Radar

Active competitor

Retail-origin location platform pushing into iGaming via IC360 + DraftKings DFS NJ migration. Eight weeks of repeated spoofing failures.

radar.commaxim.mosinVerified yesterday

Compare

USCanadaEUGlobalDFSSweepstakesSportsbook (NJ DFS)RetailMobility#dev-first#ic360-geo360#mau-pricing#retail-origin#draftkings-dfs-nj#client-side-decisioning

Detection scorecard

How Radar handles every spoofing technique we test for. Click any cell for findings.

Full matrix →

• Detected
• Partial
• Missed
• Not tested

Competitor	VPN	Proxy	Remote access	Fake GPS app	GPS spoofer	Emulator	Device farm	Jailbreak / Root	Resigned / tampered app	Sideload (PlayCover)	Browser extension	MITM / replay	Tor
Radar

Strongest findings

Failed and partial test outcomes ranked for sales impact — what to lean on in a call.

• MISSED★ Pinned

  Radar / FanDuel WV: three exploitation methods bypass restrictions from Tennessee

  Confirmed compliance vulnerabilities at FanDuel WV: users can bypass geographical restrictions from Tennessee via iOS app resigning, virtualised environment emulation via VMOS, and sideloading via PlayCover on ARM-based macOS. Each technique successfully facilitated out-of-state betting.

  RadarFanDuel

  Resigned / tampered appDevice farm

  2d ago
• INFO★ Pinned

  DraftKings DFS NJ migrated from GeoComply to Radar (web only)

  Confirmed provider transition: DraftKings has moved its New Jersey DFS web product from GeoComply to Radar. Sportsbook and mobile apps stay on GeoComply. Dual-vendor compliance testing underway.

  RadarDraftKings

  DisplacementCompliance

  2d ago
• MISSED★ Pinned

  Radar / Saracen AR: 100m from border — Mac 44% pass rate, Windows persistent lockout

  Saracen AR proximity testing: success rates remained high beyond 350m from the state line, but at 100m Mac devices only cleared 44% of verifications. Windows users experienced a persistent lockout after a single failure, complicated by an atypical 'fraud_jumped_single_device' flag during betting attempts.

  RadarBetSaracen

  Near borderUX / messaging

  1w ago
• MISSED★ Pinned

  Radar / Underdog DFS: Chrome extension (Location Guard) undetected

  Underdog DFS browser-based Radar deployment: location-spoofing via the free Location Guard Chrome extension was not detected. Free, no technical skill required.

  RadarUnderdog Fantasy

  Browser extensionCompliance

  2w ago
• MISSED★ Pinned

  Radar: jailbroken root-hidden iOS not detected at Sleeper, PrizePicks, Fliff

  Three operators, one structural gap: jailbroken root-hidden iOS devices bypass geolocation controls on Sleeper Sports, PrizePicks, and Fliff. Users can wager from prohibited locations without detection.

  RadarSleeper

  Jailbreak / Root

  1mo ago
• MISSED★ Pinned

  Radar / FanDuel WV: tampered iOS app placed bets from Tennessee

  Resigned iOS FanDuel app — modified to bypass security controls — successfully placed bets from TN on the WV platform. Radar failed to detect the modification.

  RadarFanDuel

  Resigned / tampered appCompliance

  1mo ago

All findings

Test results and intel tagged to Radar.

