Get exclusive CAP network offers from top brands

View CAP Offers

Bwin: a Case Study in Website Security

September 23, 2009 (CAP Newswire) — Today more than ever before, online security is a priority for Internet consumers — and online gamers. And as criminals become more and more innovative in their techniques to steal online data, online companies are required to become more and more resourceful in their security systems.

SQL injection, manipulation of https protocols, password cracking — these are just a few of the tricks online hackers use to breach security systems large and small. For true security, websites must not only know about existing hacking techniques but try to foresee new ones.

Earlier this week, SC Magazine, an online publication for the Internet security industry, laid out a set of guidelines by which online security should be measured. From code reviews to the application of Web application firewalls, from user education to regular and thorough systems assessments, the list covered all the bases of what constitutes modern online security. 

And in presenting this list, the magazine offered up Austrian-based online gaming powerhouse bwin as a case study in how to do security right.

“Based in Vienna, bwin provides more than 130 online casino, skill and fortune games and operates one of the world's largest poker networks,” the article states. “Bwin's systems have to transact more than 60 different payment types to meet local needs in all the markets it serves. It has 20 million registered customers, turns over more than €3 billion in bets per year and processes over 70,000 financial transactions each day.”

With that level of operational complexity, the company must also make security on ongoing priority.

Head of corporate security for bwin Oliver Eckel told SC that the site was attacked “daily”. “Most attacks are from ‘script kiddies', but hackers trying to improve their chances in games also attempt to break applications. There are also waves of attacks as soon as fresh vulnerabilities are announced.”

“[T]o ensure PCI DSS compliance, the company separated not just its company IT systems from its front-end systems, it floated off the entire payment infrastructure into a separate company,” the article continues. “It now offers payment processing services to other companies, making it one of the few companies to make good money from having become PCI DSS-compliant.”

This is all good news for bwin players and affiliates, who can do business with the company knowing that it's been praised for its security features. In related news, bwin’s stock prices have risen about 7 percent this week; click here to read about that. To read the complete online security case study at SC Magazine, click here. Details on bwin’s online gaming affiliate programs can be found here.