Rising Promo Abuse Puts iGaming Profits at Risk, but 2FA and Digital Identity Can Protect a Big Pay Day

Sports gambling has a long history, and with the rise of the internet, it didn’t take long for casual bettors, workplace fantasy leagues, and fans alike to turn to online platforms in order to track their bets. And who can blame them? Filling out brackets and placing modest wagers can add a new immersive component to sports fandom.

In the United States and Europe, app-based gaming platforms, or iGaming, have contributed to the industry's rapid growth. Morgan Stanley suggests that the sports betting market could reach $8 Billion by 2025 in the U.S. alone. In the EU, that number is expected to balloon to 30 Billion Euros by 2022.

With such high expected profit margins, many traditional and non-traditional betting platforms predictably want a slice of that enormous pie: FanDuel and DraftKings, once associated with the 'daily fantasy' movement, have pivoted to be more full-scale iGaming platforms, and popular sports blog Barstool Sports has partnered with Penn National Gaming to create the Barstool Sportsbook.

But recently, Iovation reported in their 2020 Gaming Report that bonus abuse alone, one of the biggest security threats to iGaming platforms, had risen 72% from 2018 to 2019. iGaming customers also reported a 37% growth in credit card fraud the same year. It’s a lucrative market, but lucrative markets come with risks and often lost in all of the excitement of big pay days and the thrill of competition is the security challenges of running a full-scale casino on a mobile device. With fraud rising at such high rates, failing to protect against lost revenue and a damaged reputation is a huge gamble for iGaming platforms.

What constitutes iGaming?

Simply put, iGaming encapsulates any app or web-based wager on an event or game. This includes video poker, slots, online casino games, and sports, but can also be expanded to current events such as betting on the outcome of political elections, reality competitions, or the Super Bowl’s opening coin flip. Some mobile sportsbooks are even taking wagers on eSports, introducing a curious overlap of two emergent industries. While the legality and regulations of iGaming varies by country or territory, most platforms have set up shop in certain tax havens in Europe or Asia and allow an international audience to access their platform using a variety of legal loopholes.

How are iGaming platforms susceptible to fraud? 

On the customer side of things, the immediate concern with iGaming is account takeover. Through phishing or a simple brute force attack, a fraudster can hijack a customer account. Most betting apps are directly linked to a credit/debit card or bank account, so this means that having your iGaming account taken over can be massively damaging to your financial accounts. Fortunately, two-factor authentication protects from these attacks; TeleSign data shows that phone-based 2FA is 100% effective in stopping automated bot attacks, and 96% at blocking bulk phishing.

However, one of the vulnerabilities of 2FA is SIM swap fraud. SIM swap occurs when a fraudster manipulates a customer service rep into porting a customer’s your phone number to a SIM card controlled by the fraudster, giving them access to all texts and 2FA codes sent to the phone. But, at the forefront of digital identity solutions are data applications like phone number porting status and SIM swap detection that can prevent these kinds of attacks and, when used in conjunction with 2FA, make for a very secure iGaming experience for fans.

For the iGaming platforms themselves, there is a litany of ways people will try to defraud the house. People have been trying to rip off casinos for years—just think of any Ocean's 11 films. In the virtual space, the most common ways of ‘defrauding the house’ include bonus abuse, money laundering, and collusion, but all of these can be prevented by preventing, detecting, and blocking suspicious accounts.

Promo abuse occurs when bettors create multiple accounts to take advantage of new player incentives and double up on things like free bets, free chips, or some form of a free multiplier (i.e., bet $50 and the book matches your bet). Commonly seen in both ticketing and on-demand services, this bonus fraud can seriously harm revenues. Most fraudsters will try to use a dubious phone number to register their fake account with VoIP numbers, burner phones, or SIM cards belonging to SIM farms. Fortunately, more comprehensive digital identity solutions like TeleSign’s PhoneID and Phone Number Reputation Scoring reduce the likelihood of fraud by detecting these fake accounts and blocking the numbers at registration before they even have access to the iGaming platform.

Collusion occurs when one or more players plot together to defraud the house. A player could coordinate with other players or could create one or more fake accounts to conspire with themselves, and then make bets between the two accounts, guaranteeing one win and one loss. This activity is done to hit certain bonus thresholds or benchmarks that can also be associated with bonus fraud. Again, by limiting fake accounts, platforms can eliminate this type of collusion.

Lastly, there’s money laundering. iGaming is not the first example of fraudsters looking at innovative ways to clean dirty money—micro-transactions in video games have long been used to dump and clean drug money and iGaming platforms offer the same opportunity. A player can make a large wager or even buy thousands of dollars of chips and immediately cash out. Limiting this activity once again requires strategic use of digital identity. Criminals associated with drugs and terrorism are much less likely to use a clean phone, so by running digital identity checks at registration, platforms can block these dubious numbers and keep black market money off of their platform. The same technique can deter folks from committing chargeback fraud and credit card fraud.

It's essential always to stay one step ahead of fraudsters because they are always innovating. By focusing on holistic security solutions, iGaming platforms can simultaneously capitalize on global expansive growth in the gaming and gambling industries while establishing trust among customers by keeping their users totally safe.

TeleSign has been helping online platforms engage and protect customers for over 15 years. We support the largest web properties in the world and we're prepared to help you. Contact TeleSign now—as the pioneers of 2FA and phone number intelligence, we are a one-stop-shop for all of your digital identity and programmable communications needs.

Talk To An Expert

Interested in learning about how TeleSign's identity and engagement solutions can prevent fraud while fostering secure and global growth for your business? Let's chat.