Feeds

Quova tracks mobile net users

They know where we are - and it's for our own good...

Internet Security Threat Report 2014

Mobile internet users can now prove their location to a website or remote network service, according to geolocation specialist Quova.

Quova has developed downloadable applets which enable a laptop or smartphone to locate itself, for example by picking up the MAC addresses of local Wi-Fi APs, or the cellular base-stations in the area.

The company's systems currently locate internet users based on data such as their IP address and domain. Retailers, banks, and others can use this to localise a website for that user or add credit risk-scoring, say, while broadcasters use it to check which services a visitor is eligible for.

Running the location applet will be optional, claimed Marie Alexander, Quova's CEO. She was at pains to point out that this is not about service providers invading privacy, but about subscribers verifying their location - for example, to gain access to services that are only available in certain areas.

"The BBC uses it not just to differentiate UK visitors [so they can download 'listen again' content], but also to route the user to the best server," she said. "It is also going to extreme lengths as it prepares to launch the BBC Worldwide site to ensure UK users are not exposed to the version with advertising."

Other uses for the technology include fraud detection, by checking whether an online shopper's location matches the address on their credit card records. If the locations differ, the retailer could flag the transaction as higher-risk and perhaps ask the would-be buyer for extra verification, she said.

The concepts are the same as those used by credit card companies today to watch for unusual spending patterns that might indicate fraud, but the signals they need to look for are rather different, she added.

"With cybercrime, the perpetrator tends to be in a different location to the victim, according to FBI and Interpol evidence," she explained. "It's not like someone stealing your card, and 10 minutes later they're trying to use it down the road.

"The complexity and context is important too - for example, the velocity of transactions, and does the type of purchase match the domain?"

She gave the example of an attempted fraud where a supplier received a number of official-looking orders for business-class IT gear, but when the location was checked they all turned out to come from public internet terminals at a 24-hour copy-shop.

Quova's systems and researchers locate IP addresses via a number of techniques, including both automated and manual methods of mapping ISP networks, Alexander added. However, some service providers cross national boundaries, such as T-Mobile, or users may connect through anonymising proxies, hence the need for an additional layer of location data. ®

Internet Security Threat Report 2014

More from The Register

next story
NSA SOURCE CODE LEAK: Information slurp tools to appear online
Now you can run your own intelligence agency
Azure TITSUP caused by INFINITE LOOP
Fat fingered geo-block kept Aussies in the dark
NASA launches new climate model at SC14
75 days of supercomputing later ...
Yahoo! blames! MONSTER! email! OUTAGE! on! CUT! CABLE! bungle!
Weekend woe for BT as telco struggles to restore service
Cloud unicorns are extinct so DiData cloud mess was YOUR fault
Applications need to be built to handle TITSUP incidents
BOFH: WHERE did this 'fax-enabled' printer UPGRADE come from?
Don't worry about that cable, it's part of the config
Stop the IoT revolution! We need to figure out packet sizes first
Researchers test 802.15.4 and find we know nuh-think! about large scale sensor network ops
SanDisk vows: We'll have a 16TB SSD WHOPPER by 2016
Flash WORM has a serious use for archived photos and videos
Astro-boffins start opening universe simulation data
Got a supercomputer? Want to simulate a universe? Here you go
prev story

Whitepapers

Go beyond APM with real-time IT operations analytics
How IT operations teams can harness the wealth of wire data already flowing through their environment for real-time operational intelligence.
10 threats to successful enterprise endpoint backup
10 threats to a successful backup including issues with BYOD, slow backups and ineffective security.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Website security in corporate America
Find out how you rank among other IT managers testing your website's vulnerabilities.