How to Detect High-Risk Customers in iGaming

High-risk customers abound in the world of iGaming. In fact, it has been reported that online gambling fraud rose by 50% year on year in 2022.

From multi-accounting fraudsters to players on self-exclusion lists or money launderers, there are plenty of reasons to flag users who could negatively impact your business as an iGaming brand. Let’s explore how. 

Who Are High-Risk Customers in iGaming?

In iGaming, a customer is considered high-risk if they sign up or play using fraudulent information such as a fake ID or stolen credit card. 

Online games are particularly targeted by fraud rings, who create multiple accounts in order to abuse bonuses and exploit multiplayer games, via chip dumping, gnoming, and other forms of collusive play.

There are also compliance issues.

These companies are under scrutiny from regulatory bodies. gambling platforms must deploy AML and KYC checks but also ensure players can self-exclude themselves or meet affordability and customer due diligence checks to practice safer gambling.

Gamevision Catches 90% More Multi-Accounting

See how the iGaming operator deployed SEON to spot connections between accounts and flag fraud rings, catching 90% more attempts at multi-accounting for bonus abuse and other schemes.

Read Now

Why Are iGaming High-Risk Users a Problem?

High-risk customers pose two main kinds of challenges for iGaming companies:

  • Loss of funds: Whether it’s because of chargebacks for fraudulent payments, wasted marketing efforts, or expensive KYC checks, fraudsters can make a dent in your bottom line.
  • Compliance issues: As iGaming is heavily monitored by regulators, you risk fines, legal troubles, and operational issues if your company isn’t fully compliant. 

There is also the issue of friction caused by anti-fraud systems. If they are too heavy-handed and restrictive, you may observe increased customer churn, which may redirect valuable traffic toward your competition. 

How Do You Detect High-Risk Customers in iGaming?

While every iGaming company will have a unique anti-risk tech stack, the basics tend to be the same across the board. That includes:

  • IDV: A form of identity verification to ensure customers meet KYC requirements.
  • Static rules: The most obvious ones relate to blocked IP addresses and blacklisted names on self-exclusion lists.
  • Digital footprint analysis: This is a way to leverage alternative data such as social media presence and historical data leaks to gauge how risky the user is.
  • Behavior analysis: Tracking how users interact with your games and website can help flag high-risk patterns or potential money laundering issues. This tends to be done via velocity checks, which look at user actions within a specific timeframe.
  • Device fingerprinting: Examining a customer’s hardware and software configuration to catch hidden patterns and suspicious setups is a fraud prevention and risk mitigation staple.
  • Transaction monitoring: Transaction monitoring also allows you to spot potential fraudulent payments and attempts at credit card fraud, as well as comply with any applicable AML mandates.

Most anti-risk solutions will also include a risk-scoring feature to feed the player data through rules and gauge how likely they are to be a liability.

Top 3 Custom Rules for High-Risk Customers in iGaming

Let’s dive deeper into three types of custom rules you could use to monitor high-risk users. 

#1: More than Two Users Have the Same Password Hash

Our first rule focuses on multi-accounting, which is a good way to identify fraud rings or to detect bonus abuse in iGaming. In short, it’s all about finding out if one person controls multiple accounts. 

Two strong indicators that this might be the case are passwords and browser hashes, which are encrypted identifiers based on a customer’s unique data points.

Passwords, for instance, can be typed in manually or automatically generated. But if you are a fraudster who creates thousands of accounts regularly, it’s even easier to recycle them. From our perspective, a predictable password pattern is a strong indicator that multiple accounts could be run by the same user – a strong indicator of potential fraud.

Similarly, browsers contain hundreds of data points that, in tandem, can act as user identifiers. Finding similar plugins, installed fonts, window size and browser versions, for instance, could tell us we’re dealing with a multi-accounting user. 

We recommend deploying such a rule at the signup stage, which will immediately alert us if too much information has already been logged in the system. Moreover, with SEON, you can visualize these hidden connections using our data-matching tool, Customer Connections.

One Device

#2: VPN Connection Identified

Detecting VPNs serves multiple purposes in iGaming. First, you want to ensure that there are no local compliance issues. A UK gambling vendor, for instance, is not allowed to let Maltese customers access its games.

VPN Masking

Just as important is the issue of iGaming self-exclusion. Vulnerable gamblers will often attempt to create multiple accounts and, to avoid being flagged, they will rely on VPNs.

Combined with other rules mentioned in this post, you should be able to flag them before you are hit with compliance fines. 

#3: Deposit Is Above the AML Threshold

Last on our list is a custom rule designed specifically for the goal of ensuring AML compliance. We’re setting it up to alert us any time a player deposits more than $3,000. However, do note that this threshold varies from one jurisdiction to the next. 

Transaction Greater Than 3000

We want this type of deposit to immediately trigger a manual review, as we should probably keep the data for a suspicious activity report (SAR)


Regardless of what you do with the information, the key is to ensure you can easily customize the rule to adapt to changing regulations, so you should be looking for a granular, customizable solution to detect high-risk customers.

How SEON Helps iGaming Companies Detect High-Risk Users

SEON is favored by iGaming leaders to detect multi-accounting and bonus abuse – as well as to reduce more types of fraudulent attacks and collusive play. This is why:

  • In-depth customer profiling: SEON is uniquely positioned as an anti-fraud vendor who can gather 90+ social and online signals to ensure your players really exist, and are who they say they are. Spot connections between accounts, flag fake IDs, and bring down fraud rings, without having to ask players for extra information.
  • Customization and flexibility: Augment your current risk management solution with extra data or deploy SEON as an end-to-end solution. You can fully automate decision-making to approve, review or decline user actions, and even create dynamic rules that react to suspicious activity as it appears.
  • Powerful machine learning: SEON boasts two separate AI modules to boost your fraud prevention. Our clearbox AI suggests new rules that work exclusively for your company. Meanwhile, a blackbox AI provides additional risk scoring, separately from the explainable fraud score.
  • Frictionless integration: All the above enrichment happens in real-time and without disrupting the players’ experience, so you can monitor live user behavior or quickly ask for extra verification at the login and signup stage, if they do not inspire confidence.

All of the above is available via flexible contracts and pay-per-API pricing. For more information, request a live SEON demo today. 


Share article

Speak with a fraud fighter.

Click here

Author avatar
Tamas Kadar

Tamás Kádár is the Chief Executive Officer and co-founder of SEON. His mission to create a fraud-free world began after he founded the CEE’s first crypto exchange in 2017 and found it under constant attack. The solution he built now reduces fraud for 5,000+ companies worldwide, including global leaders such as KLM, Avis, and Patreon. In his spare time, he’s devouring data visualizations and injuring himself while doing basic DIY around his London pad.


Sign up for our newsletter

The top stories of the month delivered straight to your inbox