Taking Oryx Gaming to the next level of compliance

Working in the product compliance team at Oryx Gaming means playing a crucial part in ensuring the company can operate in chosen markets. In 2020, on top of everyday tasks, our team worked on an important project to get Oryx ISO 27001 certified. Everyone who participated had to use their whole skill set to juggle their regular workload with this big project in order to meet the deadline. It’s safe to say that all of us picked up new skills in the process. We learned a lot and really enjoyed being part of such an exciting project – one of many that working at Oryx allows you to be involved in.

iGaming is a specific industry where regulations have changed dramatically in the last few years. We are working in a heavily regulated field where every country, and sometimes even state or province, adapt and enforce their own iGaming regulations. As a result, we need to constantly adapt our products to comply rules in individual target jurisdictions.

A certified lab checks if the products (games, RNG, aggregator, iGaming platform), processes, systems and information security are in line with local requirements. Final products are tested before the first launch and after any major changes. Audits are usually done periodically, often once a year although in some regions they occur every two years. Some demands, like change management, can be monitored quarterly.

There is a major advantage to being checked for compliance regularly. When jurisdictions write certain regulation, they often go by a certain standard. If a supplier already holds that standard, there is no need to further examine the processes. Some countries, like Switzerland, go a step further and demand a ISO 27001 certificate.

The compliance process should be ongoing so our compliance team consistently and accurately governs our compliance policies over time.

In modern iGaming regulation, there is a strong emphasis on the detailed and precise definition of Information Security and Change Management which result in direct or indirect periodic, usually annual, compliance checks and security tests.

Due to appropriate management of Information Security and Change Management, Oryx started the journey to acquire the ISO/IEC 27001:2013 certificate last year and was awarded it in June 2020.

The aim of the system is to help Oryx make the information assets we hold more secure.

The project team developed Oryx’s Information Security Management System (ISMS) – including several policies and documented procedures, that help us keep a level of security for the information system. The aim of the system is to help Oryx make the information assets we hold more secure.

ISO/IEC 27001 is an international standard on how to manage information security. The standard was originally published jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) in 2005 and then revised in 2013. It details requirements for establishing, implementing, maintaining, and continually improving an information security management system (ISMS). 

ISO 27001 certification covers information security management policies and procedures in the software development process. It focuses on:

•           Information security policies

•           Organization of information security

•           Human resource security

•           Asset management

•           Access control

•           Cryptography

•           Physical and environmental security

•           Operations security

•           Communications security

•           System acquisition, development and maintenance

•           Supplier relationships

•           Information security incident management

•           Information security aspects of business continuity management

•           Compliance.

This certification is an industry-standard and enables the company to easier obtain new clients and can also demonstrate compliance with jurisdiction/licence requirements.

The ISO27001 standard proves the level of processes and development that Oryx undertakes. Our strategy is focused on usability and not just to fulfill bureaucratic demands.

Acquiring the ISO27001 standard was a big project and we proved to be extremely efficient, making sure we gained the certificate in a record-breaking time. It was amazing to see how the team was effective in preparing tons of wiki pages of documentation in such a short time. We were glad to see that most of the procedures where already in place, we just needed to define them.

I am proud to say I was a part of this team.

In taking Oryx to the next level of compliance, it was obvious that we were already there, which was confirmed by the positive response from SIQ. I am proud to say I was a part of this team, along with Peter Lavrič, Peter Zorin, Simon Tomažič, Anja Rožac, Samo Jamnik and Peter Žagar!

Oryx Gaming Web Cashier 2.0: An eye candy delivering increase in deposits for online casinos

Here is a story about how we revamped a vital component of our product – web cashier – and cranked up our client’s results. It is a story about teamwork, success and our workplace culture.

Web Cashier is a product and component implemented onto a casino or sportsbook website. It handles deposits and withdrawals, supports many different payment methods, enables handling of player details, allows for limit setting and exclusions, and so much more. It is the part of the website that handles financial transactions, enables players to see what is going on with their account and to make changes such as validate their phone number, change password, convert comp points, etc.

Oryx created its own Web Cashier component, as part of its omni-channel iGaming Platform, a long time ago and it served its purpose for a long time. But time flies and industry and standards change, so it was time to create an improved version – Web cashier 2.0.

The biggest objective was to cover all needs of our users and clients, so we started with a fully customised solution for one of our major partners.

We created an improved user experience through improved UX, revamped UI design, updating existing features and by adding some new ones such as phone validation on Cash Deposit claimable bonuses. We went into details, changing colours, buttons, fields, navigation – everything to assure the best user experience as possible.

The product team went back to the drawing board back in mid-2019 and after a few months, the development had started. As Web Cashier includes a lot of functionalities, we developed in phases. We started with the most important features, like deposits, and continued with the rest – withdrawals, bonuses, player details, transaction history and game history, to name just a few.

The whole product was finished in December 2019 and rapidly launched with the first client. After the release, the client has reported an increase in the deposit rate which is a confirmation that we achieved an improved user experience that guides users through the deposit funnel. We improved deposit flow by changing the order of where we offer welcome bonuses. This increased the players’ incentive to deposit.

Our basic Web Cashier visual template is responsive and adaptable to any customer brand identity. If the client has special wishes we can adhere to that too.

For one of our clients we created and developed a very special Web Cashier version that has many eye candies and special effects. Everything from pretty colours to exploding canons after a successful deposit. It is a treat to see and use. We tracked changes in the deposit rate and saw an increase on a yearly basis.

Revamped web cashier

It is a real privilege working in a company where you get a chance to partake in such complex projects.

We are planning to have all our platform clients successfully migrated to the new Web Cashier 2.0 by the end of 2021. We are certain that this will bring an improved experience to our players across the globe. We will continue to work on improvements and new features to be added along the way.

This project demanded cross-collaboration across many of the Oryx teams including product, development, operation, design, customer support and sales. On top of that, we worked closely with our clients’ different teams. It is a real privilege working in a company where you get a chance to partake in such complex projects, but most of all, to see satisfied customers and their great results.