Bonus abuse in iGaming is when players exploit promotional offers meant for new users. It involves signing up to an iGaming service multiple times via multi-accounting, using marketing offers intended for new customers, and cheating the system of bonuses offered by operators.
Sign-up promos, free spins and introductory offers are all great ways to boost sales, increase brand awareness and attract new customers. But what they also attract is fraud, fraud that can lead to huge revenue losses; reportedly bonus abuse is booming costing the iGaming sector around 15% of its annual gross revenue.
“Bonus abuse is booming, reportedly costing the online gaming sector around 15% of its annual gross revenue.”
Simple bonus abuse can occur when a fraudster signs up multiple times using many different identities to receive the same new customer bonus.
By registering with multiple identities, creating multiple accounts and claiming rewards, fraudsters can simply abandon accounts and repeat the process for as long as they remain undetected. Weak online identity verification checks and failure to spot fraud signals are often to blame.
Affiliate programmes also attract bonus cheats. On signing up to a casino or iGaming affiliate programme the fraudster refers leads who are only interested in sign-up incentives, pocketing cost-per-lead commissions, or generating fake traffic to earn cost-per-click commissions.
All this identity fraud trickery can mean your new customer bonus is missing its mark and costing your business dear. It can also add another layer of complexity in filtering valued new customers from bad or fake ones.
To beat the bonus abuse cheats, first you have to spot them and there are various signals to watch out for and be wise to:
Visitors using a VPN, TOR browser, or blacklisted residential proxies.
Repeat visitors using a similar combination of hardware and software.
Fraudsters may sign up significantly faster if they’ve done it before.
Quick cashouts are a flag of possible fraudsters. Fake accounts often dump chips or withdraw winnings much faster after registration.
Some games are likely to attract more fraudsters than others, especially low-odds games that minimise risk.
“In GBG Trust tests carried out on 100,000 customer identity records by one iGaming business, 88% of low-scoring (1-100) identities were committing bonus abuse or other fraud.”
Sharing consumer intelligence between iGaming businesses is a great way to beat the bonus abuse cheats. GBG Trust is a data network that does exactly that.
The GBG Trust Network delivers a Trust Score for each digital identity appearing on your site, flagging any signal of suspicious data patterns or activity detected across all iGaming businesses in the network. Data inconsistencies, data manipulation and high-velocity data submissions linked to that digital identity indicating bonus abuse or other fraud will show up in the score.
In GBG Trust tests carried out on 100,000 customer identity records by one iGaming business, 88% of low-scoring (1-100) identities were committing bonus abuse or other fraud.
Mr. C is a real example of serial bonus abuser; fraudulently taking advantage of free spins and introductory offers by pretending to be a different customer each time.
Network anomaly signals
- Same person different address within 7 days
- Multiple same person + address + different DOB
- Multiple same mobile + different person and address
- Multiple same email + different person and address
Network velocity signals
- Person + address (multiple)
- Person + email (multiple)
- Person + mobile (multiple)
- Mobile + email (multiple)
Data validation anomaly
- Middle name contains no vowels
Mr C. created multiple accounts, each time making subtle identity data changes. Within a few months, he attempted over 3000 applications with 18 companies and had associated himself with five different addresses, subtle changes in name, address, date of birth and contact details.
The Trust Network immediately flagged this behaviour and Mr. C began generating a very low Trust Score. Network rules were identifying suspicious anomalies and velocity within the original iGaming company. Meanwhile, this real-time shared consumer intelligence was alerting other gaming companies in the Trust Network to Mr C’s bonus abuse attempts.
Email Intelligence is a discrete solution offering simple but effective protection against promotion abusers. This passive identity check can be set to occur silently in the background when players sign up for your iGaming service.
An email address is a unique identifier that is always present in onboarding data. As most of us have held the same email address for over a decade, this identity attribute offers a rich source of transactional and behavioural history that can help beat bonus abuse and stop fraud.
Check to ensure the domain and email address are real and are not associated with a high-risk country or with previous promotion abuse or fraud activity.
Check when an email address first appeared in verification searches. If there is no record or only very recent activity returning, it’s a strong indicator of a scam.
High-velocity email data submissions are a sure sign that someone is trying to cheat the system. If an email address appears in many searches on several sites in the last seven days it’s a clear fraud signal.
Some of these bonus abuse signals can be hard or costly to spot requiring a lot of time to set up, run and analyse checks.
Mobile Intelligence allows casino or iGaming operators to flag possible fraud in real time using secure mobile operator data, by integrating simple API-based data signals into player onboarding and in-life gaming journeys:
Check registered mobile numbers are valid and active, not spoofed from a VOIP service, cancelled, lost, stolen or in any way compromised.
Match registered mobile numbers with a real customer name and address preventing the same number from being used multiple times.
Check registered mobile numbers have not been taken over. Signs that the SIM card associated has been swapped or call forwarding set (allowing SMS or voice OTPs to be intercepted) are both flags.
Enable secure two-factor authentication ensuring that the registered mobile device is in the hands of your customer when a new account is created, or bonuses cashed in.
Make sure your free spins don’t cost your iGaming business a fortune, speak to our trust experts about how GBG Trust, Email Intelligence and Mobile Intelligence can help your business beat bonus abuse.
Bonus or promotion abuse is a type of application fraud that involves fraudulently signing up to a service multiple times to take advantage of marketing offers that are intended to benefit new users.
The GBG Trust Network is a unique data network combining millions of consumer attributes gathered from a cross-sectoral consortium of hundreds of global businesses. The presence of positive data matches or suspicious anomalies in the network reveals powerful trust insights while preserving complete data privacy.
Email Intelligence prevents application fraud and promotion abuse by passively checking the transactional and behavioural history of an email address for signs of high-risk domains, past scams and other fraud signals.
Mobile Intelligence silently authenticates your customer's digital identity by matching the individual to their mobile device and delivering the extra confidence that you are dealing with a real identity and a legitimate customer.
Hear from us when we launch new research, guides and reports.