SIM Swap Fraud Prevention Using Location Behavior

SIM Swap Fraud Prevention Using Location Behavior
  • Decrease fraud loss

    Decrease fraud loss

    Stop fraud before it happens by detecting changes in user behavior indicating possible account takeover attempts.

  • Reduce false positives

    Reduce false positives

    Make sure legitimate users are quickly authenticated and dramatically reduce the number of false positives.

  • Remove friction

    Remove friction

    Remove unnecessary friction from your fraud detection process by relying on a silent and dynamic 2FA.

Advanced protection against account takeover

SIM swap attacks, are used to takeover user accounts. In a SIM swap attack a fraudster convinces the mobile phone service to transfer or port a legitimate user's phone number to a new device belonging the fraudster. This is typically accomplished by pretending to be a legitimate user that has lost their phone. With the phone number successfully ported to a new device, the fraudster is then able to intercept one time passcodes sent to the phone as part of two-factor authentication or for password resets.

The answer to accurately combatting this type of fraud lies in relying not only on what users know (credentials and knowledge based questions) but also on unique signals fraudsters cannot simply forge: real world behavior. Static credentials and knowledge based answers are increasingly easy for fraudsters to purchase on the Dark Web or obtain via social engineering. User behavior history is much harder for fraudsters to mimic.

Incognia enables risk-based authentication through a risk score based on each user's location behavior history (or location fingerprint). By integrating the Incognia mobile SDK within mobile apps, companies can detect suspicious logins based on anomalies in user behavior while still delivering a great experience for legitimate users. 

Our silent 2FA authentication helps companies decrease fraud losses, reduce false positives and authenticate legitimate users faster.

How it works

Learn how Incognia's location-based risk score helps companies make well-informed fraud decisions.

  • The fraudster tries to login

    The fraudster attempts to login entering the correct (stolen) credentials and correct (redirected) one time passcode received on their phone.

  • We check the device's location

    The Incognia API compares the device's location to the user's historical location behavior, including where previous logins were recorded.

  • We deliver a risk-score

    If the detected location is anomalous, a high risk-score will be delivered, leading the fraudster to additional security checks.

We deliver fast ROI

We deliver fast ROI

Our customers see rapid return on investment through:

  • Reduction in fraud losses
  • Reduction in the number of false positives
  • Reduction in costs for manual reviews

Understanding our features

  • Trusted Location – authenticates in real time

    This API uses real-time location data to check the users’ current location in the exact moment they login. If that location is not familiar to their behavioral pattern, our API will deliver a high risk score to trigger step-up authentication. At the same time, if the legitimate owner of that account is logging in from a new device, they will be quickly authenticated.

  • Device integrity – continuously monitors for forged location data

    To ensure the integrity of location data used within our location-based features, we continuously monitor for any attempts to send forged, spoofed or emulated location data to mobile applications.


Rapid deployment

Incognia is designed to be easy to implement, and delivers results quickly. Our mobile SDK takes less than 30 minutes to install in your mobile app. 

Ready to combat SIM swap fraud?

Contact us