Overview
This guide covers FrankieOne’s KYC solution for Australian gaming operators, designed to support state and territory regulatory requirements for age verification, identity verification, and responsible gambling compliance.Summary
Available Workflows
| Workflow | Purpose | When to Use |
|---|---|---|
AUS-Basic3V-AgeVerify | Age + identity verification | Primary - Standard registration |
AUS-Risk-CDD-Email-Phone-Device-IP | Fraud detection | Multi-accounting, bonus abuse prevention |
| Biometric step-up | Enhanced verification | Elevated risk scenarios |
Quick Implementation Flow
Age Verification (Mandatory)
| Outcome | Action |
|---|---|
| Verified 18+ | Proceed to identity verification |
| Under 18 | Permanent block (regulatory requirement) |
| Unable to verify | Request alternative documentation |
Step-Up Verification Flow
Key Fraud Signals
| Signal | Risk Level | Description |
|---|---|---|
| Device on blocklist | Critical | Known fraudulent device |
| Multiple accounts from device | High | Multi-accounting indicator |
| Session velocity over 5 in 24 hours | High | Abuse pattern |
| Email age under 7 days | High | Recently created email |
| Email domain disposable | Critical | Temporary email service |
Decision Outcomes
| Outcome | Action |
|---|---|
| PASS | Create account, enable gambling features |
| REVIEW | Queue for manual verification |
| FAIL | Block registration, display generic message |
Support
- Documentation: docs.frankieone.com
- Support: Contact your FrankieOne representative
Expanded Details
Regulatory Context
Disclaimer: The information in this section is provided for general guidance only and does not constitute legal or compliance advice. Customers must seek independent legal and regulatory advice to ensure their implementation meets their specific licensing obligations. FrankieOne is not responsible for customers’ compliance decisions or outcomes.
Regulatory Updates: Gaming regulations vary by state and territory and are subject to change. Customers should monitor updates from their relevant regulator (e.g., Liquor & Gaming NSW, VGCCC, OLGR Queensland) and ensure ongoing compliance.
Australian Gaming Regulatory Framework
Australian gaming operators must comply with state and territory licensing requirements. FrankieOne’s gaming workflows can support these common obligations:| Obligation | Requirement | How FrankieOne Can Support |
|---|---|---|
| Age Verification | Verify customers are 18+ before allowing gambling | Automated age verification against government and commercial data sources |
| Identity Verification | Verify customer identity to prevent fraud and multi-accounting | Identity verification workflows with document and biometric options |
| Self-Exclusion | Check against national and state self-exclusion registers | Self-exclusion checks are managed separately by the operator |
| Responsible Gambling | Support responsible gambling obligations | Configurable risk triggers and monitoring capabilities |
| Record Keeping | Maintain verification records | Audit trails and verification history |
State and Territory Considerations
Gaming regulations differ across Australian jurisdictions. Your compliance program should address requirements specific to your operating jurisdictions.| Jurisdiction | Primary Regulator | Key Considerations |
|---|---|---|
| NSW | Liquor & Gaming NSW | Point of consumption, online wagering requirements |
| VIC | VGCCC | Wagering and betting licence requirements |
| QLD | OLGR | Interactive gambling requirements |
| SA | CBS | Gambling codes of practice |
| WA | Department of Local Government | Betting and gaming requirements |
| National | ACMA | Interactive Gambling Act compliance |
Workflow Configuration Details
Primary Workflow: AUS-Basic3V-AgeVerify
This workflow provides age verification with identity checks suitable for gaming onboarding.
Core Checks:
| Check Type | Purpose | Outcome |
|---|---|---|
| Age verification | Confirm applicant is 18+ | Pass/Fail |
| Government ID verification | Validate identity document via DVS | Match/No Match |
| Credit bureau check | Cross-reference identity data | Match/Partial/No Match |
| Electoral roll | Address verification | Match/No Match |
Fraud Detection: AUS-Risk-CDD-Email-Phone-Device-IP
Gaming has elevated fraud exposure due to bonus abuse, multi-accounting, and payment fraud. This workflow assesses fraud risk signals.
Risk Signals Evaluated:
| Signal | Risk Level | Description |
|---|---|---|
| Device fingerprint on blocklist | Critical | Known fraudulent device |
| Multiple accounts from same device | High | Multi-accounting indicator |
| Session velocity over 5 in 24 hours | High | Abuse pattern detected |
| Email age under 7 days | High | Recently created email |
| Email domain disposable | Critical | Temporary email service |
| IP geolocation mismatch | Medium | Location inconsistency |
| VPN/proxy detected | Medium | Connection anonymisation |
| Phone type = VoIP | Medium | Non-mobile number |
Step-Up Verification
For elevated risk scenarios, additional verification can be triggered: Step-Up Triggers:| Trigger | Action |
|---|---|
| Device risk score > threshold | Require biometric verification |
| Partial identity match | Request additional document |
| Address verification failed | Request proof of address |
| High fraud risk signals | Manual review required |
Self-Exclusion Checks
Self-exclusion register checks (including BetStop National Self-Exclusion Register) are managed separately by the operator outside of FrankieOne workflows. Operators should implement self-exclusion checks as part of their overall onboarding process in accordance with their licensing requirements.Step-by-Step Implementation
Note: This section describes the conceptual implementation flow. For actual API endpoints, request/response schemas, and code examples, refer to the FrankieOne API Documentation.