Operator

Threat

• DisplacementComplianceDraftKings2d agoDraftKings DFS NJ migrated from GeoComply to Radar (web only)Confirmed provider transition: DraftKings has moved its New Jersey DFS web product from GeoComply to Radar. Sportsbook and mobile apps stay on GeoComply. Dual-vendor compliance testing underway.
• Resigned / tampered appDevice farmSideload (PlayCover)FanDuel2d agoRadar / FanDuel WV: three exploitation methods bypass restrictions from TennesseeConfirmed compliance vulnerabilities at FanDuel WV: users can bypass geographical restrictions from Tennessee via iOS app resigning, virtualised environment emulation via VMOS, and sideloading via PlayCover on ARM-based macOS. Each technique successfully facilitated out-of-state betting.
• Near borderUX / messagingBetSaracen1w agoRadar / Saracen AR: 100m from border — Mac 44% pass rate, Windows persistent lockoutSaracen AR proximity testing: success rates remained high beyond 350m from the state line, but at 100m Mac devices only cleared 44% of verifications. Windows users experienced a persistent lockout after a single failure, complicated by an atypical 'fraud_jumped_single_device' flag during betting attempts.
• Browser extensionComplianceUnderdog Fantasy2w agoRadar / Underdog DFS: Chrome extension (Location Guard) undetectedUnderdog DFS browser-based Radar deployment: location-spoofing via the free Location Guard Chrome extension was not detected. Free, no technical skill required.
• Jailbreak / RootSleeperPrizePicks1mo agoRadar: jailbroken root-hidden iOS not detected at Sleeper, PrizePicks, FliffThree operators, one structural gap: jailbroken root-hidden iOS devices bypass geolocation controls on Sleeper Sports, PrizePicks, and Fliff. Users can wager from prohibited locations without detection.
• Resigned / tampered appComplianceFanDuel1mo agoRadar / FanDuel WV: tampered iOS app placed bets from TennesseeResigned iOS FanDuel app — modified to bypass security controls — successfully placed bets from TN on the WV platform. Radar failed to detect the modification.
• GPS spooferFanDuel2mo agoRadar / FanDuel WV bypassed by GPS simulator device from VietnamFD WV testing: location verification was bypassed using a GPS simulator device, with the tester apparently located in Vietnam. Radar accepted the spoofed coordinates.
• Sideload (PlayCover)bet365Fanatics Sportsbook2d agoCross-operator: iOS PlayCover sideloading blocked at Bet365 MI, Fanatics TN, Bet Saracen AR ✓Desktop-based emulation of iOS applications via PlayCover is successfully restricted across all three tested operators. Bet365 and Fanatics neutralized the vector during authentication; Bet Saracen identified the unauthorized environment at the betting stage.
• Device farmBetSaracen2d agoRadar / Bet Saracen AR: VMOS not detected — but PlayCover + resigned iOS blocked ✓Radar was unable to identify virtualized device simulation through VMOS, which permitted a successful out-of-state bet from Tennessee. However, Radar correctly detected and restricted sideloading via PlayCover and the use of resigned iOS apps during the betting process.
• Remote accessBetSaracen1w agoRadar / Saracen AR: AnyDesk + TeamViewer correctly restrictedSaracen AR Radar deployment: active sessions via AnyDesk and TeamViewer were effectively restricted. A rare positive Radar result — worth recording for parity.
• Remote accessUX / messagingBetSaracen1w agoRadar / Saracen AR: pre-loaded Windows 'Remote Screen Sharing' silently blocks accountsThe pre-loaded Windows Remote Desktop Connection app ('Remote Screen Sharing') triggers account restrictions without notifying the user. Significant risk for support teams — high ticket volumes and player dissatisfaction with no clear resolution path.
• SDK releaseCompliance2w agoRadar v3.31.0 (Apr 24, 2026): SDK generates geofence events offline, without serverNotable Radar SDK release: when the backend is unreachable, the SDK generates geofence entry/exit events directly on the device from cached data, tagged as offline. Backend-toggled. Watch point: does this satisfy regulatory requirements?
• UX / messagingBetSaracen4w agoRadar desktop UX issues: auto-launch, hotspot incompatibility, 4% CPU pulses, macOS/Chrome compat gapsApril 14 testing surfaced five distinct desktop UX problems on Radar Verify: persistent install download prompts, auto-launch on system startup without consent, 4% CPU spikes every 10s at 600m from the border, mobile-hotspot incompatibility, and inconsistent behaviour across macOS 26.0.1 vs 26.3.1 and Chrome 146 vs 147.
• Near borderBetSaracen4w agoRadar near-border: validation fails until 100m (iOS) and 220m (Android) from OK lineProximity Constraints — validation unsuccessful until reaching 100m (iOS) / 220m (Android) from the OK state line. Static desktop verification failed at 1,750m from the border via public Wi-Fi (Mac/Windows). Success threshold remains undetermined.
• SDK release4w agoRadar SDK release analysis: shifting from 'where is the user?' to 'can we continuously trust this location?'Radar release cadence: every 3 weeks to a couple of months. Strategic direction: continuous-trust location decisioning via IP-triggered re-validation, multi-signal decisioning (motion/device/network alongside GPS), indoor/floor-level accuracy with BLE beacons, and a modular plugin-based fraud architecture.
• Partnershipbet3651mo agoBet365 confirmed dual-stack: XPoint web + Radar mobileConfirmed in the April 7 weekly research: Bet365 runs XPoint on the web and Radar on mobile. Even the flagship XPoint reference is split across two geo providers.
• Resigned / tampered appBetSaracen1mo agoRadar / Saracen AR: resigned iOS app detected with clear error messaging ✓Saracen AR testing confirmed Radar flagged a resigned iOS app with appropriate error messaging, preventing betting activity while ensuring the account was not blocked. This contradicts our FD WV result. Follow-up validation scheduled pending the next iOS app release.
• Device farmFanDuel1mo agoRadar / FanDuel WV: VMOS not detected on second attempt — regression vs Mar 31VMOS emulator usage not detected on the second attempt. Allowed bets from TN on the WV app. Contradicts the March 31 success — the detector is either regressed or flaky.
• ProxyFanDuel1mo agoRadar / FanDuel WV: proxy betting allowed — system just asks user to 'wait additional time'Radar is allowing proxy betting and just asks the user to wait some additional time if someone else used the account in another location. Reactive enforcement with misleading 'account sharing' messaging.
• Device farmFanDuel1mo agoRadar / FanDuel WV: VMOS Android device-farm successfully detected ✓Device Farm / VMOS (Android) — Radar successfully identified the virtual OS environment used to manipulate device integrity. Follow-up validation scheduled pending the next Android app release.

