The present invention relates generally to the field of gaming systems and more specifically to system for user authentication for verifying that a gambler is located within a geographical area in order to allow remote access to a casino betting system.
Conventional systems for user authentication are generally well known. A user authentication system verifies whether a person or device attempting to access or perform a transaction with a host computer system is a person or device entitled to access, most host computer systems require the person or device to provide information confirming identity.
Conventional user authentication techniques have been based on, for example, on requesting information the user knows, an object the user possesses, and a personal characteristics, the most common being information known only to the user. Examples of such information include passwords (or pass-phrases) and personal identification numbers (PINS). Cryptographic methods for authentication (including one-time passwords and challenge response protocols) also fall into this category when implemented in software or hardware. Here, the information possessed by the user is either a code key, or more likely, a PIN or password that provides access to the key (which is typically a user unfriendly random bit stream). For example, the keys used with Pretty Good Privacy (PGP) are stored in files encrypted under user-selected pass phrases.
Examples of authentication using objects the user possesses include access tokens, physical keys, smart cards, PCMCIA cards and other hardware devices, including cryptographic devices and one-time password generators. Dial-back mechanisms also fall within this category. With dial back mechanisms, the possessed object is a phone line with a specific number. Cryptographic devices are typically used with PINs to control activation of the devices. For example, the Fortezze PCMCIA cryptographic card requires a 4-digit PIN for activation.
Examples of personal characteristics include biometric characteristics including finger and thumb prints, hand geometry, voice prints, retinal scans and keystroke patterns. Handwritten signatures fall into this category, although they might also be used viewed as based on information the user knows.
One conventional technique utilizes the client's geodetic location (latitude, longitude and height) as the basis for initial registration of the client and for subsequent log-in authorizations for access to a host computer network or other protected enclave. Disadvantageously, such conventional user authentication techniques do not allow or provide for authorization when such authorization is based upon the client's location within a predefined geographical area in order to remotely access a sports book. More specifically, this issue arises gambling geographical areas such as the State of Nevada. Many Nevada casinos include sports books where gamblers may place bets on various sporting events and other types of events. Many sports books allow gamblers to place bets via telephones. However, the laws generally require the telephone calls to be made within the legal jurisdiction of the casino.
Recently, the Nevada Gaming Control Board mandated that all new and existing systems must now include a method for ensuring that all telephone wagers take place within the state of Nevada. Telephone-only based systems for allowing the placement of bets is no option since such system cannot determine the location of the user. Even if the location of users can be determined, it is relatively easy to defeat such systems. In addition, the aforementioned authentication methods generally will not be helpful in ensuring that the gambler is placing a telephone call from within the state of Nevada.
Therefore there is a need to resolve the aforementioned disadvantages of conventional authentication systems particularly with regard to remote access to gambling systems and the present invention meets this need.