Page 38 - GS180301
P. 38
Education
mate game sites can look exactly like the sites they're
spoofing. Typically, the URL for a spoof site is only
one letter different from the actual site, for example,
www.online-gamet-net.com versus www.online-gamer-
net.com. When unsuspecting players mistype the
web address, they arrive at what looks like their
intended destination. Their login credentials get
collected and are used to steal their account on the
actual site.
• Bots: Fraudsters will refer "new players" that are
actually bots using synthetic IDs and stolen credit
card accounts. With each referral, a fraudster earns
a reward to either turn directly into cash or boost
Foiling fraud in the value of the account so it can be sold on the Dark
Web. One fraudster using this technique can gener-
online gaming ate hundreds of referrals with minimal work. An en-
tire, coordinated criminal gang deploying multiple
bots can dramatically accelerate the damage.
By Don Bush Fighting fraud does more than combat financial losses; it
Kount Inc. helps keep game playing legitimate so customers will re-
turn. Players who experience bots or fraudulent accounts
nline gaming has risen in popularity over the won't want to come back and continue to lose. So what can
last few years. Revenue clocked in at $108.9 bil- businesses do to protect themselves and their loyal custom-
lion in 2017, and the compound annual growth ers? First, they should use a fraud prevention system that
O rate was 6.2 percent, according to market intel- employs artificial intelligence (AI) and balanced machine
ligence company Newzoo. With this, however, come crimi- learning, along with multiple screening technologies and
nals attempting to leverage the high-growth space for transaction data. A comprehensive system should be able
illegal gain. to collect and analyze hundreds of discrete data points as-
sociated with every transaction.
Fraudsters infiltrate the online gaming world in many
ways, including: Fraud fighting practices to incorporate include:
• Small-ticket orders and card testing: Transac- 1. Advanced AI and machine learning: AI and ma-
tions for online game companies are typically low chine learning technology have virtually unlimited
in value and often take place within game play. computing and memory capacity that enable them to
Also, these orders must be approved or declined spot patterns in big data undetectable to humans and
in real-time to avoid interrupting the game's flow. predict emerging fraud threats in low-information sce-
That presents a different set of challenges compared narios, such as first-time fraud. However, it's important
to physical goods merchants who can take time to to note that AI and machine learning by themselves are
manually review big-ticket transactions before ship- not as powerful or precise as when they are comple-
ping products. The nominal amounts typically in- mented by a rules-based system for maximum control
volved in online game transactions make these sites and transparency.
prime targets for card testing.
2. Biometrics: Behavioral biometric technology can
• Account takeover and synthetic IDs: A significant verify and confirm users' identities by monitoring how
percentage of fraudsters are also gamers. For them, they naturally interact with their devices ‒ through
fraud is an economic activity, as well as a form of mouse movements, keystroke dynamics and other be-
competition. Once hackers find a successful fraud haviors ‒ delivering instant identity verification.
technique or tactic on one site, they use that knowl-
edge at other sites. Games featuring game currency 3. Multiple, advanced screening: A single tool can be
or points within game play are the prime targets for easily defeated. It's essential to employ multiple tech-
account takeover activity. nologies that screen multiple dimensions of every
transaction and analyze massive amounts of data.
• Spoof sites: Spoof sites are closely linked with ac-
count takeover fraud, providing stolen user data 4. Account registration: Information required for ac-
that fuels account takeovers. Fraudulent spoof sites count registration increases the amount of data avail-
with cascading style sheet code stolen from legiti-
38
