The latest twist in the GeoComply lawsuit against Xpoint concerning a geolocation patent involves a scathing third-party report on Xpoint.
On Monday, GeoComply submitted in federal court a 16-page PowerPoint reportedly written by yet-to-launch sportsbook Out The Gate. The deck is attributed to COO Lee Terfloth, who joined OTG in February 2022 and helped launch four online gambling sites in New Jersey, according to the biography on a former employer’s website.
However, an OTG representative said Terfloth did not perform the analysis and his name only appears as the owner of the deck.
GeoComply’s lawyer came into possession of the document during a pre-suit investigation over the summer.
“… if the information that we have found in the application becomes public, it could be damning for the gaming industry, Xpoint, the [New Jersey Department of Gaming Enforcement] and any operator that utilizes their technology,” the report stated in its conclusion.
GeoComply subpoenaed Out The Gate to turn over all conversations, documentation and software regarding Xpoint to support its patent infringement suit over geolocation technology filed in September. Out The Gate submitted its objection to those subpoenas.
GeoComply & Xpoint comment
GeoComply says it remains confident in its case:
“As we shared at the outset of this action, we are confident in the merits of our case, and that has not changed. GeoComply welcomes healthy competition and new ideas, allowing the market to distinguish leading solutions and technologies from others. However, respecting the valuable intellectual property that companies like ours spend considerable time, effort, and money developing is essential. We look forward to this matter working through the court process to validate our claims. We don’t have additional comments on this matter at this time.”
Xpoint CEO Marvin Sanderson, meanwhile, noted “flaws” in GeoComply’s latest motion:
“We continue to believe this lawsuit is an unjustified attempt to stifle competition in the marketplace. We believe the case lacks merit and have asked the court to dismiss the complaint with prejudice. We will respond to the flaws in GeoComply’s latest motion in the court rather than in the media.”
Out The Gate comment
Out The Gate, which is partnered with Ocean Casino to offer online sports betting in New Jersey, and the SPIRE Institute for mobile and retail betting in Ohio, commented in a document shared by President Joe Brennan, Jr. on Twitter:
“OTG reviewed publicly-available information about both Xpoint and GeoComply when deciding which geolocation company to use. When we prepared our analyses of both companies, we did not have access to either Xpoint or GeoComply source code.
“The internal analyses we developed on both companies identified areas of concern with each of their geolocation platforms.
“When we shared our report with Xpoint, they promptly addressed all our concerns to our satisfaction. Their responsiveness, in addition to the performance of their platform and having been licensed and certified by New Jersey and other states to provide geolocation services to their regulated gaming markets, is why we chose Xpoint over GeoComply to be our provider.
Xpoint not ready for US, report says
Based on the investigation and testing, OTG said the technology and implementation are not ready for the regulated US market.
That claim is supported by Xpoint breaking its own product, keeping unnecessary ports open that could serve “nefarious products” and potentially including malware in the build.
“If OTG is the first operator to go live with their product, and it is discovered that we have these deficiencies, the headlines will not be about Xpoint, they will be about OTG,” the presentation said.
It suggested Xpoint “may initially pass the muster of the NJDGE, as their testing practices have recently led to a number of issues.”
Xpoint is currently partnered with Sporttrade and Mojo in New Jersey, according to GeoComply’s filings.
Report calls out Xpoint technology
Out The Gate’s investigation into Xpoint’s technology used three platforms: an iOS device, a Windows desktop and a MacOS desktop. Combined, those three platforms account for 83% of the regulated US market’s traffic, according to the report.
On all platforms, Xpoint’s end user license agreement states Xpoint can track location even when the app is not open. That is a “major flag,” with the report noting GeoComply does not have the same practice.
That location tracking is not in compliance with Apple‘s developer guidelines and could lead to apps being removed and banned from the App Store, according to the report.
Customer data collection ‘of concern’
The report called out three instances of customer data collection noted in Xpoint’s privacy policy at the time:
- Marketing and promotional communications, though email marketing includes an opt-out option.
- Targeted advertising.
- Ignoring do-not-track features. Since there is no uniform technology, “we do not currently respond to DNT browser signals.”
“These particular items are of concern, as they specifically indicate that the customer information will be shared with other companies and in turn, different companies (including competitors to us) will be advertised to them,” it wrote. “We are unsure if this has been caught yet by regulators, but this is absolutely not acceptable.”
Did Xpoint copy GeoComply code?
According to the report, Xpoint’s code mimicked GeoComply and appeared to copy code from another company.
“The big concern about directly copying the code, is that GeoComply hold patents on their technology,” the report wrote. “Should GeoComply become aware of the copying of their product, they could issue a cease and desist, which would require Xpoint to potentially shut down their product.”
Implementation issues, too
The tester never had a “reasonable experience” with the Xpoint technology during testing and listed two issues.
First, Xpoint was taking up 30% or more of CPU resources on the MacOS. There was also a “significant delay” between opening the app and placing a bet, though that delay is not quantified.
There were two videos linked in the PowerPoint to demonstrate the issues but both links are now dead. Another issue was that both Windows and MacOS identified Xpoint as malicious software.
Xpoint offered Hard Rock a stake
The report included a suitability review and an anecdote from Terfloth’s time working with Hard Rock Atlantic City online gaming:
“At Hard Rock, we were offered 10% of the company to submit their product to the lab, in 2019. Why are they willing to give up so much to get live?”
It also called into question why Xpoint has been around for multiple years but has never launched a client.
“Considering the simpler requirements in Colorado, Arizona and Ontario, why has this product never gone live?”
More suitability concerns
The report added a couple of other suitability concerns toward the end of the presentation.
- Mary O’Donnel, chief technology officer at Xpoint, was with a company called Xanadu that helped build a peer-to-peer platform for Matchbook. While she was there, Matchbook had its license suspended by the UK Gambling Commission for multiple violations, according to the report.
- It examined the Github submissions of one of Xpoint’s developers, Dmitry Yolkin. It appears the work he did before joining Xpoint is at the core of Xpoint’s technology with the GeoComply code “bolted on.” That likely accounts for why the Xpoint application is eight times bigger than GeoComply, he added.
- Xpoint lists a Florida address that is associated with hundreds of LLCs, “all associated with Russian members,” it said. That led to “a significant rabbit hole of LLCs and other dubious businesses.”