Information Security in Online Gambling
Some online gamblers express concerns about the security of their information when gaming with Internet casinos on Windows PCs and other devices. To create an account, sites may require sensitive personal information such as birthdays to ensure all players are of legal age. Games with cash prizes must have methods for accepting credit card or bank information, as well as a way to transfer winnings from one financial institution to another. Online gambling benefits from developments in both authentication and encryption widely used by many trusted services, like computerized banking.
Authentication Methods
Multi-factor authentication is a common method for securely identifying a user. It requires the sharing of information from two or more categories of the following factors: knowledge, possession, and biometrics. Because biometrics employs costly and difficult data gathering, such as fingerprinting and retinal scans, it is not as common as the other two factors. Identity based on knowledge and possession is a relatively old form of authentication, found in transactions like ATM visits.
Authentication based on the two factors of knowledge and possession is also called two-factor authentication, or TFA. The knowledge factor represents some piece of information the user knows, such as a password. The possession factor is something the user has either ownership of or rightful access to. For an ATM, the knowledge factor is the bank patron’s PIN number, and the possession factor is their physical bank card. When the user shares information from both factors, access is granted to the account. When you play poker online, there is no way to physically hand over a possession. In this case, virtual tokens represent the possession. Cookies created on a PC, verification numbers on a credit card, or SMS messaging to a mobile phone are examples of common tokens that authenticate a user’s possession.
Most online gamblers make their passwords out of easy to remember words, phrases, or dates. Hackers can often crack these passwords because they come from common patterns. The information tokens possessions used by PCs, however, are more highly randomized. This is why 2-factor authentication is more secure than passwords alone.
Encryption Methods
Information tokens related to the possession factor of two-factor authentication can be stolen, however. When a site is hacked, crooks can copy verification files and use these to collect user data, such as gambling site cookies on a Windows web browser. Increasingly, Internet casinos and other sites are relying on encryption to cover the weaknesses of authentication.
Advancements in processor speed and number generation allow computers to encrypt their information in long random number sequences. Unlike the pool of six to eight digits used in passwords by people, these number strings are infinite in length. Additionally, those involved with financial transactions–like winnings from online gambling–take advantage of quantum technology. Computers do not send encrypted information as many independent digits, but the entire number as a single piece. When hackers attempt to break this form of encryption, the encryption state forces them to break the number string itself to translate it, meaning the information they get is no longer whole but garbled.