Operators and players need to be better at protecting their assets and themselves from fraud as the industry continues to become increasingly digitalised. Marese O’Hagan talks to Lindsay Slader, Zak Cutter from Paysafe and Leon Allen from Continent 8 about the need to stay one step ahead of threats to financial safety.
Cybercriminals are working around the clock to exploit any gaps in technology that may exist to gain personal financial benefit.
The most wanted information is financial data. Accessing a client’s financial information goes beyond making large purchases or withdrawing money without being noticed.
In the darkest corners of internet you can find people selling their personal financial information, even if it is cheap. This causes ongoing stress to the victims.
As was shown by the hacking of BetMGM last year that resulted to “certain BetMGM Patron Records being obtained”, no person or company is immune from financial data theft.
Cutler believes that the recent breach of security of the financial industry has increased the awareness of the importance of personal data.
He says that there have been security breaches within the industry. I think this is a good lesson in how important the information that they are sharing really is. Fraudsters are willing to go to extreme lengths in order to gain access to a player’s account.
Cutler stresses that, although these breaches did not affect Paysafe operations in any way, the security measures they have put into place are rigorous and designed to stop attacks of this type.
He explains, “We’ve got a lot of security protocols.” We’re not just regulated by gaming regulators but also financial regulators.
The security bar we had to pass through to obtain all of that was extremely high. The gaming industry gains from this bar because it is so high.
Intentions of malice
Slader shares the concerns of industry and adds that GeoComply provides meticulous protection against fraud attempts.
She says that both consumers and regulators are concerned about online gambling.
GeoComply is working closely with operators in order to provide them with tools that will help identify fraud, combat it and avoid such scenarios.
She says that anti-fraud service providers are essential in fighting data breaches. It is not just about preventing data breaches, but it also helps with criminal investigations in case frauds are successful.
She explains, “We are involved in the entire customer journey from the account creation to KYC and confirmation of a user’s location.” Device fingerprinting is one way to track fraud rings, identify fraud and understand the user’s history.
Allen highlights the fact that, in a world where financial data is being scrutinized, this industry is more affected than ever.
He says that the online gambling industry is among the most targeted industries around the globe. Cybercriminals launch sophisticated and complex attacks on businesses of every size, including powerhouses to new studios.
The increase in attacks comes as the economic landscape changes, and with the Russian war on Ukraine and cost of living crisis that is sweeping the world. This will likely be a catalyst to further raise the number of attacks.
Humanity as a whole
Allen argues that while robust security measures can be the most effective way to combat hacking, the human factor must also come into play. Otherwise companies may suffer huge costs.
He explains: “Ofcourse, certain attacks can breach the systems of a business, while others succeed due to a human error. Some even manipulate employees into being complicit, as in social engineering. There are also actions the player and the operator can do. The most obvious is to use different passwords on different websites. This is a simple, yet imperative action.
The average cost of data breaches in 2022 is expected to reach a new record of $4.3 million. All businesses should ask themselves, “Is my data and that of my players protected?”
Cutler suggests that as an additional layer of security, companies should be cautious when choosing who to partner with or whom to assign services to.
He continues, “You should find a partner who has gone through the process and is already up to standard. You also need to review your standards for partners.” What is your PCI compliance level? How does your team of security look? What is the staffing? What policies are in place? “All the things that you as a vendor can consider before you choose a vendor.”
The pack is ahead
Those in the financial industry are naturally interested to learn the best way to handle attempts to steal sensitive data and the worst case scenario if successful.
Slader claims that GeoComply offers a complete package of cybersecurity services for operators who want to take advantage. The system is so powerful that many operators cannot provide the service themselves.
Slader says that GeoComply employs dozens upon dozens of employees who are on a constant hunt to find these security threats. If you are an online operator you will need to find vendors who can provide fraud prevention and payment services that specifically address such risks.
It’s hard to develop machine learning to help prevent future breaches or risks unless you have full-time investigators who are constantly looking for new threats.
A larger picture
Allen says securing all defensive tactics is crucial to creating a secure environment for financial information – and preventing the operator’s reputation from being tarnished.
He says that the only way to stay on top of threats is by adopting a proactive cybersecurity strategy and deploying a multilayered resilience strategy. There is no doubt that the industry will be attacked over the next 12 months. Operators and suppliers should act immediately to make sure they are protected and have policies in place.
It is possible that the reputational cost will be greater than money.
Allen says that those who don’t take these steps leave themselves vulnerable. If an attack succeeds, they will not only suffer financial losses, but will also have their reputation damaged by the compromise of personal data and financial information.
No single method can protect all financial information from being misused. The best way to protect financial data is through a combination of digital security and individual accountability.
