Welcome to Finextra. We use cookies to help us to deliver our services. We'll assume you're ok with this, but you may change your preferences at our Cookie Centre.
Please read our Privacy Policy.

Accept
Channels
Blog article
See all stories »

Channels

Security

Group

Innovation in Financial Services
External | what does this mean?
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

Not so fast...

I have recently returned from the IBM Impact conference in Las Vegas. During the scant free time I had available, I took some time out to visit the local Apple store. As in all such stores, you are surrounded by loveliness, and I found myself coveting a shiny new Macbook Air.

I blame my wife, because just before I left for Las Vegas, she asked me why I didn't upgrade my machine and commented on how tatty it looked. The case was cracked in a number of places, and I had been complaining about running out of horsepower.

After a few quick sums, I worked out the sweet spot in terms of price versus performance and sought out a retail assistant. He placed an order through his handheld device and we got down to payment. Firstly, because it's the US and they don't have chip and pin, I had to produce photo ID to verify my identity.

Once that formality was over with, he asked me for a credit card. I selected the one that gives me the best rewards and passed it over. He swiped it and quick as a flash, he told me it had been declined. I chose my other credit card and once again it had been declined.

Luckily, I was accompanied by a friendly colleague who seeing the disappointment etched all over my face, offered to pay with his credit card. Once again, a quick swipe and the card was declined. He selected another and luckily this time, the transaction went through.

Once I returned to my hotel, I phoned up one of the offending credit card companies, only to recieve a recorded message telling me that the fraud office is only open during UK office hours. Not exactly helpful.

When I spoke to my wife in the morning, she asked me if I had been on a spending spree. I asked why, and she told me that the credit card company had been phoning her every hour trying to get hold of me. They wouldn't take a contact number from her, because that would be insecure. How is it any less secure than me phoning them from any number I choose?

In this day and age where people are more mobile than ever before, this is appalling customer service. Luckily, I was only buying a new toy, but I could have been stuck in some faraway land where the only way to escape would be to use my credit card.

So - why didn't I phone my bank to tell them I was going to be in Las Vegas? With the benefit of hindsight, I guess I should have done exactly that, but when you travel a lot, having to report in to each and every card company every time is a real drag. The one time I did take the time to report my whereabouts, my bank was OK with the transaction but my card was blocked by Visa anyway!

How about an app where you can input all your credit card details and when you get to your destination, you fire it up. Using the GPS from the phone it can work out where you are, and you then tap in a PIN. You could even do it whilst you are in the immigration queue.

3281

Channels

Security

Group

Innovation in Financial Services
External | what does this mean?
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
Report abuse

Comments: (6)

Tim Tyler
Tim Tyler - Misys - London 04 May, 2012, 15:32Be the first to give this comment the thumbs up 0 likes

Martin, lots of people are already, in principle, doing what you suggest - i.e. they are updating their location via their [typically] smart phone. Allowing organisations such as banks and card providers access to your location, when you choose to allow it, can be done either directly (e.g. "Check In" via a mobile banking app or equivalent), or via "Social" (think foursquare, or Facebook Places - where you privately share your location directly). The advantage of using a social mechanism, or a standalone "location" app, is that you can potentially notify all those organisations that need to know with one single check-in (having previously approved their access to that information). If your bank was going to decline based upon your location, it could then decide to approve the transaction because it "knows" that you are currently within a suitable range of where you are trying to perform the payment. Not just in the US, but down to street-level.

If your bank does not offer this service, ask them why not!

Report abuse
Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune 07 May, 2012, 14:55Be the first to give this comment the thumbs up 0 likes

@MartinB:

According to this Finextra article titled Misys taps social media location information for bank-to-customer payment authorisation, there's an app for that! Besides, Google Wallet or any other mobile wallet should support this usage scenario. 

PS: Just curious to know why your bank's calls to you reached your wife and not your smartphone directly when you were in Las Vegas. If it was because your smartphone is not enabled for international roaming or you were using a different SIM card while in the USA, then I doubt whether any of these mobile apps will work either. In most LBS apps we've developed, our customers have insisted that the source should be authenticated by mobile number. In all likelihood, requests from a phone with a different # will fail.

