the data identifying the mobile communication device associated with the person requesting the transaction is used to determine the region where the mobile communication device is located from the LR data.
5. A method according to claim 1 further comprising the step of extracting the data identifying a region where a transaction is being requested from transaction data received from a means for carrying out a transaction by searching transaction data.
6. A method according to claim 1 wherein the data identifying the region where the mobile communication device is located is determined from Home Location Register data or Visitor Location Register data.
7. A method according to claim 1 wherein the LR data is received from a mobile network aggregator storing LR data of a plurality of mobile devices registered with different mobile service providers.
8. A method according to claim 1 wherein the transaction occurs between two regions.
9. A method according to claim 1 in which the transaction occurs within a single region.
10. A method according to claim 1 in which the data identifying a region where a mobile communication device is located comprises Mobile Country Code (MCC) data or data identifying a state or a city.
11. A method according to claim 1 in which the data identifying a region where a transaction is being requested comprises transaction country data or data identifying a state or a city.
12. A method according to claim 1 further comprising the step of allowing the transaction if the transaction is determined to be authentic.
13. A method according to claim 1 in which the transaction is determined to be authentic if the data identifying the region where the transaction is being requested matches the data identifying the region where the mobile communication device is located.
14. A method according to claim 1 further comprising the step of declining the transaction if the transaction is determined not to be authentic.
15. A method according to claim 1 in which the transaction is not determined to be authentic if the data identifying a region where a transaction is being requested does not match the data identifying a region where a mobile communication device is located.
16. A method according to claim 14 further comprising the step of establishing a connection between the mobile communication device of the user requesting the transaction and the service provider of the transaction and preferably where the connection is via real-time voice telephony or via short message service (SMS).
17. A method according to claim 1 in which the data identifying the region where the transaction is being requested and in particular the data identifying the region where the mobile communication device is located are received from a financial service provider or from a means for carrying out the transaction.
18. A method according to claim 1 further comprising the step of controlling a means for carrying out a transaction in dependence upon the result of the comparison.
19. A method for deriving probability data relating to the validity of a requested financial transaction comprising the steps of:
receiving data identifying a region where a transaction is being requested;
determining from Location Register (LR) data for a mobile communication device associated with a person requesting the transaction data identifying a region where the mobile communication device is located;
comparing the data identifying the region where the transaction is being requested with the data identifying the region where the mobile communication device is located; and
determining probability data relating to the validity of the requested transaction in dependence on the result of the comparison.
20. A method according to claim 19 further comprising the step of receiving data identifying a mobile communication device associated with a person requesting the transaction.
21. Apparatus for authenticating a transaction comprising:
means for receiving data identifying a region where a transaction is being requested;
means for determining from Location Register (LR) data for a mobile communication device associated with a person requesting the transaction data identifying a region where the mobile communication device is located;
means for comparing the data identifying the region where the transaction is being requested with the data identifying the region where the mobile communication device is located; and
means for authenticating the transaction in dependence on the result of the comparison.
22. Apparatus according to claim 1 further comprising means for receiving data identifying a mobile communication device associated with a person requesting the transaction.
23. Apparatus according to claim 1 in which the Location Register data for the mobile device associated with the person requesting the transaction is received from a mobile network service provider.
24. Apparatus according to claim 22 in which the data identifying the mobile communication device associated with the person requesting the transaction is used to determine the region where the mobile communication device is located from the LR data.
25. Apparatus according to claim 1 further comprising means for extracting the data identifying a region where a transaction is being requested from transaction data received from a means for carrying out a transaction by searching transaction data.
26. Apparatus according to claim 1 wherein the data identifying the region where the mobile communication device is located is determined from Home Location Register data or Visitor Location Register data.
27. Apparatus according to claim 1 further comprising a mobile network aggregator storing LR details of a plurality of mobile devices registered with different mobile service providers.
28. Apparatus according to claim 1 in which the data identifying a region where a mobile communication device is located comprises Mobile Country Code (MCC) data or data identifying a state or a city.
29. Apparatus according to claim 1 further comprising a means for allowing the transaction if the transaction is determined to be authentic.
30. Apparatus according to claim 1 in which the transaction is determined to be authentic if the data identifying the region where the transaction is being requested matches the data identifying the region where the mobile communication device is located.
31. Apparatus according to claim 1 in which the transaction is not determined to be authentic if the data identifying a region where a transaction is being requested does not match the data identifying a region where a mobile communication device is located.
32. Apparatus according to claim 30 further comprising means for establishing a connection between the mobile communication device of the user requesting the transaction and a service provider of the transaction.
33. Apparatus according to claim 1 in which the data identifying the region where the transaction is being requested and in particular the data identifying the region where the mobile communication device is located are received from a financial service provider or from a means for carrying out the transaction.
34. Apparatus according to claim 1 further comprising means for connecting in particular via real-time voice telephony or via short message service (SMS) the mobile device of the person requesting the transaction to a transaction service provider.
35. Apparatus according to claim 1 further comprising a controller for controlling a means for carrying out a transaction in dependence upon the result of the comparison.
36. Apparatus for deriving probability data relating to the validity of requested financial transaction comprising:
means for receiving data identifying a region where a transaction is being requested;
means for determining from Location Register (LR) data for a mobile communication device associated with a person requesting the transaction data identifying a region where the mobile communication device is located;
means for comparing the data identifying the region where the transaction is being requested with the data identifying the region where from the mobile communication device is located; and
means for determining probability data relating to the validity of the requested transaction in dependence on the result of the comparison.
37. Apparatus according to claim 36 further comprising means for receiving data identifying a mobile communication device associated with a person requesting the transaction.
US13/138,286 2009-01-28 2010-01-28 Card false-positive prevention Abandoned US20110282789A1 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
GB0901407.7 2009-01-28
GBGB0901407.7A GB0901407D0 (en) 2009-01-28 2009-01-28 Card false-positive prevention
PCT/GB2010/000139 WO2010086608A2 (en) 2009-01-28 2010-01-28 Card false-positive prevention

