Report Finds Gaming Sites Battling Sophisticated Fraud Schemes
Turns out gaming sites have a cybersecurity problem that goes way beyond the usual run-of-the-mill cyberattack. A report published by iovation, a unit of TransUnion that provides multifactor authentication tools and services augmented by a reputation insight database, finds the No. 1 method of fraud employed on online gaming sites is bonus abuse.
An analysis of transactions on an iGaming platform managed by iovation on behalf of its gaming clients finds bonus abuse is now the most common form of fraud occurring on these sites. Gaming sites typically give new customers a cash bonus as an incentive to open an account. The trouble is, many people apparently open multiple accounts using multiple email addresses, which makes it appear that multiple people are opening accounts when in fact they are the same individual. A full 72% of the gaming sites using the iGaming platform report having encountered this issue.
Angie White, a product marketing manager for iovation, said bonus abuse schemes are also becoming more elaborate. A fraud ring will be formed to open accounts using the bonus money provided and then deliberately lose to one of the other members of the ring, who usually racks up additional bonus dollars for beating their rival so handily. To combat that type of fraud, iovation makes it possible to track transactions all the down to the device level versus relying solely on IP addresses, said White.
The report notes 79% of all iGaming transactions came from mobile phones and tablets in 2019. Criminals are now taking advantage of mobile device emulators running on PCs to set up multiple accounts, she said.
The best way to mitigate that issue, she noted, is to rely more on two-factor authentication to provide not just a better user experience, but also reduce reliance on antiquated password credentials that are easily compromised or shared between end users.
The report also noted there’s been a 37% growth in credit card fraud from 2018 to 2019 as cybercriminals set up accounts using stolen credit card data, and credit card fraud on gaming sites usually spikes in advance of major events such as the Super Bowl. The number of new accounts being opened in front of a major sporting event increases. However, it’s often difficult for gaming sites to vet those new customers without surfacing too many cybersecurity challenges that ultimately conspire to dissuade many customers from placing a wager in the first place.
Gaming sites are naturally going to attract all kinds of criminals, given the amount of money flowing through those systems. Any type of business model around a gaming site assumes a high level of risk. It may not be possible to eliminate that risk altogether, but there certainly is plenty of opportunity to mitigate it. The “house” may always win when it comes to gaming, but whenever there is gambling inevitably somebody is going to try to find a way to illicitly tip the odds back in their favor.
