How to Prevent Cryptocurrency Account Takeover

by Tamas Kadar
Worried a poker bot farm is hiding on your iGaming site? Use these tools to protect your business and players
Summer 2020 made history in the iGaming community, as a data leak exposed one of the biggest poker bot rings ever found. And the numbers are staggering, even when the dump only looked at a fraction of the operations:
It was a remarkably sophisticated attack, and understandably, players were furious. Had they been losing money to an organized criminal network? Were those online poker sites’ security too lax?
And how should you deal with poker bot farms before they create a PR crisis for your iGaming platform? All the answers below.
A poker bot farm is a term that describes any group of malicious poker bots coordinating to commit poker-related fraud – usually to the detriment of online poker rooms but also, sometimes, of legitimate poker players. These bots collude to fix online poker games for various purposes, from money laundering to bonus abuse.
On its own, a poker bot can help fraudsters cheat the system so they can win or lose a hand of online poker, no matter their opponents’ strategy or luck. When a criminal employs a group of online poker bots, they are able to:
iGaming, casinos and sports betting attracts all kinds of fraudsters for bonus abuse, account takeover, credential stuffing, and transaction fraud, to name but a few. The quick access to money makes them a high target, as they essentially act as online wallets.
But poker tables and poker sites are the most frequently targeted games, and for two good reasons. Firstly, fraudsters can increasingly deploy software, or bots, that automate online play. These still require some oversight, which is why all the sessions logged in the data dump were from suspicious users who operated between 9-5. They were probably monitored by fraudsters who took it as a job.
Secondly, the fact that poker is a multiplayer game adds another layer of complexity in the form of player collusion.
Put simply, it’s a coordinated effort between players to consolidate a win by having other players lose on purpose, and it’s a huge problem for a variety of reasons. In fact, it’s such a huge problem that online casinos won’t even offer signup bonuses for their poker games.
Partner with SEON to easily spot poker bots & reduce fraud in your business with real-time data enrichment, whitebox machine learning, and advanced APIs.
Book a Demo
Everybody is familiar with the high stake games between human chess players and machines, but advances in artificial intelligence and machine learning mean that researchers are increasingly turning towards more complex games like poker.
As poker combines mathematical skills with human traits like psychology and deception, it was previously thought impossible to learn for computers.
But the University of Alberta Computer Poker Research Group in Canada, for instance, is at the forefront of AI-driven software that can replicate poker player behavior. As of 2020, the group has released five free, open-source programs which attempt to “solve” different poker games, and make them unbeatable.
The problem? The code is fully open source. The program Polaris, for instance, designed to play Texas hold’em poker, is extremely popular for deploying poker bots.
While these tend to play on the lowest limits, even tournament users cannot rule out that they are playing against bots, especially during the middle and late phases, which are strongly influenced by a player’s mathematical skills.
And as technology continues to evolve, it will become harder than ever to differentiate between human players and machines.
In a normal multiplayer poker tournament, players are unable to communicate with each other. The practice is called Ghosting, and it is not only hard to pull off, but also prohibited.
However, in the online world, it’s nearly impossible to enforce a policy that prevents players from sharing advice.
And if the players had planned to work together beforehand, in the form of collusion, it becomes even more challenging to spot connections between the players. This creates all kinds of risks:
The SEON anti-fraud platform is exceptional at spotting hidden customer connections, stopping multi-accounting and easily finding spoofed devices or locations – the type of tool used by poker botnets to enable their schemes.
Today, we’ll look specifically at the data found in that huge 44GB data set dump from August 2020, and demonstrate how SEON could have helped expose the bots.
First, let’s examine exactly how the poker bot farm ring worked in that particular scenario:
Note that steps 1, 2 and 3 above all relate to the onboarding or registration stage. Here are the verification checks we should apply:
You can SEON’s IP address check below to see the wealth of information it can offer, complete with data points that can point to red flags.
This is most certainly where SEON would have alerted your company of the risk. Most of these players had similar email addresses, such as firstnamelastname@yahoo.com, with a few numbers thrown in for good measure.
SEON’s string analysis feature, for instance, can examine an email handle to ensure it’s not too generic, or to compare it with other recent signups. We also check what kind of domain is used, and whether it has been part of a data breach – a data breach lowers the risk score, as it is a sign that you’re dealing with a mature email address rather than one created a few days ago.
For instance, SEON’s velocity rules can identify when users have similarities that could imply they’re the same person – a key pain point for all iGaming brands, poker-related or not. Examples of this include monitoring the time frame between the first and last game, and betting strategies.
In this particular instance we’re studying, he bots ran 9–5 Monday to Friday with consistency, which could have alerted the victims if it had been monitored. Moreover, most of the bot accounts were found on tables with stakes between 10NL and 200NL. Other technical statistics such as post-flop Agg% and comparing stats with banned bots can also be monitored, per the platform’s risk tolerance.
It’s worth highlighting that SEON’s granular, customizable software lets you create custom fields specifically to analyze this kind of data, which wouldn’t be taken into account by a standard transaction fraud solution.
Partner with SEON to reduce fraud in your business with real-time data enrichment, whitebox machine learning, and advanced APIs.
Book a Demo
A poker bot farm by itself doesn’t necessarily hurt your operations. In fact, shadier iGaming companies have been known to populate their games with bots alongside real players. Similarly, the best poker players have no problem playing against them.
The issue, however, is that the majority of your players will feel cheated if a farm operates on your platform. And as leaks from 2015 and 2020 show, players will take matters into their own hands to find suspicious behavior, and will complain to you directly.
In other cases, there’s more than your reputation that you have to lose, as poker bots can cost you your AML compliance, as well as some of the bonuses you are wanting to hand out to legitimate customers.
Luckily, even the most sophisticated bot rings can be spotted with a combination of digital footprint analysis, device fingerprinting, velocity checks and IP analysis at the point of registration and powerful custom rules created by your fraud managers and the machine learning module.
You might also be interested in reading about:
Learn more about:
Data Enrichment | Browser Fingerprinting | Fraud Detection API | Fraud Detection with Machine Learning & AI
Sources
Showing all with `` tag
Click here
Tamás Kádár is the Chief Executive Officer and co-founder of SEON. His mission to create a fraud-free world began after he founded the CEE’s first crypto exchange in 2017 and found it under constant attack. The solution he built now reduces fraud for 5,000+ companies worldwide, including global leaders such as KLM, Avis, and Patreon. In his spare time, he’s devouring data visualizations and injuring himself while doing basic DIY around his London pad.
The top stories of the month delivered straight to your inbox