A financial transaction wants to takes place on a mobile device, which the bank must verify very quickly — but how? Two new startups offer solutions that use network intelligence outside the mobile phone that originated the transaction to make sure transactions are kosher. The first, XYVerify, uses geolocation data from cellphone towers to determine if the transaction occurred within a previously approved “geo-fence.” Zighra, meanwhile, compares transactions to data sent by other users of its service to determine fraud.
XYVerify’s Geolocation
XYVerify uses data from cellphone towers to determine a user’s location and determine if it is in an approved area — inside the store registering the sale or inside the customer’s home, for example. Most other geo solutions use the data from individual phones, which can be spoofed by fraudsters, said Elliot Klein, XYVerify’s founder and CEO.
If a user — or more specifically, his cellphone — is on, say, the West Side of Manhattan, the cell towers know this and relay the information to XYVerify. A transaction inside a store on the East Side would, therefore, be highly suspicious. Working invisibly in the background, XYVerify contacts the user’s bank in real time to report the suspicious transaction.
XYVerify’s patented technology covers “carrier cell-tower triangulation with assisted-GPS and other hybrid mobile network technologies — and mobile device micro sensors — to work rapidly throughout indoor locations, where most transactions take place.”
Better, more trustworthy geolocation is likely to improve the offers and loyalty spaces, but it also brings up privacy concerns. Klein addressed this, saying users can switch the service on or off at will, and that location information is screened to protect privacy. As the recent National Security Agency controversy has shown, however, someone knows where you are all the time anyway, so it’s a fairly moot point.
XYVerify was one of three startups that won Innotribe’s Startup Challenge in New York City yesterday. It will compete against startups that won similar contests in Singapore and London earlier this year in Dubai in September 2013.
Zighra’s Machine Learning
Zighra utilizes machine learning to improve its fraud-monitoring and is currently in beta testing with a group of 12,000 customers in the Middle East. Zighra users tag transactions as fraudulent or questionable, and the machine, operating much like Gmail’s spam filters, according to CTO Deepal Dutt, learns and applies its knowledge across its entire user base. So User A’s fraud-reporting can help User B, who might be thousands of miles away.
Users are contacted within the app environment, which is more secure than contacting them via SMS and faster than email, Dutt said.
More than 50% of users in the beta test are actively flagging transactions, so the machine’s accuracy is improving all the time. This “machine learning” will constitute a growing competitive advantage over time, according to Dutt.
Zighra is solving for the problem of costly fraud detection. Fraud prevention costs financial services companies over $10 billion annually, according to the company’s data. A single false positive can cost $30 in employee time, not to mention the less tangible damage to the consumer’s trust. Zighra’s zFraudshield can save up to 35% of fraud-prevention costs using its network intelligence, Dutt said.
As advances in mobile technology enable fraudsters to steal money in more creative and unexpected ways, it’s clear the good guys have their work cut out for them. Both XYVerify and Zighra are harnessing the power of mobile to make transactions safer. Toby Russell, VP of mobile & emerging technologies of Capital One Financial Corp., has commented that banks (not to mention cellphone manufacturers) are outsourcing security to the periphery. These two solutions use technology outside of the device itself, but the network power can be harnessed by a bank’s app. Better app security will build consumer trust and save money that is currently being stolen and lost to wasted employee time.