Understanding Payment Fraud in iGaming

iGaming companies are no strangers to payment fraud originating from stolen credit cards.

This is bad for chargebacks, brand reputation, and business. Let’s see how to solve that problem.

Why Is Payment Fraud a Problem for iGaming Companies?

iGaming companies operate on a rapid account acquisition model. That means accepting new players with as little friction as possible – and fraudsters know they can exploit this structure to both deposit and play using stolen credit card numbers. 

This causes a number of issues down the line, including chargeback requests initiated by the legitimate cardholder, which your iGaming company has to successfully dispute – or refund the money.

This is an expensive and time-consuming process. To add insult to injury, card issuers will punish you if you accept too many fraudulent payments by increasing the standard processing fees you pay as you use their services.

The latter point is particularly worrying for iGaming operators. They are already considered a high-risk industry, so an increase in transaction costs could very well be a death knell.

In practice, it would mean you can’t accept deposits by players who have a Visa or AmEx card, for example.

So how exactly are you supposed to beat iGaming fraud when your opponents have every incentive to fool your review process? Let’s break it down below. 

How Do You Detect iGaming Payment Fraud?

An iGaming account isn’t unlike an electronic wallet (e-wallet). Players can deposit, spend (play), and withdraw funds as needed. When it comes to payment fraud, there are two key stages you must monitor:

• Signup stage: Does the user appear legitimate? Does their email address or phone number reveal suspicious data, like lacking a digital footprint or social media presence altogether? Are they using device spoofing tools to hide their IP and hardware?
  
• Deposit stage: This is when you want to really pay attention to the debit or credit card data. Is it a prepaid card? Was it issued in a country that’s far from the player’s IP or home address? 
  
• Withdrawal stage: When it’s time for a player to cash out, are they doing so to an altogether different locale and bank account? Are the details significantly different?

In order to answer these questions, you need to gather as much data as possible.

And the best way to gather more information without creating too much friction is via data enrichment.

Put simply, it allows you to learn as much as possible about an online user based on their digital footprint. The tools for the job include:

• IP lookup will let you know if they’re connecting via VPN, Tor, or a suspicious proxy.
• email lookup to see if the email address points to a free or temporary domain and if it’s been registered on social media networks.
• phone lookup to identify eSIMs, among other indicators.

Last but not least, a BIN lookup can reveal a ton of helpful information about the payment method itself.

But what exactly should you do with all this data? The best way forward is to feed it to an anti-fraud engine with risk scoring.

Top 3 Custom Rules to Detect iGaming Payment Fraud

Let’s now look at concrete examples of risk rules an iGaming company could deploy today to detect payment fraud.

#1: High Number of Payments from a New User (In a Short Time Period)

This is a rule that comes directly from SEON’s customer success team, which has been deployed and loved by a number of iGaming companies. Known as a velocity check, this type of rule looks at a set of actions during a specific time frame. 

In this case, we’re looking at:

• users whose accounts are less than a day old
• 10 or more deposits within one hour. 

This rule is essentially attempting to describe common fraudster behavior. Bad agents create accounts fast and start depositing funds in quick succession, typically with stolen credit cards. 

#2: Card Is Prepaid and/or from a Different Country

A pretty obvious yet effective technique aims to check if a user’s payment method is truly theirs. 

In fraud detection, this would be done by checking where the user is connecting from (by looking at their IP address), confirming that data with a home address and, importantly, comparing it all with the card details.

In the screenshot above, you can see a handful of risk rules relating to the payment method. You can of course combine them and adjust the results of the rule depending on your needs. 

Note that a prepaid card isn’t necessarily fraudulent – but it can increase your risk score and encourage you to look at this player more carefully, in tandem with other data points. 

#3: No Social Media Presence

How does a lack of social profile relate to payment fraud? Well, the key point to understand is that, in our digital age, an absence of social signals is highly suspicious. 

Yes, you could be dealing with a privacy enthusiast, but what’s more likely is that it is someone who created a phone number and email address in a hurry.

And, you’ve guessed it, this is exactly what a fraudster who hopes to pay with a stolen credit card number would do. 

Other Ways SEON Can Help iGaming Companies

At SEON, iGaming has always been a vertical where our anti-fraud tech has the most positive impact. This is because thanks to data enrichment and powerful custom rules, you get to:

• work with real-time data
• learn about user social signals
• control multi-accounting, collusive play, and bonus abuse
• keep track of your affiliates and partnerships

Best of all, you get complete control over which modules you choose to create a complete end-to-end solution or to augment your existing risk management stack. 

Related Case Studies for iGaming

• iGaming Operator Catches 90% More Multi Accounting With SEON’s Tech
• iGaming Innovators Reveal Customer Connections and Suspicious Activity With SEON Sense
• iGaming Operator Leverages SEON to Design Abuse-Proof Bonuses and Reduce Self-Exclusion Fraud

Related Articles for iGaming

• Guide to Preventing iGaming Fraud in 2022 
• AML & KYC for iGaming: Staying Compliant and Safe
• iGaming Affiliate Fraud: How to Stop It – SEON