Insider View on Gambling Fraud
Past fraud trends in gambling
The gambling sector has evolved along the years, and fraudsters have evolved with it. The old preferred fraud method used to be manually skimmed cards. These are payment cards that have their data copied over for later use when used at a target point-of -sale. The person doing the act will also see the victim’s PIN number so at that point your card details have been compromised. All that it took was a careless agent to allow a switch of withdrawal method and the money was long gone before anyone was the wiser. This used to comprise a good 50%-60% of all fraud encountered around 2008.
Current fraud trends in gambling
Moving forward to 2018, fraud has become more sophisticated. Fraudsters are studying their target companies and the anti-fraud tools they use in detail to the point they know the routine of the company’s fraud team by heart. This puts them in a position to get away with a good chunk of your revenue before anyone sees a glitch.
The level of fraud sophistication has increased with the greater sophistication of data thefts. A heist of screenshot know your customer (KYC) data is more valuable than obtaining loaded card data due to the possibilities of easier bypass of triggers and manual checks on the merchant side.
The latest buzzword in anti-fraud technologies is machine learning. This technology has the potential to improve fraud prevention due to the speed with which computers can process different data points within milliseconds using special algorithms what would take a very large fraud team a substantial amount of time. However, even this technology is not immune to identity theft.
A fraudulent user with the means to generate fake identities can with the right amount of trial and error figure out how to bypass even a machine learning fraud prevention system. The preferred method is to use multiple accounts as probes to try different angles of attack in a process that is conducted over a long period of time to discover all the stoppage points from the merchant side. This is usually reserved by fraudsters for high value goods merchants because of the effort and time needed to generate a substantial return.
These techniques against machine learning are used in the gambling sector due to the high return potential, particularly in games against the house such as random number generated (RNG) games. These types of games can potentially contain bugs or the implementation with the back office of a third party can be buggy due to the speed with which they are brought to market. Consequently, there are often multiple breakage points for a fraudster to manipulate.
The quick and dirty method is to play through catching a big win and attempting to cash out with a different payment method that is controlled by the fraudster. Usually this will be a very good edited card with a name to match stolen documents or an e-wallet. Social engineering plays a part in making these methods work. Fraudsters will present themselves as legitimate and be as helpful as possible to further drop the guard of fraud prevention agents. Obviously having the full KYC documentation for the method of payment and corresponding person will be very helpful in preventing this kind of fraud attempt.
It has been observed that more and more selfie photos are being accepted as means to verify customers’ identities while preventing identity data theft. However, even in that respect some fraudsters are already ahead of the game. There are operations in place that trick users into taking selfies along with scans of their r ids for job interviews with sites posing as employment agencies. Small low cost e-commerce operations have even been set up to capture the full set of customers personal data in the most legitimate looking way possible.
Fraud prevention has always has been and will continue to be a game of cat and mouse with fraudsters. Machine learning is good for catching trends in data, as a supplement to a well-defined anti-fraud strategy and live fraud prevention agents. All three components are necessary to catch and deter today’s sophisticated fraudsters.
Setting up proper fraud prevention in gambling
The most surefire method of fraud prevention will always be the added vigilance of the human agents involved in transaction reviews. High value payouts should always be given an extra review from all angles even at the detriment of customer-centric desire for speed. Certain parameter must always be taken into account for fraud prevention in gambling, including the age of account, previous payouts, payout methods, information available on the individual and gameplay review.
As with all areas, fraud in online gambling cannotl be prevented 100%, but making it harder and more time consuming to commit fraud should make the majority of opportunists and organized fraud groups stay away from your operations. The cost to benefit ratio is what makes a target lucrative. If the cost-benefit ratio is not in the fraudsters’ favor, your site will be rendered unattractive to them.
Likewise, any operation should always view fraud prevention as a revenue generating business unit rather than a cost unit. Always research and invest in the latest technologies and training for fraud prevention agents and the returns to your top and bottom-line will be very measurable.
Address fraud before it’s a problem
It is unfortunate that most businesses do not invest the proper time and resources into having a sound fraud prevention strategy in place ahead of time. It’s usually only until a business has either reached a high level of losses or is receiving warnings from the credit card schemes for passing permissible industry fraud thresholds that action is taken. Once those points are reached it is very difficult to return to normal levels within a very fast period as the chargeback cycle runs for a six-month period. It is a game of review, act and eliminate that will only show benefits after a full 12-month cycle in the best-case scenario. Dealing with fraud is part of the long game and takes patience and consistency.
The final point to consider is how strict to be with fraud prevention. If you have reached warnings from the credit card network then a harsh approach should be taken to eliminate all bad transactions to get fraud rates under control quickly. This is usually a hard sell to the marketing and operations departments as they are concerned with the lost business that such an approach will bring. If a fraud strategy was put in place from the beginning of operations, a risk appetite suitable to the business can be achieved and then modified as seen fit. In an ideal world, a risk department and fraud strategy should be in place before the first transaction even takes place. Don’t wait until expensive triage and damage control is necessary.