SECURING GAMING TRANSACTIONS

Abstract

Providing tamper-evident transaction data for transactions relating to a draw or game event such as a lottery or other game of chance or skill. The transactions, individually, as a whole draw or event file, or in batches, are digitally time-stamped using a cryptographic device to create digital signatures. The resulting, signed, transaction file is capable of subsequent verification to enable detection of alteration of the transaction data and the time it was processed. The efficient time-stamping occurs quickly, does not require custom software on the gaming system, and ensures transaction integrity.

Description

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a diagrammatic view of the system architecture according to embodiments of the invention.

FIG. 2 is a diagrammatic view of the functions performed to secure the file before a draw.

FIG. 3 is a diagrammatic view of the operational process corresponding to FIG. 2

FIG. 4 is diagrammatic view of the process flow of securing the file.

FIG. 5 is a diagrammatic view of the operational process corresponding to FIG. 4.

FIG. 6 is a diagrammatic view of the process of using public service for time-stamping of transactional data.

Claims

1. A method of securing gaming transactions, said method comprising: receiving, by a computing system, transaction data from a gaming system, said transaction data representing one or more transactions created for a game implemented by the gaming system, said computing system being remote from the gaming system;calculating, by the computing system, a one-way hash of the received transaction data;digitally time-stamping the calculated one-way hash; andstoring the time-stamped, one-way hash for subsequent verification of the transactions.

2. The method of claim 1, further comprising digitally signing the calculated one-way hash.

3. The method of claim 2, wherein digitally signing the calculated one-way hash comprises running a hardware security module (HSM).

4. The method of claim 1, wherein the transaction data represents a batch of a plurality of the transactions created during a pre-defined time interval.

5. The method of claim 1, wherein digitally time-stamping the calculated one-way hash comprises: sending the calculated one-way hash to a time-stamping service, wherein the time-stamping service digitally time-stamps the calculated one-way hash; andreceiving the time-stamped, one-way hash from the time-stamping service.

6. The method of claim 1, further comprising: accessing, by an audit system, the stored, time-stamped hash; andverifying the digital time-stamp associated with the stored, time-stamped hash.

7. The method of claim 1, wherein one or more computer-readable media have computer-executable instructions for performing the method recited in claim 1.

8. A method of securing gaming transactions, said method comprising: receiving a one-way hash of transaction data from a gaming system, said transaction data representing one or more transactions created for a game implemented by the gaming system, said one-way hash being calculated by the gaming system between the closing of sales of transactions for the game and a draw for the game;defining descriptive information for the transaction data;calculating a one-way hash of the defined descriptive information and the received one-way hash of the transaction data;digitally signing the calculated one-way hash of the defined descriptive information and the received one-way hash of the transaction data to create signed data, said signed data including a time-stamp of the one-way hash of the defined descriptive information and the received one-way hash of the transaction data; andstoring the signed data for subsequent verification of the transactions.

9. The method of claim 8, further comprising logging one or more of the following: a length of a file containing the transaction data, a time-stamp of the one-way hash of the transaction data, the one-way hash of the transaction data and the length of the file, the one-way hash of the defined descriptive information and the received one-way hash of the transaction data, and the time-stamp of the one-way hash of the defined descriptive information and the received one-way hash of the transaction data.

10. The method of claim 8, further comprising: receiving, by an audit system, the transaction data from the gaming system;calculating a one-way hash of the transaction data; andverifying the signed data with the calculated one-way hash of the transaction data.

11. The method of claim 8, further comprising associating a transaction identifier with the signed data to provide access to the signed data via the associated transaction identifier, said transaction identifier comprising one or more elements each identifying the transactions.

12. The method of claim 8, wherein receiving the one-way hash of transaction data comprises receiving a plurality of one-way hashes each associated with a batch of transaction data, wherein the signed data is created for each of the received plurality of one-way hashes, and further comprising storing the received plurality of one-way hashes with the corresponding signed data in order of receipt to enable verification.

13. The method of claim 8, wherein one or more computer-readable media have computer-executable instructions for performing the method recited in claim 8.

14. A system associated with a transaction computing device, said system comprising: an interface for receiving transaction data from a gaming system, said transaction data representing a batch of transactions created for a game implemented by the gaming system;a memory area for storing the transaction data received by the interface;a computing device for computing a one-way hash of the transaction data stored in the memory area; anda digital signature means for digitally time-stamping the one-way hash, wherein the digitally time-stamped hash secures the transaction data from undetectable tampering.

15. The system of claim 14, further comprising an audit system for storing the time-stamped hash for subsequent verification of the transactions.

16. The system of claim 15, wherein the audit system is configured for verifying the transactions and communicating verified transaction data to the gaming system, said gaming system executing selection of one or more transactions from the verified transaction data.

17. The system of claim 15, wherein the audit system is located remotely from the computing device.

18. The system of claim 15, wherein the audit system is located on the computing device.

19. The system of claim 14, wherein the digital signature means generates a digital time-stamp, said digital time-stamp being created by one or more of the following: Rivest-Shamir-Adleman (RSA) encryption, digital signature algorithm (DSA), or elliptic curves signature.

20. The system of claim 14, wherein the batch of transactions represents the transactions grouped via one or more of the following: a defined time interval and a defined quantity of transactions.