Geolocation: How Savvy Merchants are Modernizing Their Anti-Fraud Solutions
There’s an old saying: “time and tide wait for no man.” The same holds true for merchants and technology.
Any time eCommerce sellers manage to defeat a clever fraud scheme, it seems like another appears to take its place. Considering the rate at which technology advances, you have to be as proactive and receptive to change as possible. Emerging tech trends can influence all aspects of your business, whether you are aware of them or not.
Geolocation, for example, is a modern technology with far-reaching effects. It could help you prevent more fraud attacks and recover more revenue...if deployed correctly.
In this article, we’ll discuss the benefits of geolocation, as well as its downsides. We’ll also offer some strategies to help you master both.
Recommended reading
- What is 3-D Secure? Fraud Prevention Solution Explained
- What are Velocity Checks? How Do They Stop Fraud Attacks?
- ECI Indicators: How to Understand 3DS Response Codes
- Visa Secure: What This Tool Does & How to Get Started
- Account Takeover Protection: Best Practices for Businesses
- How Digital Risk Protection Protocols Keep You Safe
What is Geolocation?
- Geolocation
Geolocation is a broad term that describes any technology which accesses your location using the GPS or IP data installed on your devices for the purpose of locating you. It can be used for fraud detection by helping to verify customers’ identities.
[noun]/* j • ēō • lō • kā • SHən/
Geolocation works by tapping into the GPS built into mobile devices. It then bounces signals from the device to others on the same network. For example, both Google Maps and Apple Maps work by triangulating your position against incoming data from other users in your vicinity. The more people use smartphones and tablets in a broadening digital landscape, the more accurate geolocation becomes.
Location tracking is a brilliant and effective means of extending app and service capabilities between networks. It's one of the reasons why cellular data works so seamlessly now. It's also why your apps can communicate faster and more effectively than ever before.
That is not to say, however, that there aren’t a few downsides to keep in mind. Geolocation can help you fight fraud, but it can also have the exact opposite effect (more on this later). For now, let’s get into the myriad ways in which you can use geolocation to optimize your anti-fraud efforts.
Fraud prevention is a necessity...but where do you start? The answer is just a click away.
How Does Geolocation Help Prevent Fraud?
In card-not-present (CNP) transactions, geolocation data can pinpoint irregularities related to an IP address or GPS of origin. Geolocation helps you verify established cardholder details such as:
- Billing Address
- Shipping Address
- Billing Phone Number
- Zip Code
- Phone Area Code
If the details of a transaction don’t match a cardholder’s known location, the transaction may not have been made by the cardholder. This information can be relayed to the merchant, and the transaction would then be flagged as potential fraud.
A good example of this would be if a purchase is made with a cardholder’s account, but none of the location details match the cardholder’s criteria. To illustrate, imagine someone makes a purchase. The cardholder lives in Portland, but geolocation fraud detection technology reveals that the buyer is located in Copenhagen. This should raise red flags, suggesting the purchase could’ve been made by an unauthorized user.
How Does Geolocation Spoofing Work?
No technology is perfect, however advanced it might be. Geolocation is no exception to this rule.
Geolocation fraud occurs when criminals leverage GPS and IP address information to falsify their location in an attempt to cloak or conceal the fraudster’s identity. This is sometimes called location spoofing. It’s designed to use the location data you rely on for fraud detection against your own system.
Location spoofers can avoid geolocation fraud detection by:
- Using a virtual private network (VPN) or other proxy which can conceal the fraudster’s location via a remote operating system.
- Engaging in app tampering, allowing them to insert false code into open apps and conceal their activity.
- Adopting emulators and instrumentation tools used by app developers to troubleshoot glitches from a remote location.
- Using GPS spoofing apps that make it very easy for fraudsters to spoof their location on a given network.
Other Problems With Geolocation
Of course, location spoofing isn’t the only shortcoming here. There’s also the threat posed by false positives.
Consider the example we looked at earlier. A buyer makes a purchase in Copenhagen, but the cardholder’s billing information places them in Portland. Sounds like a clear-cut case of fraud, right?
That might have been the case in an earlier era. With the level of sophistication we see in today’s eCommerce, especially in the mobile commerce space, it’s not uncommon for a buyer to be on the opposite side of the world from their home and still make purchases. If you reject orders solely because of geolocation data, you could be turning away countless legitimate customers.
Remember: no technological advance is perfect. No matter how sophisticated the technology, there will always be someone who figures out how to manipulate it for their own gain.
Even despite these shortcomings, geolocation is still an incredibly powerful tool. To get the most of of it, though, you need to incorporate into a larger fraud prevention strategy.
Adopting a Smarter Approach to Fraud Prevention
The trick here is to outsmart the crooks. When used in conjunction with other fraud prevention software, geolocation can be a crucial element in your anti-fraud plan. We recommend a multilayer fraud prevention strategy, including (but no limited to):
- AVS (Address Verification Services)
- CVV (Card Verification Value)
- Two-Step Verification
- Velocity Limits
- Fraud Blacklists
Alone, any one of these anti-fraud tools might be defeated by a cunning criminal. In combination, however, they are very difficult to overcome. For instance, a location spoofer might be able to bypass AVS and CVV verification. However, they're less likely to succeed if they also have to contend with velocity limits and two-step verification.
When you can draw on more data, you can create a more detailed and reliable profile of your buyer. This makes fraud decisioning more accurate. And, when you incorporate fraud scoring backed by machine learning technology, you build an even stronger firewall to deter fraudsters without hurting good customers.
Building a better fraud prevention plan means including as many failsafes as possible. Geolocation fraud detection is one facet of this plan.
No defense is impenetrable. However, it’s possible to defend yourself—and your clients—from fraud. You only need to have the right systems in place.
