How Your Bank is Tracking Your Phone
wordloosed.comThis is paranoia.
Much more likely that your card was flagged as bing possibly compromised by some other factor than your spending behavior.
For example If a a bank sees that many cards used at a particular retailer end up having fraudulent charges associated with them, they may suspect a problem with that retailer. They may then re-issue all of the other cards used at that retailer to be safe.
Also, people assume that because they sometimes get a call/email asking them if a purchase they made was valid, that they always know about how their credit card is used. This is not the case. Obvious fraud may be declined on the spot (think brute-forcing a CVV code, or a brand new retailer in Vietnam processing 100 cards while your last charge was in Kentucky). Some charges may go through but be flagged, reviewed, found to be fraud, removed from your account, and your card re-issued. Both cases are issues between banks and card processors, and may not necessarily show up on your transaction overview.
The likelihood of this happening is so much higher than the bank tracking your phone, that I would need a lot more evidence before I'd believe it.
I work at a bank and I can tell you that they will often allow one or two instances of actual fraudulent card use before issuing a new card. It is actually very expensive for them to issue a new card and very inconvenient for the client so most won't do it willy-nilly.
I would also be remiss if I didn't mention the completely clickbait headline of the article that in no way reflects the actual content of the article. A more accurate headline might be, "Weird Coincidence Elicits Paranoia About My Bank".
I was just thinking this; banks take their time to issue a new card.
What're the odds that a new card was ready to go and posted (and that Royal Mail delivered it next day?) due to one questionable use?
I find this hard to believe, if this were so - every time I leave my phone on my desk and go to lunch across town I'd get a new card.
More likely is that a batch of details went missing from the issuer itself or a store that the owner had shopped at legitimately any time in the past reported a loss of data, and the timing was completely coincidental.
Then you're the sort of person who is not necessarily close to their phone. If banks are in fact doing this sort of thing, they surely take into account past behaviour to compute the probability that unexpected behaviour is related to credit card theft.
Maybe they don't even know that they are doing it. Maybe they just trained some neural network to attain certain levels of precision/recall. Maybe they feed the network with all the signals they can put their hands on. Things are not this simple anymore. Which also means that assuming phone tracking is a huge jump to conclusions, of course.
No, it is not
It may not have been the tire purchase that triggered it, but something else.
I don't think that's what's going on.
I think it's more likely a standard multi-factor risk threshold that's been triggered. A vendor you've never used (or haven't used recently), a vendor category (auto parts) which you rarely purchase within, a higher risk payment processing method (perhaps they put through a CNP (cardholder not present) transaction) in a location (geo or vendor) where use of stolen cards is above average.
However, that said, many mobile banking applications require coarse (mobile network) and fine (GPS) location permissions (https://play.google.com/store/apps/details?id=com.grppl.andr... and https://play.google.com/store/apps/details?id=com.barclays.b... for example). I highly suspect that this data, along with other information gathered from your device such as IMEI, is used to assess login risk. If you look at the markup on a lot of internet banking login pages you'll often find Javascript and 1px images loaded from unusual subdomains at the bank (sometimes with "risk" or "security" in the name). A couple of the banks I use also embed hidden Flash objects, only on the login page, which I suspect are used for the same purpose.
My understanding is that they pull together data from a number of sources/signals to calculate a login risk score, in the same way virtually every bank calculates a transaction risk score when you use your card.
I doubt that this information is tied with physical card transactions, however.
Edit: I'll add that I'm the most surveillance/tracking conscious person I know (most just don't care) but this is a little paranoid even for me.
This is a heck of a leap of faith and a very clickbaity headline.
You may find it interesting that BillGuard is developing a new anti-fraud feature that (I believe) compares your phone's location to where your cards are used.
what about testing this theory?
just as easily they could compare the pace/rhythm at which you usually hammer you pin in or something alike
I don't think the EMV PED (PIN entry device) standard supports such a thing. You could certainly verify that by looking up the EMV standards.