Bonus-abuse we maliýe goragy

1) Bonus-abuse näme we näme üçin bu maliýe meselesi

• Göni ýitgiler: bonus bahasy, mugt spins, promo-fees/FX, CB/Refund.
• Metrleriň ýoýulmagy: artyk AR/MAU, ýalan upliftler.
• Töleg töwekgelçiligi: "karuseller" depozit → çekiş, chargeback-farming.
• Ygtyýarnama töwekgelçiligi: RG/KYC/AML, misleading promotions.

2) Hyýanatçylykly peýdalanmalaryň taksonomiýasy (patternler)

1. Stacking - bir adama/öý hojalygyna/enjamyna/töleg belgisine birnäçe bonuslar.
2. Net-deposit loops - bonus üçin goýum → iň pes nyrhlar → pul çykarmak ýa-da çarjbek.
3. Hedging/Arbitrage - töwekgelçiligi "ýapmak" üçin özara baglanyşykly bazarlarda/oýunlarda jedeller.
4. High-RTP cherry-picking - diňe WR-e goşan goşantlar bilen taýtly oýnamak.
5. Method arbitrage - arzan depozit usuly → gymmat/çalt çykaryş koridory.
6. FX-arbitra - depozit bilen yzyna almagyň arasyndaky walýuta hümmetiniň tapawudy baradaky çaklamalar.
7. Multi-accounting - enjamlary/torlary/töleg serişdelerini gaýtadan ulanýan klonlar.
8. Çargeback farming - bonus oýny, soňra jedel/çarjbek arkaly goýumy yzyna gaýtarmak.
9. KYC-evasion - SoF/SoW maksatly aýlanyp geçmek, ýurdy çalyşmak (VPN/Proxy/SIM).

3) Maliýe goragy (policy core)

ND (Net Deposits) -gate: 'ND ≥ 0' (ýa-da 'ND ≥ θ') bosagasynda gatnaşmak/tölegler.
Same-method/Return-to-source: ND möçberine çenli pul çykarmak - diňe depozit çeşmesine.
Payout-locks: WR-ni ýerine ýetirmezden we düzgün bozmalary barlamazdan ozal işjeň bonus bilen yzyna almagy gadagan etmek/çäklendirmek.
WR & Contribution%: oýnuň kategoriýalary boýunça aç-açan oýnamak düzgünleri (BONUS-ONLY ýa-da BONUS + DEPOSIT) we agramy.
Max bet WR-de: absolýut ýa-da bonusdan paýyň çägi (mysal üçin, '5 EUR' ýa-da ' 10% bonus').
One-per constraints: по person/household/device/payment_token.
Game/risk exclusions: "frispinleri satyn almak", jekpotlar, adatdan daşary ýokary RTP atlary.
"Velocity caps": goýumlaryň/pullaryň/şowsuz tölegleriň ýygylygyna çäklendirmeler.
Rolling-reserve/holdbacks: hyzmatdaşlarda/submerchantlarda we ýokary töwekgelçilikli oýunçylar üçin ätiýaçlandyryş buferi.
FX-syýasat: grant bonusyna reference rate ýazmak; payout edilende slippage gözegçilik etmek.

4) Töwekgelçilik signallary (töleg we özüni alyp baryş)

Payment: BIN-geo ≠ KYC-ýurt, ýygy-ýygydan soft-declines, yzly-yzyna täze bellikler, kart/gapjyk, belli "ýokary töwekgelçilikli" emitentler.
Device/Network: device-graph umumy IP/ASN/VPN/hosting hasaplaryna gabat gelýär.
Behavior: diňe high-contrib oýunlary, min-depozitden soň derrew çykmak, WR-düzgün bozmalary gaýtalamak.
Geo: KYC ≠ IP ≠ SIM, anomal geo-tizlik.
Docs: şübheli KYC/POA/SoF (pes hilli, şablonlar, reuse).
FX: "gowşak" walýutadaky goýumlar, "güýçli" walýutadaky netijeler, wagtlaýyn ýokary spread.

Töwekgelçilik-skoring: çyzykly model/GBM, bloklar boýunça (Payment/Device/Behavior/Geo/FX), step-up üçin bosagalary kalibrlemek (KYC/Liveness/SoF) we deny.

5) Düzgünleriň arhitekturasy (policy engine)

Idempotentlik: grantyň bir gezeklik payment_token/household/device.
"Depozite çenli" düzgünleri: GEO/KYC/ND/one-per boýunça eligibility.
"Goýumdan soň" düzgünleri: grantyň işjeňleşdirilmegi, max bet, WR, game-mix, taýmer.
"Netije" düzgünleri: same-method, ND-bölmek, SoF/SoW step-up, hold/deny.
Audit: düzgünleriň görnüşi, sebäpler, evidence (şikaýatlar we düzgünleşdiriji üçin).

