To add security to online sportsbook sites, the New Jersey Division of Gaming Enforcement (NJDGE) is requiring two-factor or multi-factor authentication (2FA) for access to sites for betting. The guidelines were issued in March.
The extra steps are expected to stop hackers from getting their mitts onto sportsbook accounts, according to Legal Sports Report.
“The vast majority of the public’s login information is out there for the right price,” said Tom Hill, head of sports betting and iGaming at identity firm Prove. “Or you can pull it together if you know where to look. This is about keeping existing accounts secured.”
Among login options:
- A request for a password, pattern, or answers to challenge questions;
- A request for an item possessed by a patron such as an electronic token, physical token, or an identification card. This is reserved only for the largest transactions, Hill said;
- A request for biometric data, such as fingerprints, facial or voice recognition.
“The challenge for operators is to find the perfect balance,” Hill said. “How do they provide security without added friction?”
Bettors will also have to authenticate every two weeks.
FanDuel and DraftKings already perform 2FA. The rest will be ready, Hill said. Hill also noted that operators tend to be innovative in their thinking about 2FA. He believes other states will do likewise.
“I’d give them and the ecosystem a lot of credit in solving this,” Hill said. “Other industries have legacy systems and blockades to the right solutions. But in the sports betting and gaming space, it’s refreshing to see them moving the ball forward and providing the best experience for the players. It is a juxtaposition to other sectors we work with like banks, healthcare, retail.”