Guide to Bonus Abuse in iGaming: How to Detect & Prevent

Download The Guide
Guide to Bonus Abuse in iGaming: How to Detect & Prevent

What is Bonus Abuse?

Bonus Abuse is the process of signing up to a service multiple times using marketing offers normally intended just for new users. It goes by many names including promo abuse, bonus hunting, bonus whoring, casino whoring, and bonus abusing.

In fraud terms, this process is known as multi-accounting, and it often targets no deposit bonuses such as free spins or free cash.

It mostly plagues sports betting, casino, and poker sites, but any company that offers signup bonuses as part of their marketing may be vulnerable to them.

The problem is that fraudsters attempt to create as many new accounts as possible, relying on stolen IDs, synthetic identity, and prepaid credit card details to bypass the Know Your Customer (KYC) checks.

More sophisticated criminals can also have the resources to use emulators, virtual machines, and even residential-like IPs, such as Socks5 proxies or mobile networks to leverage fresh IP addresses.

How Bonus Abuse Fraud Works in iGaming

By default, most systems are weak on detecting whether or not a single person has multiple accounts. As a result, bonus abusers can easily sign up to receive the same signup bonus by registering with multiple identities. So long as they avoid detection they can continue to cash out and repeat the process. 

Not only is this popular, it is also so lucrative that many fraudsters will invest significant resources into scaling their bonus abuse operations: some go as far as sourcing identities through fake job adverts or KYC forms.

However, the survival of an iGaming company depends on its bonuses.

Whether it’s signup, welcome, reload, or no deposit bonuses, these marketing offers are often the most reliable way to grow and to build a loyal player base.

This is precisely why Bonus Abuse is so damaging. If fraudsters are able to take advantage of the offers, you’re not just risking short-term damages, you’re seriously putting your company at risk for the long term.

In this guide, we’ll go over the basics of Bonus Abuse and we’ll give you all the tips and tricks to reduce it at your iGaming company.

Protect Your Business from Bonus Abuse

Improve your risk management with SEON’s real time data enrichment tools

Book a Demo

Part 1: Why iGaming Companies Give Out Bonuses?

Under heavy regulations from governments and gambling bodies, iGaming companies have to choose where they spend their marketing budget wisely and often bonuses play a part in their strategy.

What is the iGaming Bonus Market Worth?

According to Statista, the iGaming market will be worth up to 92.9 billion USD by 2023.

The most profitable operators, or Tier 1, operators spend up to 18% of their gross revenue on bonuses in order to attract new customers. However, Tier 2, or lower-level operators, who do not have the same budget or local licenses needed to advertise, are almost fully reliant on bonuses and affiliate schemes.

For these Tier 2 operators, affiliate marketing can account for 25% of their gross revenue expenditure, with bonuses accounting for an additional 25-45% of spend.

Marketing trends often shift based on regulations, for example those from the UK Gaming Commission and changes with the ability to advertise on App Stores. However, it’s still plain to see how important bonuses are to launch, grow, and maintain an iGaming company in today’s online landscape.

Although conversion rates vary greatly from one operator to another, the most common bonus types tend to be the same across the industry. These include:

Sign up bonus

The most common bonus – given upon a player’s first deposit or completed onboarding. It’s usually based on a percentage of the deposit.

The rules tend to include a maximum bonus amount, and they come with a rollover requirement. This ensures the player wagers the amount a certain number of times before they can withdraw the offer.

In some cases, operators offer a “no deposit required” sign up bonus, which allows players to start betting simply by onboarding. These are fraudster favorites.

Reload bonus

The requirements for reload bonuses are often similar to those for sign up bonuses. However, as the name implies, they are only triggered when players come back to the site, usually after a set period of time.

Reload bonuses are often smaller than signup bonuses and are not offered to customers who have already withdrawn their winnings.

Free bet (Matchplay)

Online betting providers like to offer free bet bonuses to join games with lower stakes. These are also ruled by rollover requirements and site-specific restrictions.

Reduced juice

These tend to be lower commission bets, used to attract already loyal customers or redirect them towards specific events.

Percentage back on losses

This is a good way to regain loyalty from clients currently on a losing streak. Operators can offer a percentage back on their net losses at the end of a specific time period.

Reward program

A great method to build loyalty with long-term customers –  aimed at encouraging repeat business. Players can receive a variety of casino bonuses including free spins, free bets, and other deposit offers to depend on the volume of their spend on the site.

Referral bonus

Referral and affiliate marketing are increasingly popular in the iGaming world. As the online gambling industry becomes more and more competitive, word-of-mouth and monetary incentives are some of the reliable ways to get known.

More Bonuses = More Manual Reviews

A shocking statistic from our own data: while 8-12% of all gambling transactions require manual review, only 1-4% actually end up being declined.

This means that a lot of business resources are spent on verifying users when they should have automatically been accepted, all the while degrading the customer experience.

Unfortunately, these heavy and lengthy manual reviews are still important for companies. That is, of course, because of the growing problem of Bonus Abuse.

Part 2: How & Why Bonus Abuse Works

Bonus Abuse works by fraudsters signing up through a promotion multiple times and withdrawing the funds before they’re able to be caught. As long as people can get away with this then the abuse will persist. 

This problem of multi-accounting is often, therefore, one of the biggest problems that iGaming companies have to contend with.

It encourages fraudsters to create as many new accounts as possible by relying on stolen IDs, synthetic identities, and prepaid credit card details to bypass the KYC checks. Which, in turn, obviously causes compliance and regulatory issues.