6) Playbook hadysasy

1. Abuse wave (stacking): bu kampaniýanyň grantlarynyň haýal etmän freeze, WR sanamak, saýlama SoF, token bending/households.
2. Chargeback surge: 3DS-step-up açmak, same-methody berkitmek, PSP netijelerine we ätiýaçlyklaryna hold artdyrmak.
3. FX-arbitra: cross-walýuta netijelerini wagtlaýyn çäklendirmek we spread-guard girizmek.
4. Method arbitrage: ND-negatiwler üçin "gymmat" koridorlary ýapyň, diňe çeşmä gaýtaryp bermegi öz içine alyň.

7) Hukuk, RG we gizlinlik

Terms & Promo T&C: Çekautda gysga wersiýa, doly - profilde; lokallaşdyryldy.
RG: öz-exclude/çäklendirmeler - bonuslar elýeterli däl; cooling-off aktiw grantlary ýatyrýar.
KYC/SoF: Maglumatlary azaltmak, aç-açan razylyklar, retenşn-syýasatlar, DPA.
Sanksiýalar/ygtyýarnamalar: ýurtlaryň ak sanawlary, belli bir ýurisdiksiýalarda mahabatyň görnüşlerine gadaganlyklar.

8) Maglumatlar we model (iň az)

sql
-- Игрок и атрибуты риска risk.player_signals (
user_id PK, risk_score NUMERIC, nd_total NUMERIC, nd_30d NUMERIC, nd_7d NUMERIC,
kyc_level TEXT, geo_ip TEXT, geo_kyc TEXT, geo_sim TEXT,
device_hash TEXT, household_id TEXT, payment_token_last TEXT,
fx_profile JSONB, updated_at TIMESTAMP
);

-- Гранты бонусов и прогресс/нарушения bonus.grants (
grant_id PK, promo_id, user_id, deposit_tx_id, currency,
bonus_amount NUMERIC, granted_at TIMESTAMP, expires_at TIMESTAMP,
status TEXT -- ACTIVE    FORFEITED    COMPLETED    EXPIRED    FROZEN
);
bonus.wr_progress (
grant_id, user_id,
turnover_slots NUMERIC, turnover_tables NUMERIC, turnover_live NUMERIC,
turnover_total NUMERIC, required_total NUMERIC, updated_at TIMESTAMP
);
bonus.violations (
id PK, grant_id, user_id, type TEXT, severity TEXT, details JSONB, occurred_at TIMESTAMP
);

-- Нетто-депозиты и разрез по методам finance.net_deposits (
user_id, currency, nd_total NUMERIC, nd_by_method JSONB, updated_at TIMESTAMP
);

-- Выводы и причины hold/deny payout.requests (
payout_id PK, user_id, method TEXT, currency TEXT, amount NUMERIC,
nd_snapshot NUMERIC, same_method_ok BOOLEAN, risk_score NUMERIC,
status TEXT, reason_code TEXT, created_at TIMESTAMP, decided_at TIMESTAMP
);

9) Pseudo-DSL düzgünleri

yaml policy: "bonus_abuse_v4"
eligibility:
geo_whitelist: [DE, AT, FI]
kyc_min: L1 nd_min: 0 one_per: [person, household, device, payment_token]
deny_if:
- sanctions_hit == true
- risk_score >= 0.85 grant:
max_bet_amount:
EUR: 5 wagering:
base: BONUS_ONLY multiplier: 30 contrib:
slots: 100 tables: 25 live: 10 game_exclusions: [JACKPOT, BUY_BONUS]
controls:
payout_lock: UNTIL_WR_DONE same_method: true allow_nd_withdrawal: true fx_spread_guard_bps: 80 method_arbitrage_block: true escalations:
- if: nd_7d < 0 then: "deny_new_bonus"
- if: device_household_overlap >= 2 then: "manual_review"
- if: cb_rate_30d > 0.8% then: "hold_payout_48h"
audience:
exclude_segments: ["self_excluded", "high_risk_bin"]

10) SQL şablonlary

10. 1. ND-gate we same-method

sql
SELECT r.payout_id,
(nd.nd_total >= 0) AS nd_non_negative,
(t.method = r.method AND t.payment_token = r.payment_token) AS same_method_ok
FROM payout.requests r
JOIN finance.net_deposits nd ON nd.user_id = r.user_id AND nd.currency = r.currency
JOIN dw.transactions_flat t ON t.tx_id = (
SELECT deposit_tx_id FROM bonus.grants
WHERE user_id = r.user_id AND status IN ('ACTIVE','COMPLETED')
ORDER BY granted_at DESC LIMIT 1
)
WHERE r.status='PENDING' AND r.created_at BETWEEN:from AND:to;

10. 2. Household/device overlap

sql
SELECT suspect.user_id, base.user_id AS overlap_with, suspect.device_hash, suspect.household_id
FROM risk.player_signals suspect
JOIN risk.player_signals base
ON suspect.user_id <> base.user_id
AND (suspect.device_hash = base.device_hash OR suspect.household_id = base.household_id)
WHERE suspect.updated_at > now() - INTERVAL '30 days';

