IESnare is the flavour of the month amongst bettors who get their accounts shut down and would rather complain and blame overzealous traders, software or anything they can rather than finding a new way to “get on”. Whilst we don’t look to defend or debate the betting industry’s trading practices, nor whether IESnare is legal in the UK under the data protection act, it’s important to understand what it actually does and see how there are multiple, far more widespread methods used by bookmakers to identify undesirable customers.
The criticism of a fraud-monitoring tool used by a number of operators, generally comes from people who don’t understand the other technologies that are really used and that they are oblivious to. The ones that do what they claim IESnare does, whilst IESnare doesn’t.
The best way to counter IESnare:
Whilst you can block IESnare manually and we will show you how later in the article, this can be difficult for users who are not particularly tech savvy, and risks undesired internet issues if modifying your hosts file incorrectly. Fortunately, we’ve been made aware of a solution – Jolly Lock IP Virtual Desktop.
Essentially, when you subscribe to Jolly Lock, you log on through your computer, to another desktop computer running in the cloud, which has its own static IP address. This means that the virtual desktop will not be linked to your own IP address or computer. It also prevents tools such as IESnare being used as it is blocked.
This solution is better than a VPN, as if playing casino games your real IP address will be exposed, because VPNs do not work correctly when the website runs Adobe Flash. VPNs are also slow and can cause pages to load slowly or incorrectly. They will also not prevent IESnare from being installed on your computer.
You may also find, when using a VPN, that the IP address you are given may already have been used by someone else previously, so it may already be blocked or otherwise it would link you to their account. This doesn’t happy with Jolly Lock.
You can subscribe to Jolly Lock by clicking here for an easy way of not having to worry about IESnare. If you’re making money from your betting, it’s well worth the investment.
What is IESnare and what does its provider, Iovation, claim it does?
A quick look at Iovation’s website suggests that it identifies devices and has information on over 3 billion devices globally. In practice, this means identifying across online companies whether a device attempting to transact with them has been involved in, or has a propensity to be involved in fraud. It claims a 0.0028% false positive rate (that’s a 35,000/1 shot that you are falsely claimed to be fraudulent). The last we checked, 3 billion devices weren’t used solely in the betting and gaming industry, so whilst it is a core industry for Iovation, it’s not the only one. They cite clients such as Expedia, dating sites and Aviva Insurance in addition to those in the gambling industry.
Their LinkedIn page suggests that they can detect bonus abuse, fraudulent deposits, collusion, account takeover and reduce chargebacks. A number of case studies support this: helping with account verification, reducing fraud and collusion and compliance.
On their website, more controversially, they claim it can assist with preventing arbitrage betting. There is little information about this, though as “chip dumping” and “affiliate abuse” is also specified, this likely alludes to having two accounts arb against each other with the same firm. One using a stolen credit card, attempts to lose the money whilst a legitimate account wins on the other side in order to be able to launder the money and cash out. We assume this for the reason that it is simply impossible for IESnare to tell what you are backing or laying with an exchange or any bookmaker – it can just monitor pages that you visit.
It cites techniques such as identifying if TOR is being used, whether proxy servers are used, whether multiple email accounts are logged into from a single computer and whether multiple devices are logging into the same account as ways it accomplishes this.
Update: We did some snooping:
We did some more snooping about how IESnare operates and came across this presentation that, given some reading between the lines, explains how IESnare works.
Essentially the software can help stop customers who are given trading restrictions interact with bookmakers, but it doesn’t do any sort of spying. It shares data about devices based on what it’s clients experience. The data is not about individual people or accounts.
A customer has a device, most likely a laptop. This is given a score (like a credit check) based on its interactions with Iovation and their clients throughout the web (as per slide 16).
The laptop can be marked by any client, usually through automated rules, but possibly manually, as being involved in a specified undesirable activity by any Iovation client. This can include arbitrage betting and trading restrictions (slide 18).
This can be linked to the customer internally, and the device externally. This mark reduces the score of the device (slide 23). These scores, but likely not the reasoning, are shared between clients. We believe this is unlikely to be used for trading restrictions, given that Iovation appears to do the decision making automatically as to whether to flag a device or not, and if flagged, to decline transactions from linked payment methods.
What’s IESnare accused of doing?
The main accusation being made is that it is used for “monitoring your behaviour, tracking whether you are on Oddschecker or a betting exchange”. Others claim it can see whether you are arbing.
Does it track you?
