Competitive Intelligence โ Weekly Sync
๐ Week 4-5 โ April 28, 2026 ยท โฑ 30 minutes ยท ๐ฅ Weekly cadence
1 ยท Competitive and Client Testing (Julia / Melissa) โ Key Findingsโ
Radar Browser-Based Solution โ Underdog DFSโ
- โ Location spoofing vulnerability โ Chrome Browser Extensions undetected (Location Guard)
Critical vulnerability identified. Free Chrome extension defeats geo without any technical skill. - โ Inaccurate device + user tracking โ every login recorded as a new device. Inflates device counts and prevents the system from identifying multiple accounts sharing the same device โ significantly weakening fraud detection and account controls.
- โ Compliance gap at border crossings โ users can continue placing wagers for approximately 1 minute after entering a restricted zone before Radar intervenes. Regulatory compliance risk.
- โ Increased geolocation frequency + fail rates โ Without single-license support, Radar requires more frequent checks and generates unnecessary buffer-zone failures.
- โ Loss of meaningful error messaging โ Following the switch from GeoComply, players now receive generic error messages for all geolocation failures, removing the ability to self-troubleshoot.
2 ยท Competitive Research (Valeria) โ Key Findingsโ
Radar new release โ v3.31.0 (iOS + Android, April 24)โ
- โ v3.31.0 โ SDK generates geofence events offline, without server
When backend unreachable, the SDK generates geofence entry/exit events directly on the device from cached data, tagged as offline. Backend-toggled feature; unclear whether it will be used for gaming markets. Tracking intensity adjusts automatically based on geofence context โ even mid-outage.
Watch point: validate whether these offline-generated events satisfy regulatory requirements or are used in regulated field integrations.
Mkodo GeoLocsโ
- Three confirmed spoofing failures from our own testing โ RDP (AnyDesk / Assistant), iOS Emulator (XCode), and Fake Location App (iAnyGo) all undetected on live operators. Sessions also persisted 15โ60+ minutes after location services were off, and cross-border sessions weren't terminated for 20+ minutes. Confirmed, repeatable findings โ use them in any conversation where GeoLocs is being evaluated.
- Canada: OLG, BCLC, AGLC, WCLC, ALC โ mkodo built their apps and their geolocation. Don't compete for those. However, GeoLocs is already live in Alberta (AGLC + WCLC) before the regulated commercial market opens. GeoComply has no Alberta presence. This needs action now.
Locance (formerly LocationSmart) โ 3 main pointsโ
- Significant historical baggage โ surface it every time
2019: leaked real-time location data of all major US carriers without consent. Also a data source for Securus, used for illegal individual tracking without a court order. A separate vulnerability allowed bypassing opt-in location protections by switching request format. Their FAQ now defensively states "we do not sell location data." Bring this up in every competitive conversation. - Their response format exposes their detection rules
Results returned as plain JSON โ fraud flag names are visible to anyone who receives a rejection. A fraudster can reverse-engineer exactly what triggered a block and adjust. GeoComply uses encrypted XML; detection logic is never exposed. Check count is unpublished; anti-spoofing capability (RDP, FLA, emulator) untested. - Ontario-only footprint + compliance gap confirmed in testing
All known clients in Ontario (LeoVegas, Royal Panda, Betway, Luxury Casino, Jackpot City). No US sports betting presence. Feb 2026 Luxury Casino Ontario: deposit went through before identity documents were verified. Pitch is 2-3 day integration + no download required โ same wedge as mkodo.
3 ยท End-user Feedback (Valeria) โ Key Findingsโ
๐ Full dataset: Social Media Competitive Signals ยท Reddit + X/Twitter public posts. Monitoring initiated March 2026.
- GeoComply (FanDuel, DraftKings): KYC friction dominated โ multi-week identity verification failures, accounts locked after first deposits, SSN submissions going unresolved. On the geo side, FanDuel is seeing location drops every 5 minutes during active sessions, and a Reddit thread on VPN bypass for DraftKings in restricted states is actively gaining replies.
- XPoint Verify (Bet365, PrizePicks): Three new entries, all negative. Bet365 privacy backlash โ users objecting to demands for SSNs, driver's licenses, and birth certificates, with one report of the sign-up submit button being broken entirely. PrizePicks logged a straightforward location error complaint on Twitter/X.
- OpenBet (Fanatics): Two new KYC entries. Fanatics users report selfie/ID scans failing repeatedly on sign-up, and a separate account suspension immediately following a winning streak โ funds held, bank statements submitted, no resolution. Consistent with the pattern of negative Fanatics/OpenBet sentiment tracked since February.
4 ยท What's Next โ Plan for Next Weekโ
Field Testingโ
- Fanatics / OpenBet Locator โ finish validation of the integration
- Ontario Competitor Analysis โ validate current competitor integrations (Mkodo, LocationSmart) in Ontario in anticipation of Alberta launch
- Radar / Saracen AR, XPoint, Radar / Bet365 โ run Replay Attack testing
- GPS Simulator โ test location spoofing on Radar & XPoint with GPS-simulator device
Betting Heroโ
- Radar / Saracen AR (web desktop) โ perform static connection validation of the competitor's app
Integrations teamโ
- TBD