Feeds

Mastercard, Syniverse target holiday payment security with mobile verification system

Not in Bora Bora? Crooks can't use your credit card there

Choosing a cloud hosting partner with confidence

It’s ironic that when people are abroad so many people switch off their mobile phones' data and so many banks switch off customers' credit cards. But a deal between Syniverse and Mastercard aims to keep both switched on.

You’ll have heard of Mastercard but are less likely to know about Syniverse unless you work in the mobile industry. The firm is a kind of central broker for mobile phone networks that want to deal with lots of other networks without having to set up individual arrangements one at a time.

One of the many things Syniverse does in this space is handle number porting. When you move your mobile phone number from one network to another, the protocols to do this probably go through Syniverse.

The new project allows the Mastercard network to tap into the data in mobile phone networks to establish that a credit card being used abroad is kosher.

Mobile phone customers typically report the loss of a phone within three hours, this is something the credit card companies have envied for some time as the typical time to report a lost or stolen card is three days.

If in those three days someone has taken your credit card on holiday you might find it used for all kinds of unusual purchases, so the credit card companies regularly turn down such transactions. Unfortunately this means that between 50 and 80 per cent of the transactions they refuse are genuine.

The tie-up between Mastercard and Syniverse allows customers to register their mobile phone number with their credit card company and then when they present their mobile phone at the checkout in Rio de Exotic, the payment system does a quick check with the mobile phone network's Home Location Register back in the native country to see if the phone is at home. If it's not, the system checks the Visitor Location Register to make sure the phone is where the card is. Assuming it is, the bank will be more inclined to let the transaction through.

There are no mechanisms used to check the position of the phone and card more accurately such as Cell ID, triangulation or correlating phone and point-of-sale locations. Other checks will still be in place, though, as of course your card might be lifted while you are abroad.

Neither credit card numbers nor mobile phone numbers are truly unique. It's quite common for a husband and wife to have joint accounts with the same numbers and this is a problem handled by the Mastercard systems.

Similarly it is possible to have the same mobile phone number on multiple SIMs - although none of the UK operators currently offer this. Mary Clark from Syniverse explained to The Reg that the company handles this by looking at the the IMSI (Individual Mobile Subscriber Identifier), which is the unique serial number for the SIM card. Some international travellers will have multiple IMSI cards which offer cheaper roaming but each IMSI still serves to uniquely identify the customer.

The service is currently in a pilot phase with a number of networks – although only T-Mobile Germany has publicly said that it is part of the trial. Even when it is launched, the service will be opt in.

Aligned with this is a pre-paid data service which will offer customers roaming packages to use while they are abroad – as Syniverse' research shows 70 per cent of customers switch off data when roaming. Mastercard envisages that customers will use their Masterpass Wallet or Mastercard to buy packages of data either in advance of roaming or while roaming.

This uses the Local Break Out (PDF) regulation which comes into force in Europe in July, and while there will be significant savings, Clark would not be drawn on a figure. ®

Providing a secure and efficient Helpdesk

More from The Register

next story
Crouching tiger, FAST ASLEEP dragon: Smugglers can't shift iPhone 6s
China's grey market reports 'sluggish' sales of Apple mobe
Sea-Me-We 5 construction starts
New sub cable to go live 2016
EE coughs to BROKEN data usage metrics BLUNDER that short-changes customers
Carrier apologises for 'inflated' measurements cockup
Comcast: Help, help, FCC. Netflix and pals are EXTORTIONISTS
The others guys are being mean so therefore ... monopoly all good, yeah?
Surprise: if you work from home you need the Internet
Buffer-rage sends Aussies out to experience road rage
EE buys 58 Phones 4u stores for £2.5m after picking over carcass
Operator says it will safeguard 359 jobs, plans lick of paint
MOST iPhone strokers SPURN iOS 8: iOS 7 'un-updatening' in 5...4...
Guess they don't like our battery-draining update?
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.