A year after a limited rollout of Visa’s Mobile Location Confirmation technology, U.S. Bank announced that it has now added the opt-in service to the U.S. Bank Mobile App. In its initial rollout, the program had been limited to U.S. Bank’s co-brand and Elan financial institution partners. Now, virtually all of the bank’s Visa cardholders—both consumers and small businesses—can use the service.
U.S. Bank was the first U.S. card issuer to use the Visa location confirmation technology.
Targeting unnecessary declines
Visa first announced the mobile confirmation technology in early 2015. The intent was to reduce the number of unnecessary transaction declines that can happen when consumers are using a credit or debit card out of their normal transaction area. Although people can contact their card issuer to alert them to their intended travel, this isn’t always done.
Visa Mobile Location Confirmation uses geolocation data in real time as an additional input to Visa’s predictive fraud analytics, as stated in a Visa press release. Further, participating issuers incorporate the service as part of their mobile app and notify Visa of the cardholders that have opted into the service.
Typically a participating bank’s app asks customers to “allow” their location to be shared. If the customer agrees, then the phone’s location is sent to Visa. Then, according to information summarized from Visa’s website, when the cardholder goes to make a purchase at a merchant or restaurant or other “card present” location, using the enrolled card, Visa compares the merchant location in the authorization request to the location of the cardholder’s mobile phone, creating a “Location Match Indicator” and an “enhanced Visa Advanced Authorization score” that are forwarded to the bank so it can use this information to approve or decline the transaction.
All this happens in the background in a millisecond, according to Visa. The application supports mobile apps running on iOS6.0 and above and Android 2.3 and above, as stated on Visa’s website.
In response to a question by email, Jason Tinurelli, senior vice-president of Retail Payment Solutions at U.S. Bank, noted that “Consumers’ location data, which is encrypted and secure, will be used only for analysis required to help reduce declined credit or debit card transactions. This data will be shared only if required by law.”
Positive customer feedback
A Visa spokesperson said that “about a dozen” issuers worldwide were currently using Visa Mobile Location Confirmation. In a statement, the company estimated that the feature has been able to reduce unnecessary transaction declines by as much as 30%. U.S. Bank declined to give specific data on its experience over the past year but said that customers have given positive feedback when using the service.
In a press announcement, the bank stated, “By using the mobile devices’ location in the authorization decision, U.S. Bank can help give consumers the confidence that their transactions will be approved, minimizing disruptions and further reducing the risk of fraud.”
Customers can turn the location function on or off any time, according to a spokesperson for the bank, using it only when traveling, for example.
Under the heading “Best Practices and Tips for Using Mobile Location Confirmation,” a Visa web document states: “A location mismatch does not necessarily indicate fraud. For example, the cardholder may have left their phone at home while travelling or there may be inaccurate merchant location data in the authorization message. Therefore, Visa recommends that you consider other indicators of fraud when assessing a transaction for risk and not decline a transaction solely because of a reported location mismatch.”
Card not present in the works
The Visa spokesperson confirmed that the company is exploring how to apply a similar capability to card-not-present transactions when device IP address location is available. She could not provide any further details on the timetable for that enhancement, however.
The Visa Mobile Location Confirmation APIs are, and have been, available to any developer in the Visa Developer Center “sandbox.” The spokesperson confirmed, however, that although non-issuer developers have access to the technology, only Visa issuers can sign up for the app and use the API in production.