Often Bonus Abuse is undertaken by large and sophisticated criminal rings with vast resources rather than small operations. The more resources fraudsters have to create accounts, the more Bonus Abuse becomes profitable to them.

Anatomy of a Bonus Abuse

There are four popular types of Bonus Abuse that fraudsters use:

  • Collecting signup bonuses: in order to cash out their promotional offers without actually playing
  • Collusive play: fraudsters can control multiple players in order to defraud unsuspecting legitimate users
  • Chip dumping: similar to the above, when a poker player intentionally “loses” their chips to another player in order to affect the outcome of a hand
  • Arbitrage: placing bets simultaneously to increase the winning odds on betting platforms. Often referred to as an “arb” and performed by “arbers”.

The entire process begins at signup. One person (or a group of fraudsters) will create as many new accounts as possible, known as “gnoming”.

They use fake names, disposable emails, and sometimes fake or stolen credit card details. Once they’re in the system with multiple accounts, they can begin their attacks.

These are just a few of the known examples. Based on all the types of bonuses listed above, and despite iGaming operators’ best attempts to impede them, there’s no shortage of options for resourceful fraudsters.

Why Fraudsters Target Gambling Operators?

Historically, promo abuse was an easy target because gambling operators offered large bonuses with low betting requirements. This undeniably opened the floodgates for fraudsters.

Luckily, operators were quick to take notice and rectify. Bonuses have been lowered, requirements are higher, and additional restrictions have been put in place.

However, fraudsters have increased the sophistication of their bonus hunting. They are better at mathematically calculating their odds for arbitrage, and will be less obvious in the methods used.

This constant game of cat-and-mouse can create a real challenge for gambling operators, even those whose promos and bonuses are designed to be uncheatable.

Affiliate Fraud – When Marketing Backfires

Another issue with bonus incentives is that it makes it easier for fraudsters to direct, or control traffic for affiliate fraud. Criminals can sign up to casinos and iGaming operators’ affiliate programs, and:

  • Send leads who are only interested in signup bonuses, which qualifies them for a Cost per Lead (CPL) commission
  • Generate fake traffic to earn commissions on Cost per Click (CPC)
  • Redirect traffic towards websites that qualify for Cost per Thousand (CPM) commissions.

This all adds another layer of complexity in filtering legitimate new users from bad or fake ones.

SEON SENSE

SEON Sense lets you filter out good from bad affiliates (merchants) based on approved or declined transactions.

Part 3: Steps to Detect & Prevent Bonus Abuse

The immediate steps operators can take to lower Bonus Abuse include:

  • Creating more complex bonus rules: for example, having strict withdrawal requirements and/or rollovers where users must play the bonus amount several times before they can receive it
  • Lowering bonus payouts: a quick fix to stop the business from rapidly losing money.
  • Blocking risky locations: most operators, for instance, will not offer bonuses to new Russian / Eastern European users, as these territories are historically prone to bonus hunting.

However, these steps are barely a drop in the ocean. The key is to understand, investigate, and in some cases, even use Bonus Abuse to your advantage.

Two Ways to Detect Bonus Abuse

New website visitors come with a digital history that provides a fingerprint to help with the fraud fight. This is actually an advantage for iGaming operators, provided they have the right data analysis tools in place. The kind of flags you should keep an eye out for as soon as possible include:

  • Suspicious IP addresses: is the user relying on a VPN? Are they connecting with the TOR browser? What about blacklisted residential proxies?
  • Suspicious devices: is the configuration of hardware and software unique, or does it look like someone has already appeared on your site with a suspiciously similar setup?

Device fingerprinting is particularly effective for highlighting multi-accounting attempts, as it’s actually a lot harder than you may think to have a completely unique digital fingerprint.

According to a recent analysis of the data on the SEON risk platform, 87% of multi-accounting users use the same password for all of their different accounts.

Signs for Bonus Abuse

Analyzing behavioral patterns is something that only the more sophisticated anti-fraud platforms can offer.

Your fraud prevention tool should be able to read human behavior such as:

  • Registration time: fraudsters might complete the registration process faster if they’ve done it before
  • Betting/behavior to withdrawal / cash-out ratio: a complex metric that could flag potential abusers. There is a shorter time span between registration and withdrawal or chip dumping when the account is fake. It’s very suspicious, for example, if a freshly assigned bonus gets lost instantly at a poker table to a third person
  • Preferred games: certain games will tend to attract more fraudsters than others, especially low odds games that minimize risk.

And of course, ID Verification and Know your Customer (KYC) processes are as important as ever.

Bonus Abuse Prevention: Improving KYC Process – Heavy vs Light

Every operator knows that simplifying the onboarding process is the best way to grow your user base. But when KYC processes are involved for regulatory and security reasons, there is also a choice to make:

heavy vs light kyc
  • Heavy KYC: more thorough and safe. This can take on average between 1 and 5 minutes, which is a very long time for users and therefore increases churn. One example of this would be to ask for an ID verification or selfie at the signup stage.
  • Light KYC: offers a smoother user experience. Taking around 1 second per verification, it is also riskier, as it lets fraudsters slip through the net. It is often performed by looking at a user’s digital footprint and enriching the data available.

There are a lot of forces at play, all of which make it increasingly hard to react passively to the problem of Bonus Abuse. Instead, a proactive approach should be taken and, where applicable, a third-party fraud prevention tool should be used to help enrich your customer’s data.

Still Worried About Bonus Abuse?

SEON’s anti-fraud tools are designed to detect suspicious usage and uncover hidden fraudsters

Book a Demo

Share on social media