Watch now

How to comply with New Jersey’s new sports betting 2FA regulations

You may have heard that New Jersey recently passed new legislation requiring all sports betting and igaming operators to implement Two-factor Authentication (2FA). Online gaming fraud has become more than a minor concern as bots and fraudsters hijack high-value accounts and transactions. Tactics like email spoofing, signup promotion abuse, and collusion are on the rise. 

As a best practice, many businesses already use 2FA to secure sign-ups, sign-ins, and transactions. 

We can expect additional states and countries to follow New Jersey’s lead to protect against account takeover and transaction fraud, so what are you doing to protect yourself and your end-users? 

Hear from industry experts including Rhea Loney at Penn Interactive as she shares what is top of mind as Penn continues to scale their digital engagement strategies.

Featured Resource

Sports & Gaming 


In this conversation, we look at:

  • Supercharge your customer engagement in the sports & gambling industry to drive business results

  • Verify is a purpose-built API to meet easily meet 2FA requirements across multiple delivery channels, including SMS, Voice, WhatsApp, Push Authentication, TOTP, and Email

  • How to prioritize security without sacrificing customer experience across onboarding, betting, and customer service while meeting new two-factor authentication requirements

We'll send you the link to "Sports & Gaming Roundtable" webinar and share content and updates about Twilio products as you build the future of communications. We use your information according to our privacy policy. You can update your preferences at any time.

Frequently Asked Questions

What is Two-factor authentication?

Two-factor authentication (commonly abbreviated as 2FA) adds an extra layer of security to your user’s account login by requiring two types of Authentication. This is usually something your user knows and something they have.

Why has New Jersey created new 2FA legislation?

According to one recent report, online gaming fraud attempts spiked to 393% YoY in the second quarter of 2021. While many operators have already implemented 2FA as a best practice, NJ is concerned about the security of both operators and end-users when it comes to protecting accounts and transactions. The online gaming industry has seen a rise in account takeover fraud, transaction fraud, fraudsters changing personal account information, etc.

What options should operators provide to their end-users regarding 2FA?

For businesses who need to reduce fraud and protect user accounts, consider an API optimized for One-time Passcode delivery across multiple delivery channels, including SMS, voice, email, WhatsApp, Push Authentication, or silent Authentication. This improved user experience allows consumers to choose the most appropriate channel to verify themselves while ensuring security.