The invention relates to a system and method to prevent fraudulent transactions, more particularly to a system and method for location based verification of transactions to prevent fraudulent transactions.

BACKGROUND OF THE INVENTION

Transactional account fraud, especially credit/debit card (hereinafter referred to as card) fraud has been at a rise. Generally, card related fraud begins with theft of physical card and/or compromise of data associated with the card. In most of the fraudulent transaction it has been observed that the rightful owner of the credit/debit card is never around the site of the transaction. To avoid these fraudulent transactions various location based verification techniques are known.

One such technique involves verification of physical location of rightful owner of the card with respect to the transaction location through the user's mobile phone. The transaction is validated only if the location of the mobile phone is determined to be in close proximity to the user's location, and the transaction is flagged if the location is found not to be in close proximity to the users location. In this method the mobile phone number of the rightful owner of the card is registered as a part of KYC data with an issuing bank. This registered mobile number is used for further verifications. However, different users may be registered with different service providers, and hence connectivity of a banking authority to communicate with every service provider is essential, making the verification process complicated and also dependent on different service providers. Further, if a user switches from one mobile service provider to another mobile service provider using mobile number portability - MNP after registration, the bank has no information of the same, and hence verification for a transaction becomes difficult as new service provider is not known.

Card frauds results in to a monetary loss to the banking authority and/or the customer, and it in spite of efforts to prevent these frauds, there is still a need in the art for a method and system to prevent fraudulent transactions. SUMMARY OF THE INVENTION

Accordingly, the present invention in one aspect provides a system for validating access to a transactional account, the system comprising a transaction terminal associated with a validating authority, the transaction terminal configured to provide location of the terminal to the validating authority, and the validating authority identifies user account information when the transaction is initiated; and a hub based mobile communication exchange in operative communication with the validating authority, the hub based mobile communication exchange identifies a mobile service provider based on the account information so as to obtain cell-location of a user-device, wherein the validating authority co-relates location of the transaction terminal and the cell-location for validating access to the transactional account.

The present invention in another aspect provides a method for validating access to a transactional account, the method comprising the steps of receiving a transaction request from a user at a transaction terminal; identifying user account information, and location of the transaction terminal; obtaining cell-location of a user-device belonging to the user based on the user account information, the cell-location is obtained from a mobile service provider connected to a hub based mobile communication exchange; providing the location of the transaction terminal and the cell location of the user to a validating authority; and co-relating the cell-location of the user with the transaction terminal for validating access to the transactional account.

BRIEF DESCRIPTION OF THE DRAWINGS

Reference will be made to embodiments of the invention, examples of which may be illustrated in the accompanying figures. These figures are intended to be illustrative, not limiting. Although the invention is generally described in the context of these embodiments, it should be understood that it is not intended to limit the scope of the invention to these particular embodiments.

Figure 1 shows a block diagram of a system for validating access to a transactional account according to the present invention. Figure 2 shows a flowchart for validating access to a transactional account according to the present invention. DETAILED DESCRIPTION OF THE INVENTION

The present invention provides a system and method for validating access to a transactional account, wherein physical presence of a rightful owner/user of a confidential account like a monetary account is verified with transaction location before processing the transaction, thereby preventing fraudulent transactions.

Figure 1 is a b|ock diagram showing system for validating access to a transactional account (100). As shown in the figure, the system (100) comprises of a plurality of transaction terminals (102), a validating authority (104), a hub based mobile communication exchange (106), at-least one mobile service provider (108), at-least one IP address location interface (110), and a plurality of user devices (112) linked to the transactional account

The transaction terminal (102) is an interactive system selected from a group comprising of ATMs, POS terminals, banking kiosks and the like to execute monetary transactions. According to the present invention, the transaction terminal (102) also includes personal computer, tablet PC, gaming terminals, physical access controls, attendance recording devices, and the like to execute virtual transactions or provide access to restricted data or premises.

The transaction terminal ( 02) as shown is associated to the validating authority (104). When a transaction is initiated, the transaction terminal (102) is configured for providing location of the transaction terminal (102) to the validating authority (104). Also, when the transaction is initiated, the validating authority identifies user account information (account number, card-details, mobile number, etc) of the transactional account.

The hub based mobile communication exchange (106) as shown in figure 1 is in operative communication with the validating authority (104) and is coupled to a plurality of mobile service providers (108). The hub based mobile communication exchange (106) communicates with these mobile service providers (108) to obtain cell location of the user.

Further, the hub based mobile communication exchange (106) maintains data regarding mobile numbers porting from one service provider to the other.

Advantageously, if a number has ported from one service provider to another, without intimating the validating authority (104), the hub based mobile communication exchange (106) still identifies the mobile service provider (108) and the mobile service provider (108) identifies the position of the user device (1 2).

According to the present invention, the hub based mobile communication exchange (106) is configured to identify the mobile service provider (108) based on the account information identified by the validating authority (104). In this regard, the validating authority (104) provides mobile number to the hub based mobile communication exchange (106), and the hub based mobile communication exchange (106) identifies the mobile service provider ( 08) of the mobile number so as to obtain cell-location of the user device (112) irrespective of the mobile service provider or porting of the number from one mobile service provider to the another.