10. 3. Max-bet we game-mix bozulmalar

sql
SELECT b.user_id, b.grant_id,
SUM(CASE WHEN b.amount > l.max_bet_amount THEN 1 ELSE 0 END) AS maxbet_viol,
100.0 SUM(CASE WHEN game_category='slots' THEN b.stake ELSE 0 END)
/ NULLIF(SUM(b.stake),0) AS slots_share_pct
FROM dw.bets b
JOIN bonus.session_limits l USING (grant_id, user_id)
WHERE b.placed_at BETWEEN:from AND:to
GROUP BY 1,2
HAVING SUM(CASE WHEN b.amount > l.max_bet_amount THEN 1 ELSE 0 END) > 0
OR 100.0 SUM(CASE WHEN game_category='slots' THEN b.stake ELSE 0 END)
/ NULLIF(SUM(b.stake),0) >:one_game_share_max;

10. 4. Çargeback-post-bonus gözegçilik

sql
SELECT method,
10000.0 SUM(is_chargeback::int) / NULLIF(COUNT(),0) AS cb_bps_14d
FROM risk.outcomes o
JOIN dw.transactions_flat t USING (tx_id)
WHERE o.occurred_at BETWEEN (CURRENT_DATE - INTERVAL '14 days') AND CURRENT_DATE
AND EXISTS (SELECT 1 FROM bonus.grants g WHERE g.deposit_tx_id=t.tx_id)
GROUP BY method
ORDER BY cb_bps_14d DESC;

10. 5. Mahabatda FX-slippage

sql
SELECT g.promo_id,
SUM(fx_effective - fx_reference) 10000.0 / NULLIF(SUM(amount_reporting),0) AS fx_slippage_bps
FROM dw.transactions_flat t
JOIN bonus.grants g ON g.deposit_tx_id=t.tx_id
WHERE t.settled_at BETWEEN:from AND:to
GROUP BY 1;

11) KPI we daşbordlar

Abuse Rate: düzgün bozmalar/derňew bilen grantlaryň paýy.
WR Completion % / Time-to-WR (p50/p95).
ND Gate Hit% we gatnaşyjylaryň arasynda ND <0 paýy.
Çargeback After Bonus (bps )/PSP/geo.
Paýlamak Hold Share we orta TAT çözgütleri.
Mahabat/walýuta boýunça FX Slippage (bps).
Promo Liability (passiw) we Breakage%.
Household/Device Overlap Index (toplama).

12) Alertler we bosagalar

Abuse Spike: рост `violations/100 grants` > X d/d.
CB Surge Post-Bonus: cb_bps_14d/geo> bosagasy.
ND Negative Share ↑: ND <0 paýy yzyna almak üçin arzalaryň arasynda> Y%.
Max-Bet Burst: düzgün bozmalaryň köpelmegi> marka/title bosagasy.
FX Anomaly: slippage_bps> walýuta jübüti boýunça çäk.
Household Bloom: enjamlaryň/salgylaryň täze uly topary.
Policy Drift: düzgünleriň/razylyklaryň kesgitlenen wersiýasy bolmadyk grantlar.

13) UX-patternler (konwersiýalary "ýakmazdan")

Goýumyň ekranynda şertleriň gysga kartoçkasy (min dep, WR, max bet, same-method).
WR-progress-bar + möhlet, kategoriýalara goşant.
ND/netijeleriň düşündirişi: "Arassa goýumlaryň möçberine çenli - diňe çeşmä".
Ýumşak step-ups: Signal boýunça SoF/selfi; aç-açan möhletler.
Şikaýatlar: resminamalaryň çek-sanawy bilen "jedel etmek" düwmesi.

14) A/B-gorag synaglary

'nd _ min', 'max _ bet', 'WR multiplier/base', 'one _ per' -strategies, 'fx _ guard'.
Guardrails: CBR bps, Abuse Rate, AR/Take-Rate, Payout TAT.
Usulyýet: GEO/BIN/usul boýunça gatlaklaşdyrmak, pre-özüni alyp baryş boýunça CUPED, SV/netijelere yza galmak.

15) Girizmegiň çek-sanawy

• ND-model we usullar boýunça kesme; same-method/return-to-source в payout.
• Promo DSL + düzgünleri tassyklaýjy, wersiýalar we audit.
• Max bet, WR, contrib%, exclusions; velocity çäkleri.
• Device/household graph; BIN-geo/FX profilleri.
• Töwekgelçilik-skoring + step-ups (KYC/SoF) we deny-bosagasy.
• Netijelerde we PSP-de mehanikanyň Hold/Reserve.
• KPI daşbordlary we alertler; wakalaryň pleýbuklary.
• Hukuk tekstleri (ýerli), RG-geýtlar, razylyk we retenşn.
• SLA bilen şikaýat we el bilen karar bermek prosesi.
• A/B berk garrails we data-friz bilen.

Jemleme

Bonus-abuse-den netijeli goramak gadaganlyklaryň toplumy däl-de, ulgamdyr: ND-gözegçilik we töleglerde same-method, berk WR/max-bet we contrib%, Payment/Device/Behavior/FX signallary, step-ups-dan töwekgelçilik skoring, aç-açan UX we kanuny arassalygy. Şeýle yrym göni ýitgileri azaldýar, P & L-ni durnuklaşdyrýar we wyiousdanly oýunçylar üçin dogruçyl tejribäni saklaýar - artykmaç sürtünme we "ýalan täsirler" bolmazdan.