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB2010/000139 A-371-Of-International WO2010086608A2 (en) 2009-01-28 2010-01-28 Card false-positive prevention

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US17/149,852 Continuation US11449850B2 (en) 2009-01-28 2021-01-15 Card false-positive prevention

Publications (1)

Publication Number Publication Date
US20110282789A1 true US20110282789A1 (en) 2011-11-17

Family

ID=40469213

Family Applications (2)

Application Number Title Priority Date Filing Date
US13/138,286 Abandoned US20110282789A1 (en) 2009-01-28 2010-01-28 Card false-positive prevention
US17/149,852 Active US11449850B2 (en) 2009-01-28 2021-01-15 Card false-positive prevention

Family Applications After (1)

Application Number Title Priority Date Filing Date
US17/149,852 Active US11449850B2 (en) 2009-01-28 2021-01-15 Card false-positive prevention

Country Status (7)

Country Link
US (2) US20110282789A1 (en)
EP (1) EP2425643A2 (en)
CN (1) CN102439617A (en)
BR (1) BRPI1007533A2 (en)
GB (2) GB0901407D0 (en)
RU (1) RU2534943C2 (en)
WO (1) WO2010086608A2 (en)

Cited By (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120317019A1 (en) * 2011-05-26 2012-12-13 First Data Corporation Card-Present On-Line Transactions
US8443202B2 (en) 2009-08-05 2013-05-14 Daon Holdings Limited Methods and systems for authenticating users
US8527360B2 (en) 2011-04-29 2013-09-03 Daon Holdings Limited Methods and systems for conducting payment transactions
WO2013158905A1 (en) * 2012-04-19 2013-10-24 Alibaba Group Holding Limited Account security protection method and system
US8826030B2 (en) 2010-03-22 2014-09-02 Daon Holdings Limited Methods and systems for authenticating users
EP2779070A1 (en) * 2013-03-13 2014-09-17 Rogers Communications Inc. Methods and devices for fraud detection based on roaming status
US20150161611A1 (en) * 2013-12-10 2015-06-11 Sas Institute Inc. Systems and Methods for Self-Similarity Measure
US20150170147A1 (en) * 2013-12-13 2015-06-18 Cellco Partnership (D/B/A Verizon Wireless) Automated transaction cancellation
US20150220920A1 (en) * 2014-01-31 2015-08-06 Mastercard International Incorporated Method and system for optimizing force posted payments
US9443263B1 (en) * 2015-06-15 2016-09-13 Young Duck Kim Travel destination one stop shopping system based on 3D panoramic image and control method thereof
US20160364728A1 (en) * 2015-06-11 2016-12-15 Early Warning Services, Llc Card systems and methods
TWI596497B (en) * 2015-12-22 2017-08-21 廣達電腦股份有限公司 Server and method for combination wireless and smartcard login authentication, and non-transitory computer-readable medium
US9996837B2 (en) * 2014-06-06 2018-06-12 Visa International Service Association Integration of secure protocols into a fraud detection system
US20190087820A1 (en) * 2017-09-18 2019-03-21 Mastercard International Incorporated False decline alert network
US10509997B1 (en) * 2016-10-24 2019-12-17 Mastercard International Incorporated Neural network learning for the prevention of false positive authorizations
US10963888B2 (en) * 2019-04-10 2021-03-30 Advanced New Technologies Co., Ltd. Payment complaint method, device, server and readable storage medium
US11144928B2 (en) 2016-09-19 2021-10-12 Early Warning Services, Llc Authentication and fraud prevention in provisioning a mobile wallet
US11316751B2 (en) * 2016-08-26 2022-04-26 Paypal, Inc. Adaptive learning system with a product configuration engine
