Ohio sports bettors may soon have to use multi-factor authentication to access their accounts.
The Ohio Casino Control Commission sent a letter to gaming stakeholders earlier this month, notifying them of a proposed amendment to current Ohio sports betting regulations. This amendment would “require patrons to protect access to funded sports gaming accounts with multi-factor authentication.”
The letter began a public comment period, which ended on Friday, Jan. 26. Since the comment period is now closed, the commission will decide on the proposal soon.
Multi-factor authentication is available now, but not mandatory
Ohio sports betting is still in its infancy. The market launched at the start of 2023 and is home to 20 online sportsbooks. Additionally, there are 15 retail sportsbooks in Ohio where players can place bets in person. More brick-and-mortar options are expected to open this year.
The commission proposed the amendment to beef up customer safety. Multi-factor authentication is common practice when it comes to security accounts inside and outside of the gaming industry. It keeps customers’ identities and funds safe, especially with rising fraud.
New Jersey, Pennsylvania and Connecticut require bettors to sign into their accounts with multi-factor authentication.
Multi-factor authentication is available to players in Ohio now, but they are not required to use it.
Ohio law requires operators to offer multi-factor authentication methods, but customers can decide whether to use it. The proposed amendment would change that.
Caesars and MGM cyberattack made cybersecurity a priority
Last year, cybersecurity was the buzzword in the gambling world. A group of hackers infiltrated the servers of industry titans MGM Resorts and Caesars Entertainment last August. Consequently, customer and company information was compromised. The hackers demanded millions of dollars to return control to the operators.
As a result, Caesars ended up paying the hackers $15 million, half of the total the hackers originally wanted. According to Forbes, MGM didn’t pay, and their daily revenue and cash flow dropped 20%. MGM’s market cap dropped by $2 billion.
Since then, cybersecurity in the Ohio gaming industry has become a more prominent issue.
A report by IBM states that the cost of data breaches today is up 15% compared to just three years ago. The average 2023 data breach costs companies $4.45 million.
Ohio has one MGM property: MGM Northfield Park, a racino. According to a customer service representative, there were only minor issues at that location following the company’s overall data breach. MGM Northfield’s website was down for a few days, too.
There’s a Caesars property in Ohio, too. Scioto Downs customers were believed to have their data compromised as a result of the attack.
The MGM and Caesars instances reinforce the need for heightened cybersecurity efforts at even the lowest levels. Thus, it makes sense that Ohio wants to protect bettor information and funds. And one of the best ways to do that is through multi-factor authentication.