List of UK online casinos that are not secure by default

By Stephen Kellett
15 December, 2017

This is one of several posts of the topic of security of websites. Inspired by my initial post on the security of UK banks.

The reason for splitting this data into multiple posts is to make it more manageable. So that data on one institution is not mixed with data on another type of institution.

The following key is used for the secure status:

YesThe site is secure, loaded via https
InvalidThe site loads via https, but the security certificate is invalid and thus the site is
PartialThe site loads via https, but loads some parts of the page without https. The site is
NoThe site is loaded via http, not via https.
FixedThe site is loaded via https, but at the time of first writing it was loaded via
??We could not find a website to evaluate.

We tested 75 online casinos. We found 12 online casinos that did not have a secure home page (not https or did have https with an invalid security certificate). That is 16% of UK online casinos have security vulnerabilities.

CasinoSecureHome Page
32Red CasinoYes
50 Stars CasinoNo
All British CasinoYes
All Irish CasinoYes
BETAT CasinoYes
Betfred CasinoNo
Betsafe CasinoYes
Betspin CasinoYes
Betway CasinoYes
Bet-At-Home CasinoYes
bgo VegasYes
Cashmio CasinoYes
Casino KingsYes
Casino MagixYes
Casumo CasinoYes
ComeOn CasinoYes
Carnival CasinoNo
Casino CruiseYes
Casino KingYes
Casino PlexNo
Casino ShareNo
Casino SplendidoYes
Challenge CasinoNo
Conquer CasinoYes
Cyber Club CasinoYes
Dash CasinoYes
Dr Vegas CasinoYes
Dream Palace CasinoYes
FruityCasa CasinoYes
Gala CasinoYes
Golden Lounge CasinoNo
Grosvenor CasinoYes
Guts CasinoYes
Jackpot Luck CasinoYes
Jetbull CasinoYes
Karamba CasinoYes
Ladbrokes CasinoNo
Magic Box CasinoNo
Mansion CasinoYes
Maria CasinoYes
mFortune CasinoYes
MobileWins CasinoYes
Monte Carlo CasinoNo
Moon Games CasinoYes
Mr Green CasinoYes
Nedplay CasinoYes
Noxwin CasinoYes
Oddsring CasinoYes
Paddy Power CasinoNo
PokerStars CasinoYes
Power SlotsYes
Prospect Hall CasinoYes
Spinit CasinoYes
Redbet CasinoYes
Red Queen CasinoYes
Rizk CasinoYes
Roxy Palace CasinoYes
Royal Swipe CasinoYes
Sportingbet CasinoYes
ShadowBet CasinoYes
Slotty Vegas CasinoYes
Sporting Index CasinoYes
Trada CasinoYes
Unibet CasinoYes
Vegas Paradise CasinoYes
VideoSlots CasinoYes
William Hill CasinoYes!/



Just as with wealth management, there are some big names in this list, that spend lots of money on advertising, and yet they are not secure. You cannot rely on a trusted brand name to mean that you get a secure website.

Downloading from a non secure site

One site in particular deserves a special mention. 50 Stars Casino. This is not secure, but for you to gamble with them you need to download a software package from their non-secure website and then install the software. I did download it. The download is digitally signed, but given that it’s downloading off a non-secure page, the download could, technically be anything, not necessarily the software the casino wants you to download. This is not good. Not only is the website not secure, but it could potentially attack your computer if the download is compromised.


I shouldn’t need to point this out, but i will, all the same, just to be clear.

The data provided on this page should taken at face value. If you’re not sure about something, please verify it yourself. Nothing reported here should be regarded as a criticism or an endorsement or recommendation of an organisations security effectiveness. I am simply passing comment on whether the home page (whatever that may be) is provided as https on not. Other security concerns are a separate matter.

If your organisation is listed here and is not marked as secure, your best course of action is to fix that, not to complain that someone is reporting a fact anyone with a web browser can discover. The security status of your home page is public information, albeit information that many people don’t understand.

Fully functional, free for 30 days