US20220232382A1 (en) * 2019-06-14 2022-07-21 Nokia Technologies Oy Controlling provision of access to restricted local operator services by user equipment
US11449850B2 (en) 2009-01-28 2022-09-20 Validsoft Limited Card false-positive prevention

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2479131A (en) * 2010-03-29 2011-10-05 It Consultancy Solutions Ltd Fraud detection system for determining fraud risk associated with a transaction
RU2576586C2 (en) * 2011-10-31 2016-03-10 Мани Энд Дэйта Протекшн Лиценц Гмбх Унд Ко.Кг Authentication method
GB2500212A (en) * 2012-03-13 2013-09-18 Validsoft Uk Ltd Method for location based authentication of transaction
GB2501478A (en) * 2012-04-23 2013-10-30 Icheque Network Ltd Verification of electronic payment
CA2899319A1 (en) * 2013-01-25 2014-07-31 Just Push Pay, Llc Integrated transaction and account system
GB201306102D0 (en) * 2013-04-04 2013-05-22 4Most Europ Ltd Authentication
GB2532512A (en) * 2014-11-24 2016-05-25 Validsoft Uk Ltd Location method
RU2599943C2 (en) * 2015-02-20 2016-10-20 Закрытое акционерное общество "Лаборатория Касперского" Method of fraudulent transactions detecting system optimizing
US20210276826A1 (en) * 2020-03-05 2021-09-09 Otis Elevator Company Receiver-less device positioning

Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030169881A1 (en) * 2002-02-05 2003-09-11 Niedermeyer Brian J. Location based fraud reduction system and method
US20040225520A1 (en) * 2003-05-07 2004-11-11 Intelligent Wave, Inc. Fraud score calculating program, method of calculating fraud score, and fraud score calculating system for credit cards
US20060237531A1 (en) * 2005-04-26 2006-10-26 Jacob Heffez Method and system for monitoring electronic purchases and cash-withdrawals
US20070030973A1 (en) * 2005-08-03 2007-02-08 Cingular Wireless Ii, Llc Limiting services based on location
US20070108269A1 (en) * 2005-11-16 2007-05-17 Benco David S Processing merchant point-of-sale transactions using a mobile subscriber device
US20080084272A1 (en) * 2006-10-05 2008-04-10 Andrea Modiano Systems and methods for automated wireless authorization for entry into a geographic area
US20080162346A1 (en) * 2007-01-03 2008-07-03 Bellsouth Intellectual Property Corporation User terminal location based credit card authorization servers, systems, methods and computer program products
US20080227471A1 (en) * 2007-03-16 2008-09-18 Ajay Dankar Method for tracking credit card fraud
US20090011758A1 (en) * 2003-09-19 2009-01-08 Tomonori Aoki System Using International Roaming-Capable Mobile Communication Network
US20090102712A1 (en) * 2005-04-26 2009-04-23 Guy Heffez Method and system for monitoring electronic purchases and cash-withdrawals
US20090221265A1 (en) * 2008-02-28 2009-09-03 Jing Liu System and Method for Mobile Telephone Roaming
US20090307028A1 (en) * 2006-02-06 2009-12-10 Mediakey Ltd. A method and a system for identifying potentially fraudulent customers in relation to electronic customer action based systems, and a computer program for performing said method
US20100022254A1 (en) * 2008-07-22 2010-01-28 Bank Of America Corporation Location-Based Authentication of Mobile Device Transactions
US20100291907A1 (en) * 2007-09-17 2010-11-18 Seeker Wireless Pty Limited Systems and method for triggering location based voice and/or data communications to or from mobile ratio terminals

