This invention relates to information security for gaming machine networks. More particularly, the present invention relates to protecting gaming machine transaction information stored in a database from unauthorized alteration.
Gaming machines are becoming increasingly sophisticated. Many slot machines now employ CRT video display screens in place of more traditional mechanically-driven reel displays. Further, poker and other games of chance are now commonly provided on electronic/video machines.
To control and monitor gaming machine activity, many establishments employ networks electronically linking numerous gaming machines. Frequently casinos connect their gaming machines to a local area network. Some casinos have even connected multiple local area networks to wide area networks spanning multiple casinos. Such wide area networks allow groups of slot machines at various casinos to be connected to one another for various purposes including use in xe2x80x9cprogressivexe2x80x9d games. Progressive games allow jackpots from multiple machines in multiple locations to grow as one large jackpot.
Transaction currency on gaming machines is also becoming more sophisticated. Where once only coin handling mechanisms were present on gaming machines, credit devices such as cash-out vouchers now find wide use. These credit devices electronically store user transactions and, when used in conjunction with electronic processing systems, they monitor user activity. Some casinos now issue magnetic player identification cards that players use to obtain awards for frequent playing. A player holding such card inserts it in a card reader provided on a gaming machine before he or she begins play. Accounting software on the local area network then detects the card insertion, notes the player identity and follows the machine activity. Other casinos now issue bar-coded tickets. When a player terminates interaction on a gaming machine, the gaming machine prints out a ticket, which includes the player""s final status such as the time and a cash-out value. The player then retrieves the ticket and may redeem it for credit at another game or cash it out at a change booth or a pay machine.
As mentioned, gaming transactions are now electronically stored, typically by the gaming machine network. Thus, each time a user completes a transaction on a gaming machine, the network stores the transaction information such as the time, the machine number and credit value of the device at transaction completion. When the user attempts to play another game with the credit device, the network must redeem the value of the device, e.g., for game credit. Similarly, when the user attempts redeem the device for a cash-out, the network must provide the cash value of the device. Upon redemption of the device at a gaming machine or at cash-out, the redemption value of the device is determined according to the user""s last stored transaction in the network.
Transaction information for the network is typically stored in a common location or database for consistent access by the gaming machines and casino personnel. Some casinos use conventional database management tools to store the transaction information. These database management tools generally permit open access for individuals on the network, e.g., casino personnel. Unfortunately, this open access to the database also potentially allows authorized, and even in some cases unauthorized, individuals to tamper with the transaction information. In one example, an unscrupulous person could alter the transaction amount in a database record from $10 to $100.
From the foregoing, it should be apparent there exists a need for security measures that prevent tampering of transaction information stored in a database of a gaming network.
The present invention provides systems and methods for protecting transaction information stored in a database of a gaming network. To accomplish this, a transaction signature is generated each time the user completes a transaction on a gaming machine. The transaction signature is generated using transaction information from a particular transaction. The transaction signature and transaction information are stored together in a network database. Upon subsequent access to the transaction information in the database, the transaction signature for the transaction information is recalculated based on the transaction information at that time. The new transaction signature is then compared to the transaction signature previously stored. Any differences between the two transaction signatures may be used to signal unauthorized alteration in the database transaction information.
Generating the transaction signature from the transaction information may be performed by various methods. Typically, this occurs each time the user completes a transaction with a gaming machine. In some embodiments, certain transaction attributes or elements of those attributes are encrypted to generate the transaction signature. The encryption may change over time in order to increase security of the transaction information in the database.
In other embodiments, a portable credit device such as a ticket or card is carried by the player and used during interaction with the gaming machines. Each time the user finishes interaction with a particular gaming machine, the credit device is provided to the player with some of the updated transaction information. The credit device may have a magnetic strip or a semiconductor memory, for example, to store this information. For a ticket, the transaction information may be divided into elements such as a ticket validation number, a ticket amount, a ticket print time and date, a machine identifier, a cluster controller address and a ticket status. One or more of these transaction information elements may be used to generate the transaction signature. The transaction information and transaction signature are stored together in the database.
At a subsequent time, when the transaction information is to be updated or called from the database, the transaction information and transaction signature are verified. This may occur, for example, when the player presents the credit device for redemption at another machine or at cash-out station. At that time, the transaction signature is recalculated based on the current transaction information from the device. This recalculated transaction signature is compared with the stored transaction signature in the database. If the two transaction signatures are consistent, the transaction information may be updated or accessed. At this point, the credit can be redeemed. If the two transaction signatures are inconsistent, the transaction information update or request may be stopped and further investigation may ensue. In addition to verifying the transaction signature, the transaction information may also be compared between the transaction information in the database and transaction information currently available from the device.
These and other features and advantages of the invention will be described in more detail below with reference to the associated figures.