Can authentication tame the Wild West of responsible igaming?

The past few years have seen the industry grapple with the challenges of championing responsible igaming in the digital space. Two of the toughest tenets to tackle have been verifying players’ ages and enforcing self-exclusion (adhering to an individual’s request of an operator to exclude them from igaming for a set amount of time). Companies specializing in fraud and risk mitigation may be the industry’s unlikely hero to support.

The virtual world is something of a “Wild West”—one which fraud detection software may be uniquely qualified to tame. Their advantage boils down to the difference between identification and authentication.

In the physical world, enforcement of responsible igaming practices is relatively clear-cut. On casino grounds, a check of their driver’s license can be all it takes to identify a player participating in voluntary self-exclusion. Manipulating a player’s identity makes it harder to enforce responsible igaming standards.

Igaming experiences more than its fair share of fraudulent activity; account takeovers, promotional abuse, and chargebacks to name a few. Each activity is only made possible via the theft or misuse of a player’s personally identifiable information. This includes full names, email addresses, bank account numbers—any data element that enables identification of a data subject. In this context, identification is only who someone claims to be. Authentication is how that claim is proven (or disproven).

The basis of a player’s identity can, for the purposes of authentication, be divided into three categories:

• What they have: this might be a driver’s license, passport, or social security card.
• What they know: this includes information such as passwords and PIN numbers.
• Who they are: this refers to user behavioral analytics (UBA), biological and behavioral metrics like a player’s fingerprint or their typing cadence.

The third category is where a software built to fight fraud can play a pivotal role in enforcing responsible igaming practices. The value of this data doesn’t stem from how hard it is to steal or what one might be allowed to do with it but rather what one might be allowed to do without it.

Someone opting to self-exclude might find ways to obscure their PII. They may even get their hands on someone else’s data. But they may never be able to fully adjust the unique angle at which they habitually hold their phone, the speed in which they type, or whether they copied and pasted data or had it auto-filled from their browser.

As the digital landscape continues to evolve at breakneck speeds—challenges are evolving just the same. After all, the Wild West of responsible igaming is a wide-open frontier, subject to rapid change. For now, providers in the fraud prevention space appear to be offering operators a viable solution.

Dave Champion is global head of online gaming, Accertify Inc. (an American Express Company) and co-founder and Exco Member of the Australian Online Fraud Forum. After graduating from University in South Africa, Champion moved to London to join the investment banking sector, quickly learning the ropes and working his way up from internal client service to helping organizations transform their operations at a time of major change for the industry. After 10 years abroad he returned to his native South Africa, taking a role with the world’s leading provider of online gaming solutions, Microgaming. In 2012 he and his family moved to Sydney, Australia taking up an opportunity that led to heading up sales at Accertify, helping merchants to fight online fraud.