Family Cites Families (69)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5719918A (en) * 1995-07-06 1998-02-17 Newnet, Inc. Short message transaction handling system
US5745654A (en) 1996-02-13 1998-04-28 Hnc Software, Inc. Fast explanations of scored observations
US5950176A (en) * 1996-03-25 1999-09-07 Hsx, Inc. Computer-implemented securities trading system with a virtual specialist function
US6868391B1 (en) * 1997-04-15 2005-03-15 Telefonaktiebolaget Lm Ericsson (Publ) Tele/datacommunications payment method and apparatus
DE19903822C2 (en) * 1999-02-02 2001-09-20 Mathias Entenmann Procedure for making cashless payments and system for performing the procedure
EP1277180A2 (en) * 2000-04-24 2003-01-22 Visa International Service Association Online payer authentication service
TW589855B (en) 2000-05-15 2004-06-01 Ntt Docomo Inc Authentication system and method
US20020062310A1 (en) * 2000-09-18 2002-05-23 Smart Peer Llc Peer-to-peer commerce system
JP2002319058A (en) * 2001-04-20 2002-10-31 Hitachi Ltd Automatic international on-line cash transaction system
US7383224B2 (en) * 2001-06-29 2008-06-03 Capital One Financial Corporation Systems and methods for processing credit card transactions that exceed a credit limit
US20030182194A1 (en) * 2002-02-06 2003-09-25 Mark Choey Method and system of transaction card fraud mitigation utilizing location based services
KR100466652B1 (en) * 2002-05-16 2005-01-17 주식회사 케이티프리텔 Method for guaranteeing financial transactions by using wireless network
US8204992B2 (en) * 2002-09-26 2012-06-19 Oracle America, Inc. Presence detection using distributed indexes in peer-to-peer networks
US20040181487A1 (en) * 2003-03-10 2004-09-16 Microsoft Corporation Digital media clearing house platform
US7246740B2 (en) 2003-04-03 2007-07-24 First Data Corporation Suspicious persons database
US20050114262A1 (en) * 2003-04-15 2005-05-26 Vehiclesense, Inc. Payment processing method and system using a peer-to-peer network
US8156040B2 (en) * 2003-07-03 2012-04-10 Federal Reserve Bank Of Minneapolis Method and system for conducting international electronic financial transactions
US7543739B2 (en) 2003-12-17 2009-06-09 Qsecure, Inc. Automated payment card fraud detection and location
WO2005098770A1 (en) * 2004-04-08 2005-10-20 Patch Pte Ltd Apparatus for identification, authorisation and/or notification
US20140019352A1 (en) * 2011-02-22 2014-01-16 Visa International Service Association Multi-purpose virtual card transaction apparatuses, methods and systems
KR100640486B1 (en) * 2005-03-03 2006-10-31 삼성전자주식회사 Method for allocating internet protocol address in mobile communication system
EP1708527A1 (en) 2005-03-31 2006-10-04 BRITISH TELECOMMUNICATIONS public limited company Location based authentication
US8166068B2 (en) 2005-09-02 2012-04-24 Qwest Location based authorization of financial card transactions systems and methods
US20070174082A1 (en) 2005-12-12 2007-07-26 Sapphire Mobile Systems, Inc. Payment authorization using location data
US7513418B2 (en) 2005-12-20 2009-04-07 First Data Corporation Systems and methods for performing a simplified risk assessment
US8352323B2 (en) * 2007-11-30 2013-01-08 Blaze Mobile, Inc. Conducting an online payment transaction using an NFC enabled mobile communication device
US20070174116A1 (en) * 2006-01-23 2007-07-26 Keith Chad C Electronic coupon systems and methods to operate the same
US20070255662A1 (en) * 2006-03-30 2007-11-01 Obopay Inc. Authenticating Wireless Person-to-Person Money Transfers
US7634251B2 (en) * 2006-06-20 2009-12-15 Motorola, Inc. Method and system for generating peer to peer billing records when one or more clients pay for the other clients
WO2008009052A1 (en) * 2006-07-19 2008-01-24 On Q Technologies Pty Ltd System and method of organising and operating an electronic account
US8116751B2 (en) 2007-02-23 2012-02-14 At&T Intellectual Property I, L.P. Methods, systems, and products for identity verification
US8045995B2 (en) * 2007-05-31 2011-10-25 Yahoo! Inc. Centralized location broker
US20090012898A1 (en) * 2007-07-02 2009-01-08 Lucent Technologies Inc. Location based credit card fraud prevention
JP2010533346A (en) 2007-07-13 2010-10-21 キルスイッチ システムズ インコーポレイテッド Financial transaction system with location-based fraud prevention
US8220034B2 (en) * 2007-12-17 2012-07-10 International Business Machines Corporation User authentication based on authentication credentials and location information
US8694424B2 (en) * 2007-12-18 2014-04-08 Federal Reserve Bank Of Atlanta System and method for managing foreign payments using separate messaging and settlement mechanisms
US20090187488A1 (en) * 2008-01-22 2009-07-23 John Shamilian Method and system for providing a service to a customer
