Skip to main content

Competitive Intelligence — Weekly Sync

📅 Week 1 — March 31, 2026 · ⏱ 30 minutes · 👥 Weekly cadence


1 · Competitive and Client Testing (Julia) — Key Findings


2 · Competitive Research (Valeria) — Key Findings

Major vulnerability suspected in xPoint based on the analysed SDK

xPoint and Radar are likely vulnerable to Man-in-the-Middle attacks

  • We will plan next steps with the engineering team.
  • We may need to try to test Man-in-the-Middle attacks on all competitors; this can be a good convincing point of their potential non-compliance, IF CONFIRMED.
  • Added security breaches information to the Radar document. Publishable API key baked into app at build time of Radar may be a potential vulnerability to Replay Attacks too.

OpenBet

  • Does not seem to have the analysis for rooting, memory modifications, or proxies — a potential breach for rooted devices. A good point of attention for our testing.

3 · End-user Feedback (Valeria) — Key Findings

📊 Full dataset: Social Media Competitive Signals · Reddit + X/Twitter public posts. Monitoring initiated March 2026.

  • Xpoint: increasing number of comments about poor location checks. Seeing more poor-location-services comments for PrizePicks and Bet365.
  • Should we add KYC feedback to our findings? Clients are finding the Fanatics KYC solution to be too demanding.

4 · What's Next — Plan for Next Week

Field Testing

  • Radar / Bet Saracen AR — Assess the effectiveness of Play Integrity API detection against a hidden root device. Assess Radar's ability to detect a tampered iOS app. Conduct the man-in-the-middle testing.
  • Radar / FD WV: Device Farm / VMOS (Android) — Retest — verify if Radar identifies the virtual OS environment used to manipulate device integrity; validation scheduled pending the next Android app release.
  • Radar / Saracen AR — run the Replay Attack testing
  • Fanatics / OpenBet Locator — validate the integration

Betting Hero

  • Radar / Saracen AR (web desktop) — perform full validation of the competitor's app
  • XPoint / RushStreet DE — conduct validation of the XPoint integration (in progress)

Integrations team

  • Request the Replay attacks tests on all competitors ✓
  • Mkodo Geolocs research is next in line
  • Add 'BIG LOSSES' section to the competitor briefs for Marco