GPSAuth - Seamless Extra Layer of Security

We know in most system password authentification is the only layer of security that prevents hackers from unauthorised access. Some websites use 2-factor authentification which would require users to manually input a random code. We think this is annoying and not very secure in some way.

Our idea is to create an api that use phone's GPS location to do 2-factor authentification. Imagine a website uses our api and requires its users to install our phone app. When a user is trying to login to the website, the website will first authenticate the user by his/her email and password. Once, the website will ping us and provide the user's ip address and geo coordinates. We will then ping the user's phone to get its GPS coordinates. Once we got that, we match these two coordinates and tell the website whether the person that is trying to login is actually the user.