The validating authority (104) co-relates location of the user device (112) belonging to the rightful owner of the account with location of the transaction terminal (102) to validate the transaction. Also, the validating authority (104) is configured to flag and/or deny the transaction if the location of the user device (112) and the transaction terminal (102) do not co-relate.

Further, the system comprises of an IP address location interface (110). The IP address location interface ( 10) is capable of identifying location of the transaction terminal (102) from the IP address of the transaction terminal (102).

Figure 2 shows a flow diagram of a method for validating access to a transactional account. The method comprises the steps of receiving a transaction request from a user for a transaction at a transaction terminal, identifying terminal location data, providing the terminal location data to a validating authority, identifying user-account linked with the transaction and account information related to the account, obtaining cell location of a user device belonging to the user based on the user account information from a hub based mobile communication exchange, providing the location of the transaction terminal and the cell location of the user to a validating authority , correlating location of the user and the transaction terminal to validate access to the transactional account. Further, the method comprises the step of flagging and/or denying a transaction if the cell-location and terminal location do not co-relate, thereby preventing unauthorized access.

According to the present invention, step of obtaining cell location includes identifying mobile service provider of the user from a plurality of mobile service providers. Further, the step of obtaining cell location includes identifying the mobile service provider of the user including users that have ported from one mobile service provider to another mobile service provider.

According to the present invention, the cell location of the user device is based on triangulation of cell signal based on distance from closely located cell towers of same service provider. The cell location of the user device can also be obtained using GPS location of the user device.

According to the present invention, the terminal location can be obtained using GPS location or postal address reference or IP address of the terminal. Transaction terminal and the user device can be mapped on similar parameters, allowing precise approximation and correlation of terminal and the user device.

The system and method of the present invention further comprises of other credential systems including passwords, voice-verification, bio-metric and the like to verify and provide a higher level of authentication.

In one aspect, the transaction terminal may be an ATM, a point of sale terminal, a kiosk, and the like. Accordingly, the transaction terminal of the present invention is associated with the validating authority to process and verify the transaction. When a user requests a transaction at the transaction terminal, the transaction terminal communicates terminal location to the validating authority, and the validating authority identifies account information (account number, card details, mobile number, etc associated with the user. The validating authority also communicates with the hub based mobile communication exchange to obtain cell location of the user. The hub based mobile communication exchange identifies the mobile service provider so as to obtain cell location of the user device, and the cell location of the user is correlated with respect to the terminal location by the validating authority, and if the location correlates, the transaction is authorized and processed.

In another aspect, the transaction terminal may be a personal computer, a tablet PC, gaming terminal and the like is used to execute a virtual transaction. In this regard, the transaction terminal (for e.g. a personal computer) is connected to an internet service provider. Accordingly, the personal computer is also associated with validating authority to process and verify the transaction. When a user requests a transaction through the personal computer, the personal computer communicates IP address of the personal computer to the validating authority and the validating authority identifies account information (account number, card details, mobile number, etc) associated with the user. The validating authority communicates with an IP address location interface to obtain location of the PC and also obtains cell location of the user device. The hub based mobile communication exchange identifies the mobile service provider so as to obtain cell location of the user device, and the cell location of the user is verified with respect to the IP address by the validating authority, and if the location correlates, the transaction is authorized and processed.

Also, in cases when real-time cell-location of the user due is unavailable due to a network related problem, the mobile service provider will provide last known information of the user. If the location of the terminal and the user-device doesn't co-relate the validating authority issues an alert and might take precautionary and/or corrective measures.

One skilled in the art will appreciate that though the present invention is dependent on location based verification of a user device belonging to a rightful owner of a transaction account, a transaction may also be processed without the presence of the user device if the rightful owner intimates the validating authority of such a transaction well in advance as a precautionary measure.

Accordingly, the system and method of the present invention can be adapted and coupled to existing transaction terminals without major modification to provide better and a higher level of authentication. Also the system and method of the present invention can be adapted to other system like gaming networks, social networks, email and the like wherein location based verification may be required without diverting from the scope of the invention.

Further to this, the system and method of the present invention can also be adapted to validate access to multiple services/platform accounts i.e. email account, online trading account, social networking account, gaming account, etc belonging to the same user. A scenario wherein a user logs on to one of his account (e.g. email account) from one IP address at a particular instant of time, possibility of the user logging on to another account (e.g. online trading account) from a different location at that instant of time is highly unlikely. In such a scenario, the system of the present invention flags access to at-least one of the service/platform and further, the present invention correlates user's mobile device with IP address to validate access to one of the services or platforms.

Advantageously the present invention provides a simple, low cost system and method for location based verification to facilitate safe and secure access or transactions. While the present invention has been described with respect to certain embodiments, it will be apparent to those skilled in the art that various changes and modification may be made without departing from the scope of the invention as defined in the following claims.