List of UK online casinos that are not secure by default

By Stephen Kellett
15 December, 2017

This is one of several posts of the topic of security of websites. Inspired by my initial post on the security of UK banks.

The reason for splitting this data into multiple posts is to make it more manageable. So that data on one institution is not mixed with data on another type of institution.

The following key is used for the secure status:

Yes The site is secure, loaded via https
Invalid The site loads via https, but the security certificate is invalid and thus the site is
Partial The site loads via https, but loads some parts of the page without https. The site is
No The site is loaded via http, not via https.
Fixed The site is loaded via https, but at the time of first writing it was loaded via
?? We could not find a website to evaluate.

We tested 75 online casinos. We found 12 online casinos that did not have a secure home page (not https or did have https with an invalid security certificate). That is 16% of UK online casinos have security vulnerabilities.

Some of the websites shown below no longer have active links. For those websites we have listed the URL but removed the non-working link.

Casino Secure Home Page
21Jackpots No
32Red Casino Yes
50 Stars Casino No
888Casino Yes
All British Casino Yes
All Irish Casino Yes
BETAT Casino Yes
Betfred Casino No
Betsafe Casino Yes
Betspin Casino Yes
Betway Casino Yes
Bet-At-Home Casino Yes
bgo Vegas Yes
Cashmio Casino Yes
CasinoLuck Yes
Casino Kings Yes
Casino Magix Yes
Casumo Casino Yes
ComeOn Casino Yes
Carnival Casino No
Casino Cruise Yes
Casino King Yes
Casino Plex No
Casino Share No
Casino Splendido Yes Yes
Challenge Casino No
Conquer Casino Yes
Cyber Club Casino Yes
Dash Casino Yes
Dr Vegas Casino Yes
Dream Palace Casino Yes
EnergyCasino Yes
FruityCasa Casino Yes
Gala Casino Yes
GameVillage Yes
Golden Lounge Casino No
Grosvenor Casino Yes
Guts Casino Yes
Intercasino Yes
Jackpot Luck Casino Yes
Jetbull Casino Yes
Karamba Casino Yes
Ladbrokes Casino No
Magic Box Casino No
Mansion Casino Yes
Maria Casino Yes
mFortune Casino Yes
MobileWins Casino Yes
Monte Carlo Casino No
Moon Games Casino Yes
Mr Green Casino Yes
Nedplay Casino Yes
Noxwin Casino Yes
Oddsring Casino Yes
Paddy Power Casino No
PokerStars Casino Yes
Power Slots Yes
Prospect Hall Casino Yes
Spinit Casino Yes
Redbet Casino Yes
Red Queen Casino Yes
Rizk Casino Yes
Roxy Palace Casino Yes
Royal Swipe Casino Yes
SCasino Yes
Sportingbet Casino Yes
ShadowBet Casino Yes
Slotty Vegas Casino Yes
Sporting Index Casino Yes
Trada Casino Yes
Unibet Casino Yes
Vegas Paradise Casino Yes
VideoSlots Casino Yes
William Hill Casino Yes!/



Just as with wealth management, there are some big names in this list, that spend lots of money on advertising, and yet they are not secure. You cannot rely on a trusted brand name to mean that you get a secure website.

Downloading from a non secure site

One site in particular deserves a special mention. 50 Stars Casino. This is not secure, but for you to gamble with them you need to download a software package from their non-secure website and then install the software. I did download it. The download is digitally signed, but given that it’s downloading off a non-secure page, the download could, technically be anything, not necessarily the software the casino wants you to download. This is not good. Not only is the website not secure, but it could potentially attack your computer if the download is compromised.


I shouldn’t need to point this out, but i will, all the same, just to be clear.

The data provided on this page should taken at face value. If you’re not sure about something, please verify it yourself. Nothing reported here should be regarded as a criticism or an endorsement or recommendation of an organisations security effectiveness. I am simply passing comment on whether the home page (whatever that may be) is provided as https on not. Other security concerns are a separate matter.

If your organisation is listed here and is not marked as secure, your best course of action is to fix that, not to complain that someone is reporting a fact anyone with a web browser can discover. The security status of your home page is public information, albeit information that many people don’t understand.

Guest Posts

No, we are not interested in guest posts promoting casinos or gambling of any sort. This post is not about promoting casinos. It is part of a larger series of posts about online security related to firms handling your finances (whether that be your pension, banking, insurance or the less than wise activity of gambling). We’re also not interested in guest posts about finance.

Fully functional, free for 30 days