"When the stakes are high, it pays to go to great lengths to ensure that
software is implemented with proper considerations for security and safety". - Matt Schmid, Cigital,
Inc.
All communications between our client software running on players’ computers and
our servers is encrypted. It is important to note that strictly speaking, encryption by itself does not
guarantee privacy.
For example, a site where the pocket cards of all the players are transferred
to everybody is not secure regardless of encryption. That is why we have spent a lot of effort designing our
security system and policies.
Security Highlights
Software Download:
The first point at which security becomes an important factor is when the client
software is downloaded from the Poker Website. We must ensure that the client software is downloaded
unmodified. To address this requirement, we built the following features into the download process:
For Internet Explorer the validity of downloaded executable is verified by the
browser using our key and Thawte certificate
For other browsers we use 128-bit encryption and a Thawte server certificate to
protect our HTTPS web server & download
Playtime security
We have a number of built-in features to ensure the security of the game
itself:
Our client software uses certificates issued by our own Certificate Authority
to authenticate our servers.
Our certificate key is 128-bit encryption.
Our client software uses the industry standard SSL protocol. It is configured to
use RSA for authentication and key generation for encryption. No private data, such as pocket cards, is ever
transferred to other players.
Collusion
Collusion is a secret agreement between two or more parties for a deceitful
purpose, and it includes passing money back and forth to another player through playing.
While on one hand it is easier to pass information between colluding players
in online poker than it is in brick & mortar rooms, it is much more difficult to avoid eventual detection
as the cards for all players can be examined later on.
No matter how sophisticated the collusion is it must involve the play of a
hand that would not be played as it was without collusion. Our detection methods will catch unusual play
patterns and warn the game monitors, who will then make a thorough manual investigation. We will also
investigate all players' reports about suspected collusion.
If any player is found to be participating in any form of collusion, their
account will be permanently closed.