This is paranoia.<p>Much more likely that your card was flagged as bing possibly compromised by some other factor than your spending behavior.<p>For example If a a bank sees that many cards used at a particular retailer end up having fraudulent charges associated with them, they may suspect a problem with that retailer. They may then re-issue all of the other cards used at that retailer to be safe.<p>Also, people assume that because they sometimes get a call/email asking them if a purchase they made was valid, that they always know about how their credit card is used. This is not the case. Obvious fraud may be declined on the spot (think brute-forcing a CVV code, or a brand new retailer in Vietnam processing 100 cards while your last charge was in Kentucky). Some charges may go through but be flagged, reviewed, found to be fraud, removed from your account, and your card re-issued. Both cases are issues between banks and card processors, and may not necessarily show up on your transaction overview.<p>The likelihood of this happening is so much higher than the bank tracking your phone, that I would need a lot more evidence before I'd believe it.
I work at a bank and I can tell you that they will often allow one or two instances of actual fraudulent card use before issuing a new card. It is actually very expensive for them to issue a new card and very inconvenient for the client so most won't do it willy-nilly.<p>I would also be remiss if I didn't mention the completely clickbait headline of the article that in no way reflects the actual content of the article. A more accurate headline might be, "Weird Coincidence Elicits Paranoia About My Bank".
I find this hard to believe, if this were so - every time I leave my phone on my desk and go to lunch across town I'd get a new card.<p>More likely is that a batch of details went missing from the issuer itself or a store that the owner had shopped at legitimately any time in the past reported a loss of data, and the timing was completely coincidental.
I don't think that's what's going on.<p>I think it's more likely a standard multi-factor risk threshold that's been triggered. A vendor you've never used (or haven't used recently), a vendor category (auto parts) which you rarely purchase within, a higher risk payment processing method (perhaps they put through a CNP (cardholder not present) transaction) in a location (geo or vendor) where use of stolen cards is above average.<p>However, that said, many mobile banking applications require coarse (mobile network) and fine (GPS) location permissions (<a href="https://play.google.com/store/apps/details?id=com.grppl.android.shell.BOS" rel="nofollow">https://play.google.com/store/apps/details?id=com.grppl.andr...</a> and <a href="https://play.google.com/store/apps/details?id=com.barclays.bca" rel="nofollow">https://play.google.com/store/apps/details?id=com.barclays.b...</a> for example). I highly suspect that this data, along with other information gathered from your device such as IMEI, is used to assess login risk. If you look at the markup on a lot of internet banking login pages you'll often find Javascript and 1px images loaded from unusual subdomains at the bank (sometimes with "risk" or "security" in the name). A couple of the banks I use also embed hidden Flash objects, only on the login page, which I suspect are used for the same purpose.<p>My understanding is that they pull together data from a number of sources/signals to calculate a login risk score, in the same way virtually every bank calculates a transaction risk score when you use your card.<p>I doubt that this information is tied with physical card transactions, however.<p>Edit: I'll add that I'm the most surveillance/tracking conscious person I know (most just don't care) but this is a little paranoid even for me.
You may find it interesting that BillGuard is developing a new anti-fraud feature that (I believe) compares your phone's location to where your cards are used.