IESnare does monitor behaviour, but not in the way that it is accused of doing, and there are many other tools bookmakers use to accomplish the same. IESnare’s primary use that isn’t solely obvious anti-fraud that can be applied to any industry is to link accounts. Just like names, dates of birth, home addresses, payment information, IP addresses, MAC addresses, http cookies and betting the same selections – all of which the bookmaker monitors themselves without any software assistance. If you log into an account at your mates’ house or both back the same selection overnight that gets backed off the boards, they don’t need IESnare to link the accounts.
Can it see if you are arbing?
No. It doesn’t take screenshots of your screen and send them through to the trading room!
What you should worry about and how to “get on”:
If you’re a shrewd punter betting significant stakes, you’re going to be flagged anyway. If you back arbs, ricks, late bets, bad each way or any other nefarious business your account will not last long regardless of whether the bookmaker knows who is really placing the bets. If you place 1500 bets and return a 0.2% profit, you are savvy or at least staking heavily on the shrewd selections and the firm is right, commercially, to restrict your stakes.
HTTP Referrers: Worried that the bookmaker can see where you are coming from? You’re right to be, but it’s not because of IESnare. Every time you visit a website, that website can see the exact link of the previous page that you were on. If you click through the Oddschecker grid, they know (not that we believe this is as much of a red flag as people think: there’s a reason bookies advertise on there and they wouldn’t if they didn’t want the business). The same goes if you do it from Betfair. So either start loading google.com before you visit the bookie, or install a plugin such as Referrer Control to block this (note: we haven’t tested this plugin).
Joining from “shrewd” affiliates: One of the most vocal anti-IESnare protesters operates an affiliate site that offers to sell betting tips from professional punters for a sizeable fee. Yet the same site has a page advertising a host of bookmakers. If you register from that website, that’s not going away and will be flagged next to your account forever. Alternatively, you can join the thousands of people that see a TV ad, Google the name of the company and join directly, blending in with the crowd.
E-Wallets: Live in the UK and use Skrill or Neteller? How many of your non-punting friends do you think have a Skrill account? Exactly. British residents don’t use these so by doing so, you are different. Bookmakers even tell you that these are commonly used by undesirable customers as many block such customers from receiving their welcome free bets. At a push PayPal is fine but using a debit card is always the most normal.
Female names: How many high staking female sports bettors are there? And what’s the proportion of those customers compared to pro punters who have used every mother, sister, spouse and ex-girlfriend? If you deposit huge sums from a female account, the bookmaker is going to keep a close eye. Wouldn’t you?
Betting with a small firm: If you’ve only got a small number of clients, of course there’s no need for such software. When the traders only have to deal with a small numbers of accounts, they can Google or look up on LinkedIn the name of every client. If they figure out a customer works for a rival bookmaker, for example, they can easily be turned away.
How to block IESnare:
Does blocking IESnare suggest you are a possible fraudster? Possibly, though there are likely a sufficient number of computers without flash for it not to be too much of a concern. That said, you can block it permanently by following the method below.
If you’re concerned about blocking it, bet in incognito mode. According to the non-tech-expert friendly Wikipedia, LSOs (flash cookies) are deleted at the end of an incognito web broswing session; and those created in a regular session are inaccessible in private browsing. Many normal customers will do so – it’s logical to hide such activity from a spouse or kids on a shared computer.
Alternatively, you could just bet from an iPhone or iPad where Flash is not supported. As we outlined before though, Jolly Lock may be a better solution.
The easiest way to block IESnare is to block it in your computer’s HOSTS file.
1) Log in as an administrator
2) Open the “run” dialog; either by hitting the Windows Key + R, or just searching for “Run” and opening it.
3) Copy paste the following: ‘notepad.exe C:\WINDOWS\system32\drivers\etc\hosts’
4) Insert the following at the bottom of the file that is opened and then save.
If you want to check if it worked, hit search, search for “cmd” and click enter. Then type ping iovation.com and you should see 127.0.0.1 (which is your local computer, rather than their web server). Success.
So what can I do?
We used to think that at the end of the day, if you aren’t buying a burner for each set of accounts, betting in incognito and generally being muggy, it doesn’t matter. Blocking IESnare and the other methods we recommend might help, but if you’re trying to open account after account in the name of friends and family, it’s hardly unfair to expect the bookmaker to try and stop you? If you’re blocking IESnare but not aware of the other methods bookmakers use, then you aren’t really helping yourself much at all. But now, Jolly Lock can give you the best possible chance.