Gaming Site Payment Options Suggest a Simple Standard for Digital Retail Security


Concerns about growing cyberattacks have been ever-present for quite some time now. In light of the events of the last year though, that concern is higher than usual. Data toward the end of last year indicated rising cyberattacks as a consequence of the fact that many more people are working from home. Accordingly, there has been a lot of talk about how companies should be working to help remote employees work more securely (and protect business assets as well).

The issue of handling intensifying cyberattacks in work-from-home environments is an important one without a doubt. There may be even more significant implications when it comes to cyberattacks in the retail space, however. On this subject, we ran a piece by a VMware Carbon Black senior cybersecurity strategist discussing the rise of a practice known as e-skimming. This is a type of attack in which the cybercriminal “injects JavaScript into payment processing pages on retailers’ sites,” so as to invisibly steal customers’ credit card information as it is plugged in. The rise of e-skimming is a problematic development, and one made all the worse by the fact that the same conditions leading more people to work remotely have massively tilted retail toward digital methods.

The aforementioned piece describing the rise of e-skimming attacks also suggested a number of different measures online retailers can take to increase vigilance and keeping their customers safe. Another possible solution however is for online retailers to consider expanding the range of digital payment options they accept. This is actually an idea — and a simple one, all things considered — that comes from real-money online gaming sites.

In the case of these gaming sites, the use of a wide range of payment options is meant in part to cater to the same variety of gamers that the sites’ actual content attracts. In today’s online gaming environments, selection is the name of the game, and an incredibly wide array of gaming styles and themes are used to grab the attention of as many prospective gamers as possible. The games on Gala Bingo provide the clearest picture of this strategy. One glance at the selection shows you a range of individual games from the classic “Blazin’ Hot 7s” (a traditional slot), to “Gonzo’s Quest” and “Hoard Of Poseidon” (new-age games revolving around character animations), to titles based on popular games like “Monopoly” and “Tetris.” And these examples only just scratch the surface.

The reason we’re pointing this out is that each one of those games speaks to a different audience, ultimately helping the platform to attract attention from a sprawling community of players. And this is where payment comes into play: Those in charge of the sites are aware that with so many different players, there will be different preferences when it comes to depositing and withdrawing funds. So, to cater to as many gamers as possible, sites like these go well beyond the typical online retail platform in terms of payment option variety. Gala Bingo, for instance, accepts transactions with Skrill, Skrill 1-Tap, PayPal, PaySafe Card, Trustly, Apple Pay, and more — whereas most online retail platforms might accept one or two of these at most, alongside direct credit card processing.

As readers will likely know, these kinds of processors are not entirely invulnerable to security issues. If that were the case, we’d have solved cybercrime, at least where the direct lifting of financial information is concerned. However, gaming sites tend to do quite well in this regard, and there is something to be said for these processors guarding against now-common forms of cybercrime such as e-skimming. As a CNBC piece on financial protection put it, in the simplest of terms, online retailers never actually see financial information when using third-party processors. Instead, a service like PayPal “sends a token” indicating payment was made, and the user has effectively paid or deposited money to the site in question. There is thus no information plugged in for a cybercriminal to “skim.”

This does not mean that retail sites don’t need to be vigilant in other areas. But they can learn something from online gaming sites that, for their own reasons, pack in the payment options. By providing a similar variety of third-party processor options, retail sites could incentivize more shoppers to pay through these services rather than direct credit card payments. This would protect all involved.




AUTHOR BIO: Andrew Tucker is a freelance writer, blog contributor, and part-time graduate student woking out of the New York area. His writing primarily concerns with technology, business, and e-commerce.