Problem scope

Multi-accounting — the creation of multiple accounts by a single person to circumvent per-account limits or exploit promotions multiple times — is the most common and most costly form of fraud in iGaming. Our 2025 operator survey found that 73% of operators identified multi-accounting as their primary fraud concern, with average losses of €420K per operator per year attributable to the practice.

The challenge is definitional as much as technical: multi-accounting is not inherently fraudulent in isolation. A player may have a legitimate reason to create a second account (a forgotten password, a household member playing on the same network). Detection requires distinguishing abusive multi-accounting from benign multi-accounting — a nuance that simple deduplication cannot capture.

Detection signals

Effective multi-accounting detection combines hard signals (shared device ID, shared payment method, shared IP address) with soft signals (similar username patterns, overlapping login times, correlated bonus-claim sequences, matching withdrawal amount patterns). Hard signals are high-precision but low-recall — sophisticated abusers route around them. Soft signals are lower-precision but catch the cases hard signals miss.

Graph analysis

Graph analysis is the most powerful tool available for multi-accounting detection because it evaluates accounts in the context of their relationships — not in isolation. An account that shares no hard signals with any other account may nonetheless be part of a ring if its soft signals place it consistently in the same cluster as confirmed abusers.

Enforcement

Detection is only half the problem — enforcement requires careful calibration to avoid legal risk and player experience damage. Our recommended approach is tiered: low-confidence clusters receive enhanced friction (step-up verification); medium-confidence clusters receive bonus restriction; high-confidence clusters receive account suspension pending review. Manual review queues should be sized to clear within 24 hours to avoid cascading backlogs.

Best practices

• Never rely on hard signals alone — sophisticated abusers will defeat them trivially.
• Calibrate enforcement to confidence level — avoid suspending accounts on weak evidence.
• Maintain a clear appeals process — false positives will occur and must be resolvable quickly.
• Review cluster membership weekly — rings evolve and new accounts join existing clusters.
• Share cluster data with your PSPs — coordinated multi-accounting often involves payment fraud too.