Feeds

Betting sites balance fraudster nab and customer loss

Tricky job? You bet

High performance access to file storage

Speakers at the conference conceded that gaming firms needed to improve their security, but a major underlying theme was how this might put off customers.

During a panel discussion on integrity Bring said he thought good security could give customers confidence in a site and a competitive advantage, but “we're all being judged in the same way - the industry needs to be a lot more serious about ensuring they have the best technology and best people in place”.

The panel agreed that customers were mainly looking for the best bonuses, and could then be surprised they were having problems getting money out of less reputable sites.

Oliver Eckel, head of corporate security at Bwin, said his firm was playing around with the idea of having various levels of security, with the lowest being a simple login and password and the customer “happy in having a lot of risk”, then going towards using the idea of using tokens like World of Warcraft. “That's something the industry should be moving towards,” he said.

All panel members were resigned to being unable to stop all fraud, and Eckel felt he didn't need perfect security - “it just needs to be better than my competitors'. There needs to be enough of a deterrent to make sure it's not very cost-effective for criminals.”

Ahead of the conference Visa had been showing off its dynamic password technology to the industry. Then on the risk panel Phil D'Angio, director of business development at security business VeriSign thought it “really silly” that the businesses were making a lot of effort in checking who was trying to access their sites, then issuing “the weakest credentials possible – the user ID and password combination.”

“I don't see the point. You have something out there that's fairly convenient, and quite a bit stronger. Taking security up a notch seems the practical thing to do.”

Luckett was not keen, as any increase in security deters his customers - some of whom want to place bets minutes before events start.

“On our side of the fence, anything that makes it harder for customers to log means there is more chance of losing them. Yes you're insecure, but until everyone does it – who wants to be the first? We don't.

“Anything you type into a keyboard is going to be logged by a key logger – if you've got ten layers of security, the key logger will log them all. You might as well use user name and password and let your users get in nice and easy.”

But who else gets in nice and easy? ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
OpenSSL Heartbleed: Bloody nose for open-source bleeding hearts
Bloke behind the cockup says not enough people are helping crucial crypto project
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Bad PUPPY: Undead Windows XP deposits fresh scamware on lawn
Installing random interwebs shiz will bork your zombie box
Experian subsidiary faces MEGA-PROBE for 'selling consumer data to fraudster'
US attorneys general roll up sleeves, snap on gloves
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.