March 27, 2019
Securing the Winning Hand Against Fraudsters in Gaming and Gambling
Posted October 10, 2018
The house always wins, the old gambling adage goes, and yet this well-known proverb does nothing to deter the millions of gamblers trying their luck in both virtual and physical casinos.
Not only is the ‘house’ winning, but operators are continually looking at ways to increase player engagement to ultimately take more in winnings. Or should that be losses. A prime case in point is the gambling capital of the world – Las Vegas. For as long as the lights of Sin City have shone in the Nevada desert, myths and rumors have abounded regarding the ways in which casinos keep gamblers at the table, from free drinks and oxygenated air pumped into the casino floor, to an absence of clocks and even garish carpets.
Of course, if Las Vegas is the capital city of gambling, then the internet is the world’s online playground. That playground has taken everything in a brick-and-mortar casino and made it virtual, from slot machines and poker games, to blackjack and roulette wheels. With big jackpots, better odds and lucrative bonuses, together with ease and convenience of play, online gaming has seen exponential growth; in 2015 the global online gaming market was estimated at $37.91 billion, with this number set to increase to $59.79 billion by 2020. So, what is fueling this growth? Well, when it comes to keeping players engaged and betting big, operators have an ace up their sleeve: mobile.
Mobile: The New Realm of Online Betting
Mobile has opened up a whole new realm of online betting, with players now able to access immediate odds and place bets on the outcome of the next free-kick or roulette spin. Mobile gives players an on-the-go, real-time, 24/7 casino in the palm of their hands.
In fact, when it comes to gaming, the role of mobile is now so prominent that 71% of all transactions are now made from a mobile device, a growth of 45% year-on-year according to the latest Q2 Gaming and Gambling Cybercrime Report from ThreatMetrix. The growth in mobile highlighted by the ThreatMetrix report illustrates the extent to which mobile has been embraced by consumers, signaling major success for the operators who bet on mobile and who are finding new ways to engage with players.
However, amid the players vying for jackpots and operators looking for high rollers, there are those looking to bluff their way into winning big.
Fraudsters Seizing the Opportunity to Steal Credentials
As mobile continues its upward trajectory in gaming and gambling, fraudsters are increasingly viewing mobile transactions as an opportunity to monetize stolen credentials. Be it infiltrating devices or launching sophisticated cyberattacks, fraudsters are viewing mobile as an increasingly lucrative channel. Putting a spotlight on the increasing risk to mobile transactions in gaming is another finding from the Q2 Gaming and Gambling Cybercrime Report, which found that mobile payments attacks in the space had increased 60% year-on-year.
When it comes to mobile there is also another element to keep in mind – one which is unique to gaming and gambling alone – addiction and problem gamblers. Countries like the USA, Australia, Canada and UK boast significant numbers of problem gamblers, numbering in the millions, with regulators increasingly bearing down on operators to support self-excluders. However, mobile makes gambling accessible – even to those who want or should be excluded from such games. Indeed, in the US there are as many 750,000 young people aged 14 to 21 with a gambling addiction – most likely gained via online and mobile channels and thus avoiding age requirements needed at physical casinos. The regulators, however, are making operators responsible, so much so that recently an operator was fined £2M for failing to recognize a problem gambler.
Responsibility Lies with Gaming and Gambling Operators
So, for operators, mobile is somewhat of a double-sided sword. Or should that be wild card. Mobile has given consumers a casino in their pocket, a 24/7 way of engaging in games for monetary reward. This accessibility and increased engagement is driving growth and revenue for operators, but it is also creating opportunity for fraudsters to break the bank and monetize stolen credentials. Armed with stolen data gleaned from persistent data breaches, fraudsters are taking over customer accounts in order to drain them of funds, linking multiple accounts to control outcomes or opening fraudulent accounts in attempts to exploit free bonuses. You then have self-excluders and problem gamblers who can also leverage stolen credentials, tricking sites with spoofed or stolen credentials. Furthermore, regulators are putting responsibility for these problem gamblers at the operators’ door.
So, how can operators protect self-excluders and defend against fraudsters? What does the winning hand look like?
Put simply, operators must be able to differentiate between legitimate players and fraudsters, while not adding friction to the digital and mobile experiences demanded from online gamers today.
The key to separating the bad from the good lies in understanding changes in trusted user behavior. Operators must be able to identify links and associations between identities, devices, locations and IP addresses, leveraging such intelligence to block high-risk activity.
Gaming and gambling operators need to look beyond just static identity data to incorporate dynamic digital identity intelligence in order to better inform risk decisions – in short, operators must be able to call the fraudster’s bluff.
To learn more, download a copy of the Q2 2018 Gaming & Gambling Report from ThreatMetrix.