Understanding Payment Fraud in iGaming

iGaming companies are no strangers to payment fraud originating from stolen credit cards.

This is bad for chargebacks, brand reputation, and business. Let’s see how to solve that problem.

Why Is Payment Fraud a Problem for iGaming Companies?

iGaming companies operate on a rapid account acquisition model. That means accepting new players with as little friction as possible – and fraudsters know they can exploit this structure to both deposit and play using stolen credit card numbers. 

This causes a number of issues down the line, including chargeback requests initiated by the legitimate cardholder, which your iGaming company has to successfully dispute – or refund the money.

Reduce Payment Fraud in iGaming

Protect and streamline your iGaming business with SEON’s real-time data enrichment and advanced machine learning.

Ask an Expert

This is an expensive and time-consuming process. To add insult to injury, card issuers will punish you if you accept too many fraudulent payments by increasing the standard processing fees you pay as you use their services.

The latter point is particularly worrying for iGaming operators. They are already considered a high-risk industry, so an increase in transaction costs could very well be a death knell.

In practice, it would mean you can’t accept deposits by players who have a Visa or AmEx card, for example.

So how exactly are you supposed to beat iGaming fraud when your opponents have every incentive to fool your review process? Let’s break it down below. 

How Do You Detect iGaming Payment Fraud?

An iGaming account isn’t unlike an electronic wallet (e-wallet). Players can deposit, spend (play), and withdraw funds as needed. When it comes to payment fraud, there are two key stages you must monitor:

  • Signup stage: Does the user appear legitimate? Does their email address or phone number reveal suspicious data, like lacking a digital footprint or social media presence altogether? Are they using device spoofing tools to hide their IP and hardware?
  • Deposit stage: This is when you want to really pay attention to the debit or credit card data. Is it a prepaid card? Was it issued in a country that’s far from the player’s IP or home address? 
  • Withdrawal stage: When it’s time for a player to cash out, are they doing so to an altogether different locale and bank account? Are the details significantly different?

In order to answer these questions, you need to gather as much data as possible.

And the best way to gather more information without creating too much friction is via data enrichment.

Put simply, it allows you to learn as much as possible about an online user based on their digital footprint. The tools for the job include:

  • IP lookup will let you know if they’re connecting via VPN, Tor, or a suspicious proxy.
  • email lookup to see if the email address points to a free or temporary domain and if it’s been registered on social media networks.
  • phone lookup to identify eSIMs, among other indicators.

Last but not least, a BIN lookup can reveal a ton of helpful information about the payment method itself.

Free BIN lookup!

Enter the first 6 or 8 digits of a card number (BIN/IIN)

Bank Name
···· ····

Text here

Cardholder name

But what exactly should you do with all this data? The best way forward is to feed it to an anti-fraud engine with risk scoring.

Top 3 Custom Rules to Detect iGaming Payment Fraud

Let’s now look at concrete examples of risk rules an iGaming company could deploy today for payment fraud detection.

#1: High Number of Payments from a New User (In a Short Time Period)

This is a rule that comes directly from SEON’s customer success team, which has been deployed and loved by a number of iGaming companies. Known as a velocity check, this type of rule looks at a set of actions during a specific time frame. 

In this case, we’re looking at:

  • users whose accounts are less than a day old
  • 10 or more deposits within one hour. 
New Account

This rule is essentially attempting to describe common fraudster behavior. Bad agents create accounts fast and start depositing funds in quick succession, typically with stolen credit cards. 

#2: Card Is Prepaid and/or from a Different Country

A pretty obvious yet effective technique aims to check if a user’s payment method is truly theirs. 

In fraud detection, this would be done by checking where the user is connecting from (by looking at their IP address), confirming that data with a home address and, importantly, comparing it all with the card details.

Virtual Card Different Country

In the screenshot above, you can see a handful of risk rules relating to the payment method. You can of course combine them and adjust the results of the rule depending on your needs. 

Note that a prepaid card isn’t necessarily fraudulent – but it can increase your risk score and encourage you to look at this player more carefully, in tandem with other data points. 

#3: No Social Media Presence

How does a lack of social profile relate to payment fraud? Well, the key point to understand is that, in our digital age, an absence of social signals is highly suspicious. 

Social Media Profiles

Yes, you could be dealing with a privacy enthusiast, but what’s more likely is that it is someone who created a phone number and email address in a hurry.

And, you’ve guessed it, this is exactly what a fraudster who hopes to pay with a stolen credit card number would do. 

Other Ways SEON Can Help iGaming Companies

At SEON, iGaming has always been a vertical where our anti-fraud tech has the most positive impact. This is because thanks to data enrichment and powerful custom rules, you get to:

  • work with real-time data
  • learn about user social signals
  • control multi-accounting, collusive play, and bonus abuse
  • keep track of your affiliates and partnerships

Best of all, you get complete control over which modules you choose to create a complete end-to-end solution or to augment your existing risk management stack. 

Don’t gamble with your bottom line

Partner with SEON to reduce fraud rates in your iGaming business with unique digital footprint analysis, and strong device fingerprint and velocity checks

Ask an Expert

Share article

Speak with a fraud fighter.

Click here

Author avatar
Tamas Kadar

Tamás Kádár is the Chief Executive Officer and co-founder of SEON. His mission to create a fraud-free world began after he founded the CEE’s first crypto exchange in 2017 and found it under constant attack. The solution he built now reduces fraud for 5,000+ companies worldwide, including global leaders such as KLM, Avis, and Patreon. In his spare time, he’s devouring data visualizations and injuring himself while doing basic DIY around his London pad.

Sign up for our newsletter

The top stories of the month delivered straight to your inbox