US8706588B1 (en) * 2008-10-20 2014-04-22 Sprint Communications Company L.P. System and method of provisioning confidential information via a mobile device
GB0901407D0 (en) 2009-01-28 2009-03-11 Validsoft Uk Ltd Card false-positive prevention
AU2010244100B2 (en) * 2009-05-03 2016-06-23 Smk-Logomotion Corporation A payment terminal using a mobile communication device, such as a mobile phone; a method of direct debit payment transaction
US20120016799A1 (en) * 2010-07-16 2012-01-19 Patrick Killian Money transfer system gateway service
US20120173409A1 (en) * 2010-12-30 2012-07-05 Ebay Inc. Real-time global fund transfers
AU2012242932A1 (en) * 2011-04-11 2013-10-31 Visa International Service Association Interoperable financial transactions via mobile devices
US20190139035A1 (en) * 2011-11-13 2019-05-09 Millind Mittal System and method of electronic payment using payee provided transaction identification codes
US8812396B2 (en) * 2012-01-09 2014-08-19 Mastercard International Incorporated E-wallet with cross-border capability
US20140180810A1 (en) * 2012-12-22 2014-06-26 Coupons.Com Incorporated Selection of digital offers based on current and historical transaction data
WO2014124043A1 (en) * 2013-02-05 2014-08-14 Visa International Service Association Integrated communications network for transactions
GB2513340A (en) * 2013-04-23 2014-10-29 Travelex Ltd Processing system
US10546315B2 (en) * 2013-07-13 2020-01-28 Bruce Mitchell Systems and methods to enable offer and rewards marketing, and customer relationship management (CRM) network platform
US20150120559A1 (en) * 2013-10-29 2015-04-30 Douglas Fisher Enhancements to transaction processing in a secure environment
US10572684B2 (en) * 2013-11-01 2020-02-25 Anonos Inc. Systems and methods for enforcing centralized privacy controls in de-centralized systems
US11030341B2 (en) * 2013-11-01 2021-06-08 Anonos Inc. Systems and methods for enforcing privacy-respectful, trusted communications
US20150161597A1 (en) * 2013-12-09 2015-06-11 Kaushik Subramanian Transactions using temporary credential data
US20150278776A1 (en) * 2014-03-27 2015-10-01 Bank Of America Corporation Hybrid, electronically-labeled, payment transmission solutions
US20150294314A1 (en) * 2014-04-09 2015-10-15 Mastercard International Incorporated System and method of providing multinational card programs
US20160012441A1 (en) * 2014-07-14 2016-01-14 Mastercard International Incorporated Method and system for optimizing authenticiation processes in payment transactions
CN104392348A (en) * 2014-11-06 2015-03-04 朱锐泷 Digital currency-based cross-border payment and clearing system and cross-border payment method
US11189368B2 (en) * 2014-12-24 2021-11-30 Stephan HEATH Systems, computer media, and methods for using electromagnetic frequency (EMF) identification (ID) devices for monitoring, collection, analysis, use and tracking of personal data, biometric data, medical data, transaction data, electronic payment data, and location data for one or more end user, pet, livestock, dairy cows, cattle or other animals, including use of unmanned surveillance vehicles, satellites or hand-held devices
US11354651B2 (en) * 2015-01-19 2022-06-07 Royal Bank Of Canada System and method for location-based token transaction processing
US10692085B2 (en) * 2015-02-13 2020-06-23 Yoti Holding Limited Secure electronic payment
US20170221066A1 (en) * 2015-07-01 2017-08-03 The Clearing House Payments Company, L.L.C. Real-time payment system, method, apparatus, and computer program
US10586225B2 (en) * 2015-10-01 2020-03-10 Paypal, Inc. Intelligent selection of transaction processing technology available at a merchant location
US10453065B2 (en) * 2016-02-12 2019-10-22 Visa International Service Association Method and system for determining terminal location
SG10201604590XA (en) * 2016-06-06 2018-01-30 Mastercard International Inc Methods and apparatus for authorizing a transaction
US20180121891A1 (en) * 2016-11-02 2018-05-03 Mastercard International Incorporated System and method for processing payment transactions at network edge nodes
US20180174237A1 (en) * 2016-12-21 2018-06-21 Mastercard International Incorporated Method and system for person-to-person arbitrary currency exchange service
US10430769B2 (en) * 2017-05-05 2019-10-01 Bank Of America Corporation System for atypical third party channel utilization for resource distribution completion
US10963871B2 (en) * 2017-11-22 2021-03-30 Mastercard International Incorporated Bin-conserving tokenization techniques generating tokens in reverse order and employing common device pan with differing pan sequence number values across token instances
US11227284B2 (en) * 2017-12-13 2022-01-18 Mastercard International Incorporated Method and system for consumer-initiated transactions using encrypted tokens

