🏦 Feature Request - Fraud Prevention by Location


#1

I was recently victim to cash machine fraud. I think my card was cloned and used to withdraw cash in Indonesia while I was in Brazil. If there was the option to toggle on either the country I’m in, or even the continent, then this kind of fraud would be greatly reduced. The card being attempted to be used outside of the allowed continents would notify the user, and a replacement card could be ordered.


#2

I think Monzo does location based security. So perhaps Starling could implement a similar optional toggle like Monzo does in app ?


#3

Sounds like it was a mag strip withdrawal? Perhaps the option to disable that?


#4

If you go to Card -> Security, you should see a toggle to turn on ‘Location based fraud protection’.


#5

Not on iOS I don’t think.


#6

Didn’t realise it was Android only? :smirk: I’m guessing it’s on the roadmap for iOS though, as I thought they were aiming for app parity eventually?


#7

@sarah.guha to confirm that as I am not sure.


#8

I am sure it will be, as they have been really great with app parity :slight_smile:


#9

It’s on our next list to be completed for iOS.


#10

I’ve only just noticed the location based fraud protection in the iOS app :see_no_evil:


#11

This is important


#12

Not sure whether Starling has such a feature already, but I would very much prefer a toggle for insecure methods such as magstripe, and have it off by default. Would prevent these cases of fraud without relying on your phone being on or having an active network connection.


#13

Yes @Rjevski, location based fraud protection us in place. Good to see you over here, by the way :grinning:


#14

Glad to see it’s been implemented, but if it’s not there already I would love a magstripe (& contactless magstripe) toggle as well.

Likewise :+1:t2:, I’ve been lurking around every so often but for some reason my Github login failed every time - finally logged in via Facebook and was pleasantly surprised it recovered my previous account!


#15

Surely, Starling could use the location-based services on the phone to see where you are? It would be great if you could be challenged on your phone when an odd transaction gets noted and be prompted, say, to enter your PIN. If you haven’t got data even a SMS challenge/reply would be useful.


#16

What happens when you’ve got zero network coverage? Would you like to be completely stuck without access to your money?

I’m sure they are already doing fraud checks behind the scenes and decline obviously impossible transactions, like a cash withdrawal in the US when 5 minutes ago you paid contactless at a coffee shop in the UK, and I think that’s enough; security should be usable and not get in your way like it would do if you had this location-based security enabled and didn’t have network access on your phone.


#17

I think the location fraud prevention is designed to give starling more insight and a better chance of preventing fraud, for example if your phone has just pinged in from London, the starling servers will refused to authorise an in person transaction in Singapore, however the system isn’t going to lock you out just because you’re out of battery/signal and can’t ping your location in.

It’s an extension of legacy banks location based security, I once got phoned by Santanders fraud team because they suspected (correctly) my card had been cloned and had blocked some transactions because of it because, in their words, “It was very unlikely that you could buy a coffee via contactless in Cannes minutes after you bought a model train via chip and pin in Glasgow AND a Pay as you Go phone by chip and pin in Elephant and Castle, so we thought we should really check which was ACTUALLY you”

With the starling location security they can add your phone location info into the mix along with transactional location info before they make a decision whether or not to authorise a specific transaction.


#18

bunq have all sorts of security settings including per country. I set in app to allow payments in UK and Estonia, yet on a flight between those countries it declined…turned out one terminal on the RyanAir flight was configured as Éire :frowning:


#19

Sounds about right, Ryanair is an Irish carrier so all payments are routed through Ireland. Just like if you are on an EasyJet flight from Spain to Italy it is likely that the payment terminal you use in flight will be identified as a UK location.


#20

But it inconsistent. On the same flight I tried my card a second time, one terminal came up configured as Ireland and the other was not :slight_smile: