Skip to main content

5 posts tagged with "kyc"

View All Tags
MissedComplianceMITM / replayUX / messaging

GeoLocs / mkodo — Casumo Casino (QC/ON border): KYC bypass with fake Quebec address; Ontario licence suspended May 14

GeoLocsCasumo Casino
geolocsmkodocasumoontarioquebec

Source. June 23, 2026 weekly sync.
Ticket. CIV-55: mkodo / GeoLocs — full validation.

What we tested

Full validation of mkodo's GeoLocs product via Casumo Casino, tested from the Quebec side of the Ontario–Quebec border. Casumo's Ontario licence was suspended May 14 — relevant context for the operating posture during testing.

What happened

Compliance gaps

  • KYC bypassed with fake Quebec addressOntario ID and Ontario billing address both accepted; $10 deposit completed despite contradictory jurisdiction documentation.

Blocks / working detections

  • Ontario users correctly blocked from registering in-province.
  • ⚠️ DevTools intermittently detected on Mac.
  • Hardware locale evaluation — Canadian-purchased iPhone shown a maintenance page (US iPhone worked — likely device locale detection).

UX issues

  • Games failed to load across all platforms and scenarios under normal conditions — app largely non-functional in QC.

Why it matters

The KYC bypass is a direct regulatory exposure independent of geolocation accuracy: fabricated Quebec credentials plus contradictory Ontario documentation still produced a funded account. The Quebec gaming failures mean the platform is effectively unusable in that territory today — but the KYC gap would matter on any functional deployment path.

Cross-reference

GeoLocs profile → · June 23 weekly sync →

IntelSocial

Social signals (June 23): BetRivers XPoint geo friction on Reddit; KYC and support overload spiking

XpointRushStreet Interactive (BetRivers)
socialbetriversxpointkycreddit

Source. June 23, 2026 weekly sync — End-user Feedback (Valeria).
Dataset. Social Media Competitive Signals · Reddit + X/Twitter public posts.

BetRivers — investigation in progress

BetRivers feedback is being investigated now for a full report. Early signals from the June 23 sync:

No volume spike, but XPoint sentiment is clear

We do not see spikes in overall complaint volume on Reddit, but there is clear disapproval towards XPoint on BetRivers threads — consistent with the field-testing gaps on PA deployments this cycle.

Representative posts (May 2026):

"Hello since they went to the new xpoint software I can no longer use my pc they keep thinking Im playing out of state when im not. I have tried multiple pcs browsers my neighbors internet even using a pc at walmart with there internet and it doesnt work"

"Started doing this to me this morning and I don't use a VPN. What I still can't figure out is that with Betrivers it won't let me place bets when I'm connected to my home wifi. I have to disconnect and only use cellular with BetRivers. Every other app is fine. This started about a month or so ago."

KYC + support — spiking themes

Sentiment fully leans towards KYC issues:

  • Roughly every third post on r/betrivers is about not being able to verify an account for days.
  • Support overload — no email replies for days; phone lines taking hours.

Not necessarily a direct geolocation correlation, but areas where GeoComply's KYC + geo stack positioning can help in operator conversations.

Why it matters

Public XPoint friction on BetRivers aligns with both the June 16 / June 23 Pennsylvania test gaps and the Michigan RDP improvement with residual RustDesk timing risk — social noise and field results are pointing the same direction this month.

June 23 weekly sync → · BetRivers PA advanced spoofing (CIV-88)

IntelSocial

Social signals (June 16): World Cup flat; Bet365 geo volume down but same friction themes; KYC complaints +63%

Xpointbet365
socialbet365xpointkycbrowserguard

Source. June 16, 2026 weekly sync — End-user Feedback (Valeria).
Dataset. Social Media Competitive Signals · Reddit + X/Twitter public posts.

World Cup — no volume spike

The FIFA World Cup has not affected the number of competitive signals we see in the monitoring window. Overall chatter volume is flat vs the prior period.

Bet365 (XPoint) — lower volume, same root issues

Geolocation complaints dropped from 12 → 4 comparing the older monitoring period to the recent one. The nature of the complaints is unchanged:

  • Mandatory third-party download (BrowserGuard / plugin friction).
  • Geo check wiping the betslip mid-flow.
  • Location dropout during live betting.

Lower volume does not mean the underlying UX / integration friction has improved — the same recurring themes persist.

KYC — accelerating share of total signals

  • KYC complaints: 0.8 → 1.3 per day (+63%).
  • KYC share of total signals: 14% → 33%.

KYC friction is becoming a larger slice of end-user noise even as raw Bet365 geo complaint count falls. Worth tracking whether this is operator-specific or a broader market pattern in the next cycle.

Why it matters

Bet365's geo narrative in social channels is shifting from volume to persistence — fewer posts, same complaints. The KYC spike is the new headline for operator-experience conversations and may feed the testing backlog if specific bypass claims surface.

June 16 weekly sync →

MissedComplianceProxy

Locance (LocationSmart) Ontario: real-money deposit with no identity check + detection rules exposed in API

locancelocationsmartontariocompliancekyc

Source. June 2, 2026 weekly sync.
Ticket. CIV-53: Locance (LocationSmart) Ontario — compliance and security gaps.

What we tested

Locance (LocationSmart), a geolocation provider active in Ontario. Two angles: the account-onboarding and deposit flow, and the content of the API response when connecting from outside the jurisdiction.

What happened

  • No identity / location verification. A tester completed account registration and a real-money Interac deposit without ever being asked to verify identity or location — a step that should be mandatory under Ontario iGaming compliance rules.
  • Detection logic exposed in plain text. Connecting from a Singapore IP, the API response visibly named the exact detection rules that were triggered — e.g. IP proxy detected, IP hosting provider.

Why it matters

Two distinct problems on one provider:

  1. The identity-verification gap is a direct compliance failure. Completing a real-money deposit with no KYC step is a regulator-facing defect under Ontario rules.
  2. The exposed detection logic is a security weakness. Any technically sophisticated fraudster intercepting the response learns precisely which rules they need to evade, and can tune their attack accordingly.

Both findings are relevant for competitive positioning against operators considering Locance.

Cross-reference

Locance profile → · June 2 weekly sync →

IntelSocial

Fanatics (OpenBet) account suspension immediately after a winning streak

OpenBetFanatics Sportsbook
socialfanaticsopenbetkycaccount-suspension

Source. April 28 weekly end-user-feedback section.

The signals.

  • Fanatics users report selfie / ID scans failing repeatedly on sign-up.
  • A separate account suspension immediately following a winning streak — with funds held and bank statements submitted but no resolution.

Consistent with the pattern of negative Fanatics / OpenBet sentiment tracked since February.

Why this matters. The "post-winning-streak suspension" is a specific fraud-investigation playbook problem that operators run into when their KYC + geo + risk stack is uncoordinated. Locator's lack of IP-change monitoring (May 5 test) and the absence of state-line buffer zones (50m state-switching at Fanatics TN) compound the post-win review pile.

Bigger pattern (May 5 monthly brief). KYC friction is now 23% of all end-user complaints in monitoring. Not a geo issue but creates halo damage: users conflate geo lockouts and KYC holds into a single "the app won't let me play" complaint.

OpenBet profile →