Patent Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030169881A1 (en) * 2002-02-05 2003-09-11 Niedermeyer Brian J. Location based fraud reduction system and method
US20040225520A1 (en) * 2003-05-07 2004-11-11 Intelligent Wave, Inc. Fraud score calculating program, method of calculating fraud score, and fraud score calculating system for credit cards
US20090011758A1 (en) * 2003-09-19 2009-01-08 Tomonori Aoki System Using International Roaming-Capable Mobile Communication Network
US20060237531A1 (en) * 2005-04-26 2006-10-26 Jacob Heffez Method and system for monitoring electronic purchases and cash-withdrawals
US20090102712A1 (en) * 2005-04-26 2009-04-23 Guy Heffez Method and system for monitoring electronic purchases and cash-withdrawals
US20070030973A1 (en) * 2005-08-03 2007-02-08 Cingular Wireless Ii, Llc Limiting services based on location
US20070108269A1 (en) * 2005-11-16 2007-05-17 Benco David S Processing merchant point-of-sale transactions using a mobile subscriber device
US20090307028A1 (en) * 2006-02-06 2009-12-10 Mediakey Ltd. A method and a system for identifying potentially fraudulent customers in relation to electronic customer action based systems, and a computer program for performing said method
US20080084272A1 (en) * 2006-10-05 2008-04-10 Andrea Modiano Systems and methods for automated wireless authorization for entry into a geographic area
US20080162346A1 (en) * 2007-01-03 2008-07-03 Bellsouth Intellectual Property Corporation User terminal location based credit card authorization servers, systems, methods and computer program products
US20080227471A1 (en) * 2007-03-16 2008-09-18 Ajay Dankar Method for tracking credit card fraud
US20100291907A1 (en) * 2007-09-17 2010-11-18 Seeker Wireless Pty Limited Systems and method for triggering location based voice and/or data communications to or from mobile ratio terminals
US20090221265A1 (en) * 2008-02-28 2009-09-03 Jing Liu System and Method for Mobile Telephone Roaming
US20100022254A1 (en) * 2008-07-22 2010-01-28 Bank Of America Corporation Location-Based Authentication of Mobile Device Transactions