Battle card

Talking points for a live sales call.

Radar is a retail-origin location platform (founded 2016) that entered iGaming geo-compliance in 2024. The wedge is MAU-based pricing (claimed 50–75% savings vs GeoComply), open-source SDKs on GitHub, aggressive comparison-page marketing ('best Xpoint / OpenBet / GeoComply alternative?'), and a white-label distribution channel through IC360's Geo360. The SDK release cadence (every 3 weeks–couple of months) is shifting from "where is the user" to "can we continuously trust this location" — IP-triggered re-validation, multi-signal decisioning, indoor / floor-level accuracy, BLE beacons, and a modular fraud architecture (v3.31.0, April 2026, even adds offline, server-disconnected geofence-event generation). **As of May 2026, DraftKings has moved its New Jersey DFS web product from GeoComply to Radar** — the Sportsbook and mobile apps stay on GeoComply, and testing is underway on whether dual-vendor introduces compliance gaps.

Watch out for

• DraftKings DFS NJ (web) migrated to Radar (May 2026) — first major US live-traffic win.
• Bet365 mobile uses Radar (confirmed April 2026) — XPoint web + Radar mobile dual stack.
• MAU pricing — restructures the buyer's compliance-cost math at high volume.
• Open-source SDKs (GitHub) and aggressive search-page marketing ('best <competitor> alternative').
• Self-serve onboarding: signup → API key in <2 min, sandbox auto-provisioned.
• Broadest SDK coverage among challengers: iOS, Android, Web, React Native, Flutter, Capacitor, MAUI, Cordova.
• IC360 / Geo360 white-label gives indirect access to operators we don't see directly.
• Released v3.31.0 (Apr 24, 2026): offline geolocation event generation, mid-outage geofence tracking, modular fraud architecture.
• AnyDesk + TeamViewer detection confirmed at Saracen AR (May 5) — one of the few positive Radar results we have.
• iOS PlayCover sideloading detected at Bet365 MI, Fanatics TN, and Bet Saracen AR (May 11).
• Resigned iOS app detected at Bet Saracen AR + Fanatics TN (May 11) — contradicts the earlier FD WV failure.

How we win

• Rooted Android with hidden root (Magisk) NOT detected — confirmed at FanDuel WV (Mar 24, Mar 31, Apr 7) and Saracen AR (Apr 7). Allowed illegal cross-state bets from Tennessee.
• Resigned iOS app NOT detected at FanDuel WV — bets placed from TN with a tampered build (Mar 31). Inconsistent with Saracen AR detection on Apr 7.
• GPS simulator device bypassed FanDuel WV from Vietnam (Mar 24).
• VMOS device-farm detection is flaky — undetected at FanDuel WV on second attempt (Apr 7), then failed at Bet Saracen AR (May 11), but successfully detected at FD WV pending Android release (Mar 31).
• Jailbroken root-hidden iOS NOT detected at Sleeper Sports, PrizePicks, Fliff (Apr 7) — three operators, one structural gap.
• PlayCover on ARM macOS bypassed FanDuel WV (May 11) even though it was blocked at Bet365 MI, Fanatics TN, and Saracen AR.
• Chrome browser extension (Location Guard) NOT detected at Underdog DFS (Apr 28) — undetected spoofing via a free browser plugin.
• Border crossing: 1-minute grace period after entering a restricted zone at Underdog DFS (Apr 28).
• Reactive state-selector logic at FanDuel WV — TN user initially verified on WV platform; misleading 'account sharing' error instead of regulatory message (Mar 31).
• Proxy betting allowed at Radar — just asks the user to 'wait additional time' (Mar 31).
• OK-border proximity: validation fails until 100m (iOS) / 220m (Android) from the line (Apr 14).
• Static desktop verification failed at 1,750m from the OK border via public Wi-Fi (Apr 14). Threshold undetermined.
• Mobile-hotspot incompatibility on Mac/Windows desktop (Apr 14).
• Auto-launch on system startup without consent (Mac + Windows, Apr 14).
• Mac 44% pass rate at 100m from the AR border; Windows users hit persistent lockout after a single failure with an atypical 'fraud_jumped_single_device' flag (May 5).
• Pre-loaded Windows 'Remote Screen Sharing' triggers silent account restriction — false-positive RDP flag (May 5).
• Radar Verify desktop app is Chrome-incompatible on Mac + Windows (Mar 24). Inconsistent across macOS 26.0.1 vs 26.3.1 and Chrome 146 vs 147 (Apr 14).
• Generic BetSaracen 'account security' alerts post-GeoComply switch — no diagnostic data for end users (Apr 14, Apr 28).
• Device-counting logic flaw at Underdog DFS: every login recorded as a new device; breaks multi-account detection (Apr 28).
• Open-source unobfuscated SDK with client-side compliance decisioning and GPS injection methods in the public API (May 5 monthly brief).
• Publishable API key baked into app at build time — potential replay-attack surface (Mar 31).

Capability claims

What they say they do, grouped by category. Cross-check against the detection scorecard above — claims and tests don't always match.

Geolocation

How accurately and reliably the product determines a user's real location.

• GPS / OS locationUses native device GPS or OS-level location services.
  ● Yesverified

  • radar.com
• Wi-Fi triangulation
  ● Yesinferredstale
• IP geolocation
  ● Yesverifiedstale

  • radar.com
• IP-change detectionContinuously monitors IP and re-runs geolocation on Wi-Fi ↔ cellular or VPN swap (GeoComply MyIP equivalent).
  ◐ Partialverified

  v3.x adds IP-triggered re-validation per Radar SDK release analysis; depth in regulated contexts unverified.

• Boundary / state-lineHandles users moving across regulated boundaries during an active session.
  ◐ Partialverified

  Underdog DFS: ~1 minute grace period after entering a restricted zone before Radar intervenes — regulatory risk.

• Near-border accuracyMulti-point aggregation + buffer-zone handling near regulated borders; measured as pass rate at 250m.
  ○ Noverified

  Saracen AR: Mac 44% at 100m; Windows persistent lockout after single failure with 'fraud_jumped_single_device' flag. No successful bet within 1km of AR border on Win+hotspot (Mar 24). OK border: validation fails until 100m iOS / 220m Android (Apr 14).

• Pre-login pre-check
  ◐ Partialinferredstale

  trackVerified() returns signed JWT with passed boolean and failureReasons[].

• Multi-jurisdictionSingle integration handling operators in multiple regulated states (GeoComply Multipass / Dynamic Boundaries equivalent).
  ○ Noverified

  FanDuel WV: reactive state selector — TN user initially verified on WV platform. No Multipass / Dynamic Boundaries equivalent.

• Desktop plugin (PLC-class)Native desktop client / plugin required by PA, NJ, MS and most US iGaming regulators.
  ◐ Partialverified

  Radar Verify exists but is Chrome-incompatible (Mac+Win), auto-launches without consent on startup, and breaks across macOS / Chrome point releases.

• On-property BLE geofenceBluetooth Low Energy precision geofencing for tribal / on-property venues (PinPoint-class).
  ◐ Partialverifiedstale

  Roadmap signal: floor-level accuracy + BLE beacons added in v3.x — not yet a regulated-iGaming product.

