top of page
  • Flexi Group

How to protect gamblers' personal information

Legal sports betting and igaming have rapidly gained popularity. However, obstacles have emerged in the areas of intellectual property, data protection, and security. Russell Karp of DataArt explains how sportsbooks may overcome these obstacles by managing and securing their data.

Today, data gathering, reporting, and security are more important than ever. These concerns frequently intersect with compliance inside and between jurisdictions. With a mountain of data to manage, operators must exert more effort to ensure the security of bettor data on sportsbook platforms and mobile apps. Consequently, how can a sportsbook handle and secure data?

Data Management

Three of the most prevalent data management obstacles for sportsbooks are:

  • Due to formatting and support concerns, the inability to load large volumes of transactional data from gaming machines to legacy systems. It is challenging to manage and analyse transactional data due to the siloed nature of many legacy systems and their poor interoperability with new technologies.

  • Verifying the vast quantity of sports data feeds and offering real-time betting odds, results, and settlements from multiple sources makes data management challenging.

  • The availability of dependable, accessible data based on official sports league data as opposed to unauthorised versions.

To address the first two concerns, you must analyse your data architecture and, if necessary, develop a cloud strategy.

How data is gathered, processed, and utilised lies at the nexus of business and technology, and gives various internal consumers (including AI) with the knowledge they require to fulfil their individual objectives. This encompasses the full information supply chain, including marketing, sales, and customer service.

Migrating data to the cloud increases capacity and scalability, hence decreasing potential downtime caused by cloud infrastructure measures such as redundancy.

Importantly, it scales readily when the influx of new users or bets could possibly cause a performance bottleneck, especially during important athletic events. All the biggest US operators, including FanDuel, DraftKings, and Penn's Barstool App, encountered technological troubles during the 2021 Super Bowl, resulting in lost revenue. During the event, MGM's Nevada app was unable to accept any online wagers.

The final obstacle, official vs unofficial data, is somewhat more difficult. The majority of sports betting companies are not required to use a particular data source, although leagues and clubs claim ownership of their respective sports data and deem it "official" with the objective of selling data or charging integrity and rights fees.

While professional sports leagues seek money from offshore sportsbooks for access to their real-time official statistics data, offshore sportsbooks continue to operate freely. In addition, unethical organisations inside the ecosystem have devised techniques to scrape or steal data from vendors that have spent millions to work with U.S. and international sports leagues. This six-to-eight second wait on offshore sportsbooks is not a latency issue, but rather a delay caused by the usage of pirated data.

Data Protection

Due to the information operators retain, the gaming business is particularly susceptible to cyberattacks. The 2014 Las Vegas Sands Corporation cyberattack, in which attackers acquired credit card information, driver's licence information, and Social Security numbers, is one of the most important data security incidents to damage the industry.

In 2020, SBTech-powered websites were offline for more than 72 hours due to ransomware threats against crucial systems. Fortunately, no client information was exposed, but the company lost at least 72 hours of gaming revenue. This is a possibility for all sportsbooks, regardless of size.

Typically, data security weaknesses lead to hacks where sensitive information is obtained and exploited for a variety of criminal actions (fake identities are at the top of the list), with bonus abuse being one of the most prevalent violations.

Welcome bonus abuse is a prevalent form of bonus abuse in which a single user receives many new player bonuses. According to a recent analysis by Arkose Labs, gaming companies reported a rise of 85 percent in false account registrations in the first quarter of 2022. Bonus misuse is unquestionably a problem that may be amplified when groups of individuals or organised crime utilise VPNs to assume phoney identities and modify their location in order to commit large-scale fraud.

Each member of the ecosystem, including sportsbooks, teams, leagues, and the government, is responsible for maintaining the integrity of sports betting. When collecting, processing, exchanging, and maintaining data, sports betting businesses must abide by state, federal, international, and tribal-state legislation. Follow these important data privacy principles: inform, consent, good data retention policies, and data security, for the simplest approach.

Just as tough as absorbing shared data could be securing and sending it. Multiple partners that rely on one another to securely convey secret information create complications.

“The individual sportsbooks do not want their wagers shared necessarily back. So, there is certainly some sensitivities to all that,” Matthew Holt, CEO of US Integrity, recently told DataArt. There has to be trust between partners and an agreed upon method of security levels that will satisfy all parties involved.

In order to maintain a fair and secure environment for partners and bettors, proven technological solutions are a crucial component of the puzzle. Although open-source solutions are cost-effective, they may contain major security flaws such as malware injections, Denial-of-Service (DDoS) assaults, and even data breaches. During a 24-hour outage, the infamous DDoS attack on William Hill in 2016 cost the operator about £4.4 million. In June 2022, a fifth of all online sportsbooks experienced DDoS attacks, according to research. Obviously, this is a concerning statistic with the potential to deteriorate.

Operators of sports betting must adopt security as a fundamental culture value, continuously cultivate security awareness, and evolve security procedures as their businesses expand.


“Compliance is key because there’s such a rapid pace at which new regulations are growing and continue to be a focus for sports betting operators. Getting launched in a sports betting market takes an army[…] to meet the regulatory requirements from licensing to product, to your internal controls and documentation, and everything that goes on behind the scenes,” says Eric Frank, Chief Executive Officer and co-founder of Odds On Compliance.

If you are a current operator or intend to become one, you must comprehend the regulatory obstacles in your jurisdiction and incorporate compliance procedures into your business plan. It is difficult to navigate the websites of multiple agencies, yet you must remain up-to-date on the most recent legislation or risk incurring a hefty fine. For instance, Nevada gambling regulators recently punished William Hill for regulatory violations that affected tens of thousands of customers.

Therefore, how will technology simplify and provide efficiencies to this laborious task? Odds On Compliance and other platforms on the market focus on accumulating, organising, and presenting this data by domestic and international jurisdictions in a consumable format. The platform must also have robust search, bookmarking, and exporting options.


Behind the vast ecosystem of online betting, which includes sportsbooks, suppliers, operators, regulators, partners, and leagues, there is a wonderful chance to harness the latest technologies in order to instil user confidence in the security of their data. Using the appropriate technology can assist in resolving data management, security, and compliance challenges while fostering a trustworthy user experience for players.


123 views0 comments


bottom of page