Cited By (38)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11449850B2 (en) 2009-01-28 2022-09-20 Validsoft Limited Card false-positive prevention
US10320782B2 (en) 2009-08-05 2019-06-11 Daon Holdings Limited Methods and systems for authenticating users
US8443202B2 (en) 2009-08-05 2013-05-14 Daon Holdings Limited Methods and systems for authenticating users
US9202032B2 (en) 2009-08-05 2015-12-01 Daon Holdings Limited Methods and systems for authenticating users
US9202028B2 (en) 2009-08-05 2015-12-01 Daon Holdings Limited Methods and systems for authenticating users
US9485251B2 (en) 2009-08-05 2016-11-01 Daon Holdings Limited Methods and systems for authenticating users
US9781107B2 (en) 2009-08-05 2017-10-03 Daon Holdings Limited Methods and systems for authenticating users
US8826030B2 (en) 2010-03-22 2014-09-02 Daon Holdings Limited Methods and systems for authenticating users
US8527360B2 (en) 2011-04-29 2013-09-03 Daon Holdings Limited Methods and systems for conducting payment transactions
US9106632B2 (en) 2011-05-26 2015-08-11 First Data Corporation Provisioning by delivered items
US9059980B2 (en) 2011-05-26 2015-06-16 First Data Corporation Systems and methods for authenticating mobile devices
US20120317019A1 (en) * 2011-05-26 2012-12-13 First Data Corporation Card-Present On-Line Transactions
US8775305B2 (en) * 2011-05-26 2014-07-08 First Data Corporation Card-present on-line transactions
US9106633B2 (en) 2011-05-26 2015-08-11 First Data Corporation Systems and methods for authenticating mobile device communications
US9154477B2 (en) 2011-05-26 2015-10-06 First Data Corporation Systems and methods for encrypting mobile device communications
US9331996B2 (en) 2011-05-26 2016-05-03 First Data Corporation Systems and methods for identifying devices by a trusted service manager
CN103379431A (en) * 2012-04-19 2013-10-30 阿里巴巴集团控股有限公司 Account security protecting method and device
WO2013158905A1 (en) * 2012-04-19 2013-10-24 Alibaba Group Holding Limited Account security protection method and system
US10460307B2 (en) 2013-03-13 2019-10-29 Rogers Communications Inc. Methods and devices for fraud detection based on roaming status
EP2779070A1 (en) * 2013-03-13 2014-09-17 Rogers Communications Inc. Methods and devices for fraud detection based on roaming status
US20150161611A1 (en) * 2013-12-10 2015-06-11 Sas Institute Inc. Systems and Methods for Self-Similarity Measure
US20150170147A1 (en) * 2013-12-13 2015-06-18 Cellco Partnership (D/B/A Verizon Wireless) Automated transaction cancellation
US9508075B2 (en) * 2013-12-13 2016-11-29 Cellco Partnership Automated transaction cancellation
US20150220920A1 (en) * 2014-01-31 2015-08-06 Mastercard International Incorporated Method and system for optimizing force posted payments
US9996837B2 (en) * 2014-06-06 2018-06-12 Visa International Service Association Integration of secure protocols into a fraud detection system
US11030622B2 (en) * 2015-06-11 2021-06-08 Early Warning Services, Llc Card systems and methods
US20160364728A1 (en) * 2015-06-11 2016-12-15 Early Warning Services, Llc Card systems and methods
US9443263B1 (en) * 2015-06-15 2016-09-13 Young Duck Kim Travel destination one stop shopping system based on 3D panoramic image and control method thereof
TWI596497B (en) * 2015-12-22 2017-08-21 廣達電腦股份有限公司 Server and method for combination wireless and smartcard login authentication, and non-transitory computer-readable medium
US11316751B2 (en) * 2016-08-26 2022-04-26 Paypal, Inc. Adaptive learning system with a product configuration engine
US11144928B2 (en) 2016-09-19 2021-10-12 Early Warning Services, Llc Authentication and fraud prevention in provisioning a mobile wallet
US11151567B2 (en) 2016-09-19 2021-10-19 Early Warning Services, Llc Authentication and fraud prevention in provisioning a mobile wallet
US11151566B2 (en) 2016-09-19 2021-10-19 Early Warning Services, Llc Authentication and fraud prevention in provisioning a mobile wallet
US10509997B1 (en) * 2016-10-24 2019-12-17 Mastercard International Incorporated Neural network learning for the prevention of false positive authorizations
US11288571B1 (en) 2016-10-24 2022-03-29 Mastercard International Incorporated Neural network learning for the prevention of false positive authorizations
US20190087820A1 (en) * 2017-09-18 2019-03-21 Mastercard International Incorporated False decline alert network
US10963888B2 (en) * 2019-04-10 2021-03-30 Advanced New Technologies Co., Ltd. Payment complaint method, device, server and readable storage medium
US20220232382A1 (en) * 2019-06-14 2022-07-21 Nokia Technologies Oy Controlling provision of access to restricted local operator services by user equipment

Also Published As

Publication number Publication date
GB2468977A (en) 2010-09-29
US11449850B2 (en) 2022-09-20
US20210142305A1 (en) 2021-05-13
GB0901407D0 (en) 2009-03-11
GB201005638D0 (en) 2010-05-19
RU2534943C2 (en) 2014-12-10
EP2425643A2 (en) 2012-03-07
BRPI1007533A2 (en) 2016-10-25
WO2010086608A2 (en) 2010-08-05
WO2010086608A3 (en) 2012-01-19
RU2011135733A (en) 2013-03-10
CN102439617A (en) 2012-05-02

Similar Documents

Publication Publication Date Title
US11449850B2 (en) Card false-positive prevention
US20120023022A1 (en) Card-present security system
EP2507754B1 (en) System and method for approving transactions
US20150106268A1 (en) Method for authenticating a transaction
US6947727B1 (en) Method and system for authentication of a service request
US20090012898A1 (en) Location based credit card fraud prevention
US8285639B2 (en) Location based authentication system
US8386393B2 (en) Systems and methods for verifying identities in transactions
US20030182194A1 (en) Method and system of transaction card fraud mitigation utilizing location based services
US20090150248A1 (en) System for enhancing payment security, method thereof and payment center
US20150142623A1 (en) System and method for identity protection using mobile device signaling network derived location pattern recognition
CN102197407A (en) System and method of secure payment transactions
JP6512272B1 (en) Terminal device, service application acceptance method, program
WO2004079499A2 (en) System and method for verifying user identity
US10373246B1 (en) Method and apparatus of providing enhanced authentication and security for financial institution transactions
EP2290601A1 (en) Method and system for secure mobile payment
CA2851898A1 (en) Biometric-based transaction fraud detection
KR101751534B1 (en) Illegal financial service prevention apparatus
US20100174611A1 (en) Method for improving financial transaction security
JP2002140646A (en) Method for deciding card utilization propriety
GB2469029A (en) Internet payment card verification using mobile location

Legal Events

Date Code Title Description
AS Assignment

Owner name: VALIDSOFT UK LIMITED, UNITED KINGDOM

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:CARROLL, PAT;PETERSEN, JOHN;ALFORD, JONATHAN;REEL/FRAME:027249/0281

Effective date: 20110803

AS Assignment

Owner name: STATE OF CONNECTICUT DEPARTMENT OF ECONOMIC AND CO

Free format text: SECURITY INTEREST;ASSIGNOR:VALIDSOFT UK LIMITED;REEL/FRAME:043833/0458

Effective date: 20171002

AS Assignment

Owner name: VALIDSOFT LIMITED, IRELAND

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:VALIDSOFT UK LIMITED;REEL/FRAME:044829/0713

Effective date: 20170420

STCV Information on status: appeal procedure

Free format text: APPEAL READY FOR REVIEW

STCV Information on status: appeal procedure

Free format text: ON APPEAL -- AWAITING DECISION BY THE BOARD OF APPEALS

STCV Information on status: appeal procedure

Free format text: BOARD OF APPEALS DECISION RENDERED

STCB Information on status: application discontinuation

Free format text: ABANDONED -- AFTER EXAMINER'S ANSWER OR BOARD OF APPEALS DECISION