How to Prevent Cryptocurrency Account Takeover

Published on October 25, 2022 by Tamas Kadar
High-risk customers abound in the world of iGaming. In fact, it has been reported that online gambling fraud rose by 50% year on year in 2022.
From multi-accounting fraudsters to players on self-exclusion lists or money launderers, there are plenty of reasons to flag users who could negatively impact your business as an iGaming brand. Let’s explore how.
In iGaming, a customer is considered high-risk if they sign up or play using fraudulent information such as a fake ID or stolen credit card.
Online games are particularly targeted by fraud rings, who create multiple accounts in order to abuse bonuses and exploit multiplayer games, via chip dumping, gnoming, and other forms of collusive play.
There are also compliance issues.
iGaming companies are under scrutiny from regulatory bodies. They must deploy AML and KYC checks but also ensure players can self-exclude themselves or meet affordability and customer due diligence checks to practice safer gambling.
See how the iGaming operator deployed SEON to spot connections between accounts and flag fraud rings, catching 90% more attempts at multi-accounting for bonus abuse and other schemes.
Read Now
High-risk customers pose two main kinds of challenges for iGaming companies:
There is also the issue of friction caused by anti-fraud systems. If they are too heavy-handed and restrictive, you may observe increased customer churn, which may redirect valuable traffic toward your competition.
While every iGaming company will have a unique anti-risk tech stack, the basics tend to be the same across the board. That includes:
Most anti-risk solutions will also include a risk-scoring feature to feed the player data through rules and gauge how likely they are to be a liability.
Let’s dive deeper into three types of custom rules you could use to monitor high-risk users.
Our first rule focuses on multi-accounting, which is a good way to identify fraud rings or to detect bonus abuse in iGaming. In short, it’s all about finding out if one person controls multiple accounts.
Two strong indicators that this might be the case are passwords and browser hashes, which are encrypted identifiers based on a customer’s unique data points.
Passwords, for instance, can be typed in manually or automatically generated. But if you are a fraudster who creates thousands of accounts regularly, it’s even easier to recycle them. From our perspective, a predictable password pattern is a strong indicator that multiple accounts could be run by the same user – a strong indicator of potential fraud.
Similarly, browsers contain hundreds of data points that, in tandem, can act as user identifiers. Finding similar plugins, installed fonts, window size and browser versions, for instance, could tell us we’re dealing with a multi-accounting user.
We recommend deploying such a rule at the signup stage, which will immediately alert us if too much information has already been logged in the system. Moreover, with SEON, you can visualize these hidden connections using our data-matching tool, Customer Connections.
Detecting VPNs serves multiple purposes in iGaming. First, you want to ensure that there are no local compliance issues. A UK gambling vendor, for instance, is not allowed to let Maltese customers access its games.
Just as important is the issue of iGaming self-exclusion. Vulnerable gamblers will often attempt to create multiple accounts and, to avoid being flagged, they will rely on VPNs.
Combined with other rules mentioned in this post, you should be able to flag them before you are hit with compliance fines.
Last on our list is a custom rule designed specifically for the goal of ensuring AML compliance. We’re setting it up to alert us any time a player deposits more than $3,000. However, do note that this threshold varies from one jurisdiction to the next.
We want this type of deposit to immediately trigger a manual review, as we should probably keep the data for a suspicious activity report (SAR).
Regardless of what you do with the information, the key is to ensure you can easily customize the rule to adapt to changing regulations, so you should be looking for a granular, customizable solution to detect high-risk customers.
Partner with SEON to reduce fraud rates in your business with real-time data enrichment, whitebox machine learning, and advanced APIs.
Book a Demo
SEON is favored by iGaming leaders to detect multi-accounting and bonus abuse – as well as to reduce more types of fraudulent attacks and collusive play. This is why:
All of the above is available via flexible contracts and pay-per-API pricing. For more information, request a live SEON demo today.
Sources
Showing all with `` tag
Click here
Tamás Kádár is the Chief Executive Officer and co-founder of SEON. His mission to create a fraud-free world began after he founded the CEE’s first crypto exchange in 2017 and found it under constant attack. The solution he built now reduces fraud for 5,000+ companies worldwide, including global leaders such as KLM, Avis, and Patreon. In his spare time, he’s devouring data visualizations and injuring himself while doing basic DIY around his London pad.
The top stories of the month delivered straight to your inbox