Incognia location behavior technology can be used in various industries and several use cases:
Delivery - GPS Spoofing and Social Engineering Scams
A leading food delivery company in Latin America noticed that many couriers were using GPS spoofing applications. By generating fake GPS data, the couriers were able to defraud the platform by charging for orders they didn’t deliver, reporting longer rides, and accepting orders from busy neighborhoods, even if they were not nearby.
These fake couriers were also executing a social engineering scam that involved using an external mobile POS machine to steal large sums of money from unsuspecting users. They would claim that the original transaction didn’t go through and that they needed to swipe the customer’s card again upon delivery.
The company chose to leverage two features of Incognia’s location identity solution at different moments of the user journey. It decided to call the Incognia API at 1) login to check the device against the Incognia watchlist and re-recognize courier devices and 2 just before a courier accepts a delivery in order to detect GPS spoofing.
After integrating the Incognia SDK and risk-scoring APIs, Incognia analyzed one month of location data from 1.3M couriers. Incognia determined that approximately 3% of couriers accessed at least two accounts and ~1% of all couriers were spoofing their location.
After implementing Incognia, the delivery app significantly reduced gps spoofing and chargebacks associated with mPOS fraud. Incognia’s location accuracy and device fingerprint ensured that bad actors were identified and the false positive rate remained low, preventing fraud before it happened.
Social Media - Global Real-time User Verification
This leading social media app requires every new user to verify their address before opening an account. With its existing address validation solutions, the app verified approximately 70% of users, with lower performance in international markets. The Trust & Safety team needed a solution to increase the app’s global real-time address verification rate in established and emerging markets.
The Trust & Safety team initially focused on finding an identity database with high global coverage. The team found that the databases were sometimes outdated, resulting in an inability to validate the addresses of 30% of new users, and often even more in certain international markets.
For these reasons, the company chose to test Incognia’s real-time Global Address Validation solution for mobile. After the Incognia SDK was integrated into the app, Incognia analyzed 30 days of location data from 2.5 million new users across 11 countries and delivered a risk assessment based on the user’s proximity to their declared address.
Incognia was able to deliver a coverage rate of 94.9%. Additionally, Incognia verified 63% of the new users that the app’s existing solutions could not verify. Incognia also determined that 35% of these unverified new users had no location events near the address provided at onboarding, warranting a high risk assessment. Using Incognia in the mobile app enabled the social networking company to increase its real-time verification rate by up to 24%.
eCommerce Marketplace - Passwordless Authentication
A large ecommerce marketplace launched a new super app to give its customers easier credit card management features and enable instant payments. This app immediately became a target for Account Takeover fraud. To ensure account security, the company needed to add more advanced authentication signals at login and transaction to detect suspicious behavior and challenge or block account access automatically.
Incognia was implemented and called via API at several moments in the app flow, including account opening and authentication at user login. When given a choice, 84% of users allowed the app to collect their location data in exchange for greater account security.
Incognia became the primary authentication signal distinguishing the account owners from bad actors based on location behavior and without introducing friction into the login flow. Ultimately, Incognia delivered a secure and frictionless login experience for 75% of the app’s user base who received low-risk assessments.
“We wanted to focus on avoiding user friction within the application but also solve our security issues. That is why we chose to use the Incognia solution. With the use of Incognia, we were able to make the application safer for our customers - giving them the peace of mind that their accounts will not be taken over.”
Product Owner, Mobile Application
iGaming - Player Collusion
A leading social gaming mobile app provides multiplayer skill games, such as Poker, Rummy and Ludo. The app requires the users to share their location for two main reasons:
- Comply with regulations: these types of online games are regulated and are only legal in some states/jurisdictions, so operators must have geofencing capabilities to allow/disallow players depending on the user’s location.
- Combat player fraud: one of the most pervasive fraud types seen by these online skill games is collusion between players that are playing at the same virtual table.
Even if functional from a compliance perspective, the existing mobile app geofencing capabilities were ineffective in detecting players using location spoofing techniques to commit fraud or play from unauthorized locations. The product team needed a solution to prevent fraudsters from colluding in the mobile gaming app.
To commit collusion fraud, bad actors use three different methods. While playing the game at the same virtual table, they are physically sitting near to each other, sharing cards and game data by:
- Using GPS Spoofing to mask their actual location
- Logging into multiple accounts from one device
- Logging into the same account from multiple devices To support a fair and trusted gaming environment, the company needed a scalable GPS spoofing detection and device intelligence solution.
After the Incognia SDK was integrated into the app, Incognia analyzed 30 days of data collected from over 3.1 million gaming users across various types of devices and locations. For the users that granted location permissions to the app, Incognia delivered a risk assessment (low/high) for 94.3% of users. Out of over 3.1 million accounts analyzed during the evaluation, Incognia identified the following:
- 5K+accounts flagged for GPS Spoofing
- 13K+ accounts accessed by suspicious devices
- 1K+ accounts accessed by four or more devices
- 30K+ accounts had six or more installations
- 400+ suspicious locations
- 10K+ accounts associated with suspicious locations
- 50K+ suspicious accounts total detected from five watchlists
Using Incognia, the social gaming company detected and stopped systematic collusion fraud by identifying cases of GPS spoofing, suspicious accounts, suspicious devices and suspicious locations. Based on the increased blocking of fraudsters, Incognia was selected by the product team and was rolled out to all 70M users of the gaming app.
FinTech - Reduce Reliance on Biometric Authentication
A fintech wanted to increase its account security and fraud protection. As an initial step, it implemented a new facial biometric step to add security to sensitive transactions. Unfortunately, this new security step was viewed as “high friction” by a relevant percentage of their users, particularly by elderly users and users not familiar with the technology. In addition, this step had increased the company’s authenitcation costs.
The company selected Incognia to maintain a high level security while enabling frictionless authentication for legitimate users. By calling Incognia at login and other sensitive moments of the user journey, the fintech was able to take an adaptive risk-based approach to account security.
- Each time Incognia provides a Low Risk response, a step-up to facial recognition is skipped and users are able to access their accounts frictionlessly.
- When incognia provides a “High Risk” assessment, the company triggers a facial recognition step-up challenge.
With this approach, high friction is reserved for high-risk scenarios.
After implementing Incognia, the fintech was able to frictionlessly authenticate 45% of users prior to allowing them to transact.
The fintech was also able to reduce authentication costs by 51%.
These are just a few examples of different Incognia use cases. For more case studies, access Incognia resources page.