EN / SV
Strategy

A secure platform

Ensuring maximum cybersecurity is key in providing a reliable service and gaining the trust of customers, regulators and society. By protecting our operating platform and safeguarding customer data, we provide a safe and secure commercial offering to all our markets. We look to continue down that road, with our goal set on providing a digital infrastructure with no exploitable vulnerabilities or compromised player accounts resulting from cyber-attacks to our platform by 2025.  

Target 

By 2025, we aim to achieve no unmitigated exploitable vulnerabilities and no compromised player accounts.

Our accomplishments 2023
Significant Reduction in Vulnerabilities
Kindred's vulnerability management program, which includes a red team and a bug bounty program, identified and remediated 137 vulnerabilities in 2023, including five critical ones. The company improved its median time to remediation, achieving a 97% remediation rate for externally facing vulnerabilities, significantly reducing the risk of external compromise.
Enhanced Cybersecurity Compliance and Certifications
Kindred maintained compliance with key cybersecurity standards, including ISO 27001 certification, PSI DSS level 1 compliance, and TF-CERT CSIRT accreditation. These certifications, coupled with adherence to market-specific cybersecurity regulations, underscore the company's robust cybersecurity posture.
Advanced Anti-Money Laundering Measures
Kindred processed tens of millions of online transactions daily, using advanced AML techniques to monitor and identify suspicious activities. This proactive approach helps prevent the processing of illicitly gained funds, money laundering, and terrorism funding, ensuring the integrity of its operations.

Inviting external testing to ensure the highest standards 

To ensure our cybersecurity meets the highest standards, our key information teams are certified by an accredited third party. More so, our security measures are certified in accordance with international standards across all our main markets.

What we set out to achieve  

We want to prevent all malicious activities against our platform and our players’ accounts to be able to offer enjoyable products with built-in integrity and fairness, maximise trust in our secure platform, and demonstrate resilience and leadership. Our Group Security department implements relevant cybersecurity and information-security policies and strategies in line with external regulations wherever we operate. We maintain our ISO 27001 certification, our CSIRT certification, and comply with all e-commerce account management regulations specific to our markets. 

Management that serves our business 

Our Computer Security Incident Response Team (CSIRT), Network Intrusion Detection System, and Security Operation Centre, has been externally acknowledged, much due to having worked with others in information-security communities, such as trusted-introducer.org and the EGBA Security Expert Group.  

Our production infrastructure continues to develop a way of working that essentially treats all users and resources as potentially suspicious, thereby demanding constant validation of entities or groups for each activity or computing task. We are currently monitoring the latest release of a component of this, ready to implement improvements. 

Customer data integrity 

To provide security and privacy of data for our millions of customers, we have several controls in place in player account security, authentication, validation and protection as well as in e-commerce account management. We ensure that our customers can feel confident in that their accounts on our platform are as secure as their bank accounts. A variety of player-account controls are available to customers, some of which are mandatory, depending on the market. These consist of virtual fingerprinting, Captcha or reused password detection. To further strengthen the security of our customers we will continue to apply multi-factor authentication (MFA) across all brands. 

Anti-money laundering (AML) 

Our ongoing work against money laundering helps safeguard our licences and combat criminal activity. Customers who try to exploit our platform for processing illicitly gained funds, laundering money or funding terrorism are tracked down and suspicious transaction reports are filed with the relevant authority. To mitigate the risk of money laundering we apply customer-identification processes and, where necessary, enhanced investigations to establish the origin of funds. We process tens of millions of online transactions each day but monitor each one to determine any risk and initiate relevant control measure when necessary. 

Share
https://www.kindredgroup.com/prgkq
COPY
You may also be interested in
Player Safety Early Detection System

Responsible Gambling
Kindred Group office Stockholm lobby

Product Integrity

We use cookies.

Kindred Group uses cookies and related technologies to improve the way our site functions for you as a visitor. A cookie is a text file that is stored on your device. We use these text files for functionality such as to analyse our traffic or to personalised content.
To change your settings or for more details on cookies click on Open settings.

Accept all Open settings Privacy policy

Cookie settings.

Cookies are small text files that are placed on your computer to help us provide you with the best user experience. These cookies contain information which provides anonymised tracking data to third-party applications such as Google Analytics.

Necessary, site experience

These cookies are important to the underlaying operations of the website. Supporting important functionality such as closing and opening the menu and the technical operations of the website to ensure it performs how you would expect. 

Cookie Expiry Purpose Company
.EPiForm_BID 90 days Functionality EpiServer
.EPiForm_VisitorIdentifier 90 days Functionality EpiServer
ARRAffinity  1 session Load balancing  Azure
ASP.NET_SessionId 1 session Functionality Microsoft
ShowMenu  1 session Functionality Local
TiPMix  1 session A/B testing Azure
__RequestVerificationToken 1 session Security Microsoft
__epiXSRF 1 session Security EpiServer
webcast_xxxx 1 week Functionality Local
newsinsights_xxxx 1 week Functionality Local
pressrelease_xxxx 1 week Functionality Local

Statistics, anonymous data collection

These cookies are used to track our visitors across our website. They can be used to build up a profile of search and/or browsing history for every visitor, or to better understand how the user uses the website so that we can improve it. Identifiable or unique data may be collected. Anonymized data may be shared with third parties.

Cookie Expiry Purpose Company
ai_session 1 hour Telemetry  Azure
ai_user 1 year Telemetry  Azure
__cfduid 30 days Security  Cloudflare
_ga 2 years Statistic Google
_gid 24 hours Statistic Google
_gat 1 minute Statistic Google

Marketing, targeted advertisement

These cookies are used by third party to track and collect data to be used in advertisment. They can be used to build up asearch and/or browsing history for every visitor. Identifiable or unique data may be collected.

Cookie Expiry Purpose Company
DSID (.doubleclick.net) 10 years Targeted advertisement Google
Id (.doubleclick.net) 1 session Targeted advertisement Google
Accept all Save settings Privacy policy
Prod