By Brian McCann, president of security solutions, Neustar
In today’s contemporary world, many of us rely on digital products and services to work, shop and entertain. The opportunity therefore exists for us to be targeted and manipulated on multiple devices, via various channels. As a result, cyberattacks have exploded.
Ultimately, our approach to digitisation is developing, quickly, and with that comes an increase in organised cybercrime and fraud. With almost infinite sub-categories of emerging threats, fraud now costs the global economy £3tn profession per year, with losses growing by 56% in the last decade.
Industries across the board from retail, to travel and hospitality, automotive and healthcare are all at risk of being infiltrated by relentless opportunists. However, financial services institutions are particularly vulnerable to online fraud, with money literally being on the line while under constant threat.
The gambling industry, in particular, is at the forefront of this shift to online activity. The latest statistics from the UK Gambling Commission show a 12.5% increase in remote bingo, and 5.3% increase in remote betting; an area that is likely to witness a continued increase as lockdown conditions are extended.
There is a distinct need and demand in this climate for digital services, however to be a true leader in the race towards digitisation, companies must place priority on security, if they are to benefit in the transformation from in-person to online. This should essentially empower businesses to make the most well-informed decisions to enable trusted connections between companies and people using their services.
Taking a gamble
While other industries have struggled their way through the impact of the pandemic, online casinos saw an increase in the number of players, with a 43% increase in the number of daily online poker players and more astonishingly, a 255% increase in first-time players.
Quite predictably, this has also led to an increase in fraudulent attempts – from credit card fraud, whereby fraudulent or stolen credit card information is used, to chargeback abuse, when someone contacts their card issuer and denies making a charge they already made; and chip-dumping, which is when a fraudster launders money or pay for black market services. Here, “players” lose to a single individual who cashes out their apparently legitimate winnings.
As quickly as risk mitigation evolves, fraudsters are never far behind creating new means of attack to disrupt or bypass online systems. Where there is opportunity, there will always be risk and cyber criminals are unlikely to quit at the first hurdle. Nonetheless, creating a robust security system to tackle fraud online is critical to managing ongoing risk.
Securing the jackpot
Gone are the days of a physical security team eyeballing people in person to ascertain their integrity. A lack of face-to-face interactions during the ongoing health crisis means that online gambling and gaming sites need to look at alternative options with a similar impact.
But what if there were other ways for businesses to personally identify their users in a way that allows them to categorise their intentions? What if there was a way to link the most essential information about a user? Well, there is a way to do exactly that and more.
Data has been an intrinsic part of the digital evolution to help companies make business critical decisions quickly, and the security aspect is no different. With online gambling, understanding who you are dealing with is crucial to characterising that person’s intentions. While it is becoming increasingly difficult to spot genuine players from the fakes, one way to reduce that ambiguity and risk is to implement IP decisioning data.
This data-intensive technology can help to tackle fraud in a number of key ways such as verifying locations. By identifying the physical location of an IP address, it can confirm whether a customer has legal rights to access a website, identify accounts that may have been compromised, and it can flag accounts for investigation of collusion or chip dumping.
Risk levels can then be assessed by providing insight into the history of malicious activity associated with an IP address, reducing the potential for bad actors and fraudsters before they log into the website. This also reduces friction for low risk customers going through the authentication process. In addition, IP decisioning data provides the ability to determine if the IP is being used by actual people or a non-human bot to manipulate game play.
The next normal is paved with digital interactions online, an environment that can be highly vulnerable to attacks. A comprehensive approach to security in these instances should involve using data to track, trigger and treat any infiltrations through an authoritative understanding of each and every person that uses your website. Only then can you truly make critical, real-time decisions that protect you, your business and your customers.