Skip to main content

Vote Integrity: How We Prevent Manipulation

What we actually do, and what we don’t, to keep community rankings honest.

Last updated: May 2026

Vote Integrity in Plain English

  • Casinos cannot buy ranking boosts, and votes and Bayesian weighting drive the public scores.
  • Anonymous voting keeps participation easy, so abuse checks focus on rate limits, duplicate signals, and manual review.
  • Small vote bursts have limited ranking impact because the formula pulls low-sample scores toward the sitewide prior.
  • Suspicious activity can still require human review, especially when browser signals are incomplete.

How Voting Works

CasinoRankr rankings are determined by community votes, not editorial opinion or advertising spend. Here is what happens when you vote:

  1. Your browser receives an anonymous account (no email, no login required)
  2. You upvote or downvote a casino
  3. Your vote is stored with a database-enforced constraint: one vote per account per casino
  4. The casino’s score is recalculated using a Bayesian average
  5. Rankings update in real time

How We Prevent Duplicate and Automated Voting

Multiple layers work together to make manipulation expensive and detectable:

Database-Level Uniqueness

A hard constraint in the database prevents any account from voting twice on the same casino. This is not application logic that can be bypassed. It is enforced at the database level.

Tiered Rate Limiting

We enforce behavior-based rate limits at multiple levels: per-account voting frequency, network-level hard caps, and account/network velocity checks. These limits reduce automated abuse, but they do not prove a vote came from a unique person.

CSRF Protection

Vote requests are validated against cross-site request forgery using cookie security attributes and origin header verification. This prevents third-party sites from submitting votes on behalf of visitors.

Input Validation

Every vote request is validated for correct format, valid casino references, and proper vote types before processing. Malformed requests are rejected immediately.

When We Challenge or Block Activity

When voting behavior exceeds normal patterns, we escalate in two ways:

Fail-closed design: If our rate limiting infrastructure becomes unavailable in production, the system denies all vote requests rather than allowing unprotected voting. We chose safety over availability.

For category-level vote totals and sample-size labels, see the community vote statistics dataset.

Manual Review

Automated systems catch volume-based attacks but can miss sophisticated manipulation. CasinoRankr reviews vote-integrity signals when:

  • A casino’s ranking changes significantly in a short period
  • A community member reports suspicious activity
  • A casino operator disputes their ranking position
  • Internal metrics flag unusual patterns in voting metadata

Manual review uses privacy-limited voting signals, ranking movement, rate-limit events, and community reports. Public reports stay aggregate-only and do not disclose user-level records, browser identifiers, network addresses, or detection thresholds.

Statistical Safeguards

Even if some fraudulent votes get through, our scoring formula limits their impact:

Bayesian Average

Every casino’s score is calculated using a Bayesian weighted average - the same approach used by IMDB for movie rankings. New casinos with few votes are pulled toward a neutral average. This means:

  • A casino with 3 perfect votes scores lower than one with 50 votes averaging 4.5
  • Manipulating a ranking requires sustained, large-scale voting, not a one-off burst
  • Established casinos with many votes are highly resistant to small manipulation attempts

Aggregate anomaly log

May 2026 vote-integrity report

This section is intentionally aggregate-only. It explains what CasinoRankr can publish publicly today and where the vote-integrity log is still not validated for release.

Suspicious vote bursts reviewed

Not yet published

Not yet published

Rate limits and integrity controls exist, but reviewed-burst counts are not yet published as a monthly aggregate.

Votes removed or suppressed

Not yet published

Not yet published

Vote suppression/removal actions are not yet published as a monthly public aggregate.

Listings affected

Not yet published

Not yet published

CasinoRankr has not yet published a durable aggregate count of listings affected by vote-integrity actions.

Manual review outcomes

Reviewed and left unchanged

Not yet published

Manual-review outcomes are not yet published as separate aggregate counts.

Reviewed with action taken

Not yet published

Future reports should count aggregate vote removals, suppressions, or ranking-impact actions here.

Reviewed, inconclusive

Not yet published

Future reports should count reviews where evidence was insufficient for a public action claim.

No paid ranking influence

Casino partners, affiliate relationships, sponsorships, and advertising do not change community vote totals, Bayesian weighting, or vote-based ranking order.

Privacy and security boundary

Public anomaly reporting is aggregate only. CasinoRankr does not publish user-level records, browser identifiers, network addresses, or detection thresholds.

Published limitations

  • One anonymous account is not necessarily one real-world person.
  • Aggregate anomaly counts are not yet published because the monthly event log is not validated for public release.
  • Community votes are directional sentiment signals, not proof of safety, legality, payout reliability, licensing, or player outcomes.
  • Rate limits, CAPTCHA challenges, duplicate checks, manual review, and Bayesian weighting reduce low-effort manipulation but do not prove perfect fraud prevention.

Limits of Our System

No anti-fraud system is perfect. We believe being transparent about our limitations is better than pretending they don’t exist.

Cookie-Based Identity

Anonymous accounts are tied to browser sessions. Clearing cookies and revisiting creates a new account. A determined individual could vote multiple times by repeatedly clearing state.

No Account Verification

We do not require email, phone, or social login to vote. This is a deliberate tradeoff: lower friction means more participation, but also lower certainty that each account represents a unique person.

Rate Limits Are Imperfect

All rate limiting depends on behavior patterns. An attacker who votes slowly from many different networks could stay below automated detection. This is why we combine automated limits with manual review and statistical dampening.

Pattern Detection Is Manual

We do not currently run automated algorithms that detect coordinated vote surges or geographic anomalies. Pattern detection is done manually by reviewing voting metadata. Automated anomaly detection is on our development roadmap.

Report Suspected Manipulation

If you believe a casino’s ranking is being manipulated, either inflated or suppressed, we want to hear from you.

Frequently Asked Questions

Can a casino pay to boost its ranking?

No. Rankings are determined entirely by community votes processed through a Bayesian average formula. We earn revenue through affiliate links, but affiliate relationships have zero influence on vote-based rankings. Our methodology page explains the full algorithm.

What happens if I suspect a casino is manipulating votes?

Email antispam@casinorankr.com or post in our Discord #integrity channel with the casino name and what you noticed. We investigate every report and respond within 72 hours.

Can someone vote multiple times for the same casino?

The database enforces a hard constraint: one vote per anonymous account per casino. Clearing cookies can create a new account, which is a known limitation of low-friction anonymous voting.

Why don't you require email verification to vote?

We chose low-friction anonymous voting to maximize participation. Requiring email would reduce vote volume significantly and create a barrier for casual users. We compensate with rate limiting, CAPTCHA challenges, and Bayesian weighting that dampens the effect of small-volume manipulation.

How does the Bayesian average prevent manipulation?

Every casino's score is pulled toward a prior average (4.0 out of 5) until it accumulates enough votes. A casino with 3 perfect votes scores lower than one with 50 votes averaging 4.5. This means manipulating a ranking requires sustained, large-scale voting, which triggers our rate limiting.

Do you publish data on votes you've removed?

We publish all-time community vote totals and a public anomaly-log section on this page. Vote-removal, suppression, listing-impact, and manual-review outcome counts are not yet published as validated monthly aggregates.

← Full MethodologySee Our Rankings →Back to Home
CasinoRankr logo