Written by :
Published on :
New Jersey sports betting sites will now be required to confirm user identities.
Although 2FA/MFA solutions have been used by companies in many industries, New Jersey’s requirements are noteworthy because they spell out what is usually considered a best practice.
It's an interesting development as many offshore sportsbooks are moving more towards an "email only" model.
Two-Factor or Multi-Factor (2FA or MFA) Authentication typically combines a user’s username/password combination with an additional authentication method such as receiving a code via one's smartphone or email.
Specifically, N.J.A.C. 13:69O-1.1 defines “multi-factor authentication” as a type of strong authentication that uses two of the following to verify a patron’s identity:
- Information known only to the patron, such as a password, pattern, or answers to challenge questions;
- An item possessed by a patron such as an electronic token, physical token or an identification card; or
- A patron’s biometric data, such as fingerprints, facial or voice recognition.
- As goes New Jersey, other states are likely to follow.
- Gilbert Horowitz, Gambling911.com