Anti-spoofing detection

Detection coverage for the spoof vectors tested by the Competitive Intelligence team. Cell values reflect SDK-level detection of the listed vector at the most recently tested operator.

• VPN exit nodesDetects commercial VPN exit nodes (NordVPN, ExpressVPN, Surfshark, etc.).
  ◐ Partialverified

  Enterprise Fraud module only; not on standard plan. Bet365 TN replay-attack passed (May 11).

• Proxy / residentialDetects datacenter and residential proxies — the harder class of IP obfuscation.
  ○ Noverified

  Radar allows proxy betting and just asks the user to 'wait additional time' if another login was seen from a different location.

• Tor exits
  · Unknownrumorstale
• Remote desktop (RDP)Detects AnyDesk, TeamViewer, FaceTime, Assistant, HopToDesk, iPhone screen mirroring, RustDesk and similar remote-control sessions.
  ◐ Partialverified

  AnyDesk + TeamViewer correctly restricted at Saracen AR; pre-loaded Windows 'Remote Screen Sharing' fires false-positive silent account block.

• Fake-location appsDetects iAnyGo / Fake GPS / mock-location apps on iOS and Android.
  ◐ Partialverified
• Hardware GPS spooferDetects HackRF / BladeRF and GPS-simulator-device signal injection.
  ○ Noverified

  GPS simulator device bypassed FanDuel WV from Vietnam.

• Emulator / VMDetects Xcode iOS Simulator, BlueStacks, Genymotion and similar virtual environments.
  · Unknownrumorstale
• Device farm / VMOSDetects VMOS / virtualized Android device-farm environments used for multi-accounting.
  ◐ Partialverified

  VMOS detected once at FD WV (Mar 31) then UNDETECTED on second attempt (Apr 7) and UNDETECTED at Bet Saracen AR (May 11). Inconsistent.

• Jailbreak / rootDetects jailbroken iOS, rooted Android (incl. Magisk hidden root), and Frida / runtime-hook tampering.
  ○ Noverified

  Rooted Android (hidden root / Magisk) NOT detected at FD WV + Saracen AR. Jailbroken root-hidden iOS NOT detected at Sleeper, PrizePicks, Fliff.

• Resigned / tampered appDetects iOS apps that have been re-signed / Android apps that have been repackaged with injected code.
  ◐ Partialverified

  FD WV iOS resigned app NOT detected (Mar 31). Bet Saracen AR + Fanatics TN resigned iOS DETECTED (May 11). Inconsistent across operators.

• Sideload (PlayCover)Detects ARM-macOS iOS sideloading via PlayCover and equivalent hardware-abstraction loaders.
  ◐ Partialverified

  PlayCover ARM-macOS BLOCKED at Bet365 MI, Fanatics TN, Saracen AR; BYPASSED at FD WV.

• Browser extension spoofDetects Chrome / browser extensions that spoof location (Location Guard, Hola, etc.).
  ○ Noverified

  Underdog DFS: Chrome extension (Location Guard) NOT detected — undetected spoofing via a free extension.

• Session terminationTerminates session when location services are disabled mid-game or device leaves the jurisdiction.
  ◐ Partialinferredstale

  startTrackingVerified(interval) caches token; expiresAt shorter near borders.

• MITM / replay attackResists network-level interception, request tampering, and replay attacks against the SDK ↔ backend channel.
  ● Yesverified

  Bet365 TN replay-attack test: network-level attacks fully blocked. Minor visibility gap in verification flow but not exploitable in practice.

Identity & KYC

Document verification, biometric liveness, sanctions screening.

• Document scan / OCR
  ○ Noverifiedstale
• Biometric liveness
  ○ Noverifiedstale
• Sanctions / PEP
  ○ Noverifiedstale
• AML / responsible gaming
  · Unknowninferredstale
• Reusable identity
  · Unknowninferredstale

Platform coverage

Which surfaces the SDK / product runs on.

• iOS native
  ● Yesverified
• Android native
  ● Yesverified
• Web / browser
  ● Yesverified
• React Native
  ● Yesverifiedstale
• Flutter
  ● Yesverifiedstale
• Unity
  · Unknowninferredstale
• .NET / desktop
  ◐ Partialverifiedstale

  Verify app exists; MAUI bindings unclear; macOS / Chrome version compat fragile.