Report abuse
Pat Carroll
Pat Carroll - ValidSoft - London 08 May, 2012, 10:02Be the first to give this comment the thumbs up 0 likes

Martin, I completely understand your frustration and you are absolutely right about finding a better way of verifying a transaction abroad. No doubt, many more bank holiday-makers will experience the same card declines when they’re away! The good news is, there is a solution similar to the one you’ve described. Proximity Correlation Logic (PCL) is a technology that works in real time and is far more accurate than transaction history, which often results in false-positive declines like the ones you experienced. PCL works on the basis that you are likely to have a mobile phone near you when you are making a payment. It can detect that your mobile is in the vicinity of the POS device or ATM without compromising on your privacy because it’s not a Location Based Service. The security system could even call your mobile so you can verify the transaction as an extra layer of security.

Report abuse
A Finextra member
A Finextra member 08 May, 2012, 22:18Be the first to give this comment the thumbs up 0 likes

Ketharamen - users really are switching to local SIMs because of the EXHORBITANT roaming costs charged by operators; this truly is a flawed system, broken by the mobile operators themselves.  And the regulators who refuse to force them to get realistic about inter-network termination charges.  Its nearly as rigid as banking.

Report abuse
Martin Bailey
Martin Bailey - Temenos - Hemel Hempstead 08 May, 2012, 22:32Be the first to give this comment the thumbs up 0 likes

Thanks for your comments.

The card companies got through to my wife because I was in the Apple store at circa 6PM Vegas time and I as I said - the fraud department doesn't wake up until 9AM UK time. At that time - I had switched my phone off to get a good night's sleep.

Thanks also for all the suggestions about various point / niche solutions. If any of my card operators have these technologies - they are not telling me about them. I would welcome a more industry wide approach.

By the way - I can make a paypal payment from anywhere. We could do with someone upsetting the oligopoly of Mastercard / Visa / Amex.

 

Report abuse
Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune 09 May, 2012, 18:56Be the first to give this comment the thumbs up 0 likes

@MartinB:

Not so fast...

Up until 10 years ago, even the so-called oligopoly of MasterCard / Visa / AmEx would have permitted you to do exactly what PayPal permits you to do today: Avoid using any realtime fraud detection and prevention screens, permit every card transaction to go through as long it doesn't bust the credit limit, slap the merchant with chargeback if there's the slightest whiff of fraud later on.

Later, the oligopoly - but not PayPal - implemented fraud detection, then fraud detection and prevention, solutions to restore a balance between the rights and privileges of consumers and merchants. (Which is perhaps why millions of physical stores accept the oligopoly's credit cards today but don't accept PayPal). Unfortunately, with additional layers of security, friction increases and most of these systems are beset with false positives, of which your situation is a classic example. Systems that try to resolve these false positives manually / automatically fail if people use different SIMs from their registered mobile phone numbers to avoid exorbitant international roaming charges. Others that try to do so by requiring manual intervention won't work if the call for action arrives when people are asleep.  

I think realtime fraud detection and prevention of card transactions is a Holy Grail that has still not been cracked. But, PayPal is not the solution either. For now, I'm now convinced that the most optimal solution is 2-way SMS Alerts that almost always allow the transaction to go through but provide a simple way for the cardholder to flag it off as a fraud either in realtime or few hours later. Banks in India have implemented 1-way Realtime SMS Alerts that at least half way to the optimum solution. I've written about both types of alerts in my Finextra blog post How Banks Can Differentiate By Going The Extra Mile - Part 2. But, even they will fail if people use a different SIM while traveling abroad.  

PS: Since you've brought up PayPal in the context of a physical store, I'm curious to know if Apple Store accepts PayPal and where all you've managed to use PayPal in a card present situation so far. Apart from a few pilots in Home Depot stores, I haven't even come across any physical store accepting PayPal.

Report abuse
Join the discussion
Martin Bailey

Martin Bailey

Technology Product Director

Temenos

Member since

29 Nov 2010

Location

Hemel Hempstead

Blog posts

18

Comments

8

More from Martin

This post is from a series of posts in the group:

Innovation in Financial Services

A discussion of trends in innovation management within financial institutions, and the key processes, technology and cultural shifts driving innovation.

See all
Community
See all blogs »
Information Security 

The importance of KYC and Due Diligence in business

Veronika Tibilashvili

Veronika Tibilashvili

Financial Services Regulation 

Why the advantages different sized businesses have in DORA compliance shouldn't be overlooked

Steven Rackham

Steven Rackham

Bigger than Technology 

When to use Privacy Enhancing Technologies (PETs) vs. privacy management tools in Banks?

Tejasvi Addagada

Tejasvi Addagada

API 

Observations from EBADay Lisbon and a Reflection from the Past

Cheryl Chiodi

Cheryl Chiodi

Now hiring

See more