Discovered a potentially serious security flaw with Ace Kingdom this morning. The site runs on a completly unsecure connection even when logged in and depositing.
Have tested with various tools (and probes) and there is no SSL certificate issued for *.acekingdom.com and the credit card processing page is not encrypted until it is transferred to Verified by Visa for final processing. Worryingly it displays personal information including previous card details via HTTP!
Furthermore, although the IP addresses match genuine PlayTech game servers, all games on the site also run unsecure - which is very unusual these days.
Be very careful with site and if you have deposited here previously might be worth checking for any fraud!
(Ace Kingdom is licensed by the British Gambling Commission and by the Government of Gibraltar)
Have tested with various tools (and probes) and there is no SSL certificate issued for *.acekingdom.com and the credit card processing page is not encrypted until it is transferred to Verified by Visa for final processing. Worryingly it displays personal information including previous card details via HTTP!
Furthermore, although the IP addresses match genuine PlayTech game servers, all games on the site also run unsecure - which is very unusual these days.
Be very careful with site and if you have deposited here previously might be worth checking for any fraud!
(Ace Kingdom is licensed by the British Gambling Commission and by the Government of Gibraltar)