• Server-side API
  ● Yesverifiedstale

Compliance & certification

Regulatory coverage and certifications.

• US state-licensed (iGaming/sportsbook)
  ◐ Partialverified

  BetSaracen AR + DraftKings DFS NJ (web, May 2026) + FanDuel WV are the confirmed regulated US sportsbook/DFS deployments.

• US tribal / on-property
  ○ Noinferredstale
• Canadian provincial
  ○ Noinferredstale
• European (MGA/UKGC)
  ○ Noinferredstale
• LatAm (Brazil SPA)
  · Unknowninferredstale
• SOC 2 Type II
  ● Yesinferredstale

  Referenced in trust pages — verify before quoting.

• ISO 27001
  · Unknowninferredstale
• GLI-certified
  · Unknowninferredstale

Fraud & device intelligence

Device fingerprinting, IP intelligence, behavioral signals, account-takeover detection.

• Device fingerprint
  ○ Noverified

  Logic flaw: every login at Underdog DFS recorded as a new device — defeats multi-account detection.

• IP intelligence DBMaintained DB of VPN / TOR / proxy / hijacked-residential IPs with documented refresh cadence (GeoGuard equivalent).
  ◐ Partialverifiedstale

  Enterprise plan only; no published DB size or refresh cadence.

• Behavioral signals
  ○ Noinferredstale
• Velocity / impossible travel
  ◐ Partialverifiedstale

  Impossible-travel check listed as a trackVerified() signal.

• Bot detection
  · Unknowninferredstale
• Account takeover
  · Unknowninferredstale
• Chargeback mgmt
  · Unknowninferredstale

Ops & integration

How easy the product is to integrate, observe, and operate.

• Self-serve onboarding
  ● Yesverifiedstale

  Signup → key in <2 min, sandbox keys auto-provisioned.

• Case management UI
  ○ Noverifiedstale
• Webhook delivery
  ● Yesverifiedstale
• Real-time API
  ● Yesverifiedstale

  p50 50ms / p90 150ms; lightweight checks only.

• Analytics dashboard
  ● Yesverifiedstale
• Audit log export
  ◐ Partialinferredstale
• Encrypted responseDetection flag names hidden from the end user (GeoComply uses encrypted XML; most challengers expose JSON flag names).
  ○ Noverifiedstale

  trackVerified() returns signed JWT with passed boolean + visible failureReasons[]; client-side compliance decisioning surfaced in May 5 monthly brief.

• SDK hardeningSDK is signed, obfuscated, and license-bound — not findable / patchable to inject coordinates client-side.
  ○ Noverified

  Open-source unobfuscated SDK; publishable API key baked into app at build time; GPS injection methods exposed in public API.

Commercial

Pricing model and go-to-market shape.

• Usage-based pricing
  ● Yesverifiedstale

  MAU-based pricing (vs per-transaction).

• Flat license / enterprise
  · Unknowninferredstale
• Free tier / trial
  ● Yesverifiedstale

  • radar.com
• Publicly listed pricing
  ● Yesverifiedstale

  • radar.com
• Bundled with platformGeo is bundled inside a broader platform deal (OpenBet, GeoLocs/Mkodo, Playtech).
  ◐ Partialverifiedstale

  White-labelled into IC360's Geo360 product suite.

Resources

Briefings, source docs, and external links.

📊Case study (1)

• Radar Competitive Intelligence Brief — March 2026docs.google.com

  Primary briefing — MAU pricing, IC360 white-label, Enterprise fraud module.

📄Drive doc (2)

• Radar — Full analysis (spreadsheet)docs.google.com

  Complete test matrix and per-capability findings.

• Radar SDK Release Analysis (Apr 2025–Apr 2026)drive.google.com

  Cadence + strategic direction: 'where is the user?' → 'can we continuously trust this location?'. IP re-validation, multi-signal, BLE indoor, modular fraud, v3.31.0 offline geofence events.

🌐Website (1)

• Radar marketing siteradar.com

💰Pricing (1)

• Radar — published pricingradar.com

📰News (1)

• DraftKings DFS NJ migrated to Radar (May 2026)docs.google.com

  Internal: CIV-65 — DraftKings DFS - validate the competitor's integration.

