Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Dictao traceability solution for i gaming operators in spain and newly regulated markets

2,370 views

Published on

Dictao provides technical compliance software (as a Product or as a Service) to online gaming operators on all regulated markets, including France (ARJEL), Denmark (SKAT) and Spain (CNJ).

Dictao compliance software includes data traceability systems, electronic vault, and player registration, as well as strong user authentication solutions.

In France, Dictao provides 12 online gaming operators with an ARJEL-compliant eVault that secures more than 21 billion transactions per year.

This positions Dictao as the trust solution provider of choice in the international online gaming community.

In Denmark and Spain, Dictao