Credit card companies currently utilize fraud detection and transaction authorization systems based on detecting “unusual” transaction activities, such as transactions originating from geographic areas that the credit card holder has never been to before, or geographic areas where there has been a high incidence of credit card fraud. Credit card companies may also block transactions if the product/service, price and/or transaction volume is deemed “unusual” given the credit card holder's past transaction history. As credit card and other payments companies employ mobile devices as mobile payment devices, they will use similar fraud detection and transaction authorization approaches.
There are a number of problems with the above solution to credit card fraud detection and transaction authorization. First, these authorizations suffer from a high number of false positives. That is, red flags triggered for transactions which are “unusual” but indeed legitimate. For example, the card holder may have been traveling outside his/her normal geographic area, or buying a unique gift for someone else. Second, when credit card companies block transactions which were indeed intended by the authorized cardholder, everyone loses in the value chain: a) the cardholder is embarrassed or dissatisfied that his/her transaction is blocked, b) the merchant loses a sale, c) the card issuing bank loses a transaction, and the d) the credit card processing company loses a transaction. Third, these transactions can also suffer from a high number of false negatives, which are caused by incorrectly authorizing fraudulent transactions. A criminal may use a stolen credit card in the usual geographic area as the legitimate owner of the credit card, in which case the existing system authorizes the transactions wrongfully. Finally, when fraudulent transactions are authorized, the credit card company, bank, retailer, and the legitimate card holder all lose. The credit card company has to spend large amounts of time and money to investigate and possibly write off the loss, and the credit card holder has to spend time to clear his/her name and may suffer credit score damage.
It is desirable to have a method, apparatus and system for monitoring a mobile device user's behavior and to provide authentication of the user of the mobile device.