📁Drive folder (1)

• Drive folder (full archive)drive.google.com

Radar's failures are repeated, not one-offs

Across seven weekly syncs (Mar 24 → May 11, 2026), Radar produced compliance gaps at four different operators (FanDuel WV, Bet Saracen AR, Sleeper / PrizePicks / Fliff, Underdog DFS) for at least eight distinct spoof vectors (rooted hidden Android, resigned iOS, GPS-simulator, VMOS, PlayCover ARM-macOS, browser extension, jailbroken iOS, proxy betting). Treat the Radar matrix row as the operative competitive document — every cell is verified-by-test as of the listed date.

Confirmed gaming clients (May 2026)

Operator	Segment	Market	Use case
DraftKings DFS	DFS (web only)	NJ (May 2026)	First US live-traffic migration off GeoComply. Dual-vendor; testing underway for compliance gaps.
Bet365 mobile	Sportsbook / iGaming	US multi-state	Bet365 web → XPoint; mobile → Radar (confirmed April 2026).
FanDuel WV	Sportsbook	US — WV	Eight weeks of repeated spoof failures.
Bet Saracen	Sportsbook	US — Arkansas	Regulated sportsbook reference; PlayCover + resigned iOS detected, VMOS not detected.
Underdog Fantasy	DFS	US multi-state	Chrome-extension spoof + device-counting flaw + 1-min border-crossing grace.
Sleeper	DFS	US multi-state	Jailbroken root-hidden iOS not detected.
PrizePicks	DFS	US multi-state	Jailbroken root-hidden iOS not detected. Note: also Xpoint Lite client.
Fliff	Social / sweepstakes	US multi-state	Jailbroken root-hidden iOS not detected.
Ballers Sportsbook	Sportsbook	US — licensed states	Jurisdiction enforcement.
1/ST BET	Horse racing / wagering	US multi-state	Jurisdiction enforcement.
Everi	Gaming tech vendor	US multi-state	SDK embedded in vendor platform.
IC360 / Geo360	Compliance vendor white-label	US multi-state	Radar powers Geo360.
Estrella Bet	Sportsbook	Brazil	Confirmed in Betting Hero's May 5 next-week scope.

Strategic direction — Radar SDK release analysis (April 2026)

Strategic direction is clear: shifting from "where is the user?" to "can we continuously trust this location?" Releases every 3 weeks to a couple of months. Notable: v3.31.0 (Apr 24, 2026) added on-device offline geolocation-event generation — when their backend is unreachable, the SDK generates geofence entry/exit events from cached data, tagged as offline. This is a watch point — we don't know yet whether offline-generated events satisfy regulatory requirements in gaming markets. GitHub monitoring is active.

Other axes of movement:

• IP-triggered re-validation — location re-checked on network/IP change
• Multi-signal decisioning — motion, device context, network alongside GPS
• Indoor / vertical accuracy — floor-level detection on mobile + BLE beacons
• Modular fraud architecture — plugin-based, allows rapid new detection logic

Talking points for displacement deals

1. DraftKings DFS NJ moved (May 2026), but only the DFS web product. Sportsbook + mobile stayed on GeoComply. This is a partial-displacement template, not a wholesale loss — sales narrative is "we keep the high-stakes stuff."
2. MAU vs per-transaction is not apples-to-apples. Operators with high-engagement players blow past MAU thresholds and lose the price advantage fast.
3. Eight verified spoof failures across four operators is not a tier-down — it's a non-starter. Lead the conversation with the Radar matrix row.
4. Near-border accuracy is missing. No successful bet within 1km of the AR border in testing (Mar 24); Mac 44% pass rate at 100m (May 5).
5. Client-side compliance decisioning and an open-source unobfuscated SDK is the structural problem — even if specific gaps get patched, the architecture exposes detection logic to the player.
6. IC360's Geo360 is the harder threat. Operators evaluating IC360 may not realise Radar is the engine — surface this in any account where IC360 is a vendor.

Open testing scope (carry-forward from weekly syncs)

• Replay Attack testing — Radar / Saracen AR, XPoint, Radar / Bet365 (ongoing)
• GPS Simulator — Radar + XPoint (May)
• PlayCover — FD WV (May)
• Device farm VMOS — FD WV, Fanatics, BetRivers (May)
• Saracen AR: Remote Screen Sharing across Windows laptops, Residential VPN out-of-state, additional RDPs (VNC, MS Teams, RustDesk)