Prerequisites
Before implementing, ensure you have:- FrankieOne API credentials
- Webhook endpoint configured
- OneSDK embedded in your application (recommended for mobile)
- Test environment access
Step 1: Collect Customer Details
Collect required information from the applicant:- Full name
- Date of birth
- Residential address
- Email address
- Mobile phone number
- Government ID details
Step 2: Age Verification
Verify the applicant is 18 or older. Age verification is mandatory for gaming. Outcomes:- Verified 18+: Proceed to identity verification
- Under 18: Permanent block (regulatory requirement)
- Unable to verify: Request alternative documentation
Step 3: Identity Verification
Verify customer identity against government and commercial data sources.Step 4: Fraud Assessment
Evaluate fraud risk signals to detect multi-accounting and bonus abuse.Step 5: Handle Decision Outcomes
PASS:- Create customer account
- Enable gambling features
- Set initial deposit limits (if applicable)
- Queue for manual verification
- Notify compliance team
- Do not activate account until resolved
- Block registration
- Log rejection reason (internal only)
- Display generic message to user
Risk Tier Examples
Tier 1: Low Risk - Auto-Approve
Customer Profile:- Australian citizen, 25 years old
- Valid driver licence
- Address matches electoral roll
- No fraud signals
James Testone, 25, registers for an online wagering account via mobile app. He provides his NSW driver licence. Age verified as 25, identity confirmed against government records, no fraud signals detected. Account activated immediately.
Tier 2: Medium Risk - Step-Up Required
Customer Profile:- Valid ID but address mismatch
- New email address
- Multiple registration attempts from device
Sarah Testtwo, 22, registers for a betting account. Her identity is verified but address doesn’t match electoral roll (recently moved). Device shows 3 previous registration attempts (abandoned). System triggers biometric step-up. Facial match confirms identity. Account activated with enhanced monitoring flag.
Tier 3: High Risk - Manual Review
Customer Profile:- Identity verification inconclusive
- High fraud risk score
- Device associated with blocked accounts
Michael Testthree, 19, attempts to register. Name partially matches ID records (middle name discrepancy). Device fingerprint associated with 2 previously blocked accounts. Case escalated to compliance team for manual review.
Tier 4: Auto-Reject
Triggers for Automatic Rejection:| Trigger | Rationale | User Message |
|---|---|---|
| Age under 18 | Regulatory requirement | ”You must be 18 or over to register” |
| Confirmed fraudulent device | Fraud prevention | ”Unable to complete registration” |
| Document tampering detected | Fraud prevention | ”Unable to verify identity” |
| Multiple blocked accounts from device | Abuse prevention | ”Unable to complete registration” |
Note: Self-exclusion checks should be implemented separately by the operator. Never disclose self-exclusion status to the user.
Edge Cases and Special Handling
Age Verification Edge Cases
| Scenario | Handling |
|---|---|
| DOB makes applicant exactly 18 today | Accept (18+ satisfied) |
| DOB on ID differs from entered DOB | Reject with mismatch error |
| Expired ID document | Reject, request current document |
| Foreign passport (tourist) | Accept if gambling permitted for tourists in jurisdiction |
Multi-Accounting Detection
Gaming operators need to prevent customers from creating multiple accounts for bonus abuse. Detection Signals:| Signal | Weight | Action |
|---|---|---|
| Same device fingerprint | High | Block or review |
| Same email domain pattern | Medium | Flag for review |
| Same residential address | Medium | Flag for review |
| Similar name variations | Low | Flag if combined with other signals |
| Same payment method | High | Block or review |
Self-Exclusion Handling
Self-exclusion register checks are managed separately by the operator outside of FrankieOne. When implementing self-exclusion checks:| Scenario | Recommended Action |
|---|---|
| Exact match on exclusion register | Block registration silently |
| Near match (similar name/DOB) | Manual review required |
| Previously excluded, exclusion expired | Allow if exclusion genuinely expired |
| Requests to check own exclusion status | Direct to BetStop website |
Note: Never disclose self-exclusion status to the user.
Compliance Reporting
Audit Trail Requirements
FrankieOne maintains audit trails for gaming verification activities. Data Retained:| Data Category | Retention Period | Purpose |
|---|---|---|
| Verification requests | Per licensing requirement | Regulatory compliance |
| Age verification results | Per licensing requirement | Age verification evidence |
| Decision outcomes | Per licensing requirement | Audit trail |
| Fraud assessment results | Per licensing requirement | Fraud prevention |
Note: Retention periods vary by jurisdiction. Ensure your configuration aligns with your licensing requirements.
Reporting Capabilities
FrankieOne can support gaming compliance reporting including:- Verification volumes and outcomes
- Age verification statistics
- Fraud detection metrics
- Device risk assessments
Troubleshooting
| Issue | Likely Cause | Resolution |
|---|---|---|
| Age verification failing for valid customers | DOB format mismatch | Check date format (YYYY-MM-DD) |
| High false positive rate on multi-accounting | Shared household devices | Tune device fingerprint sensitivity |
| Fraud check timeout | Integration issue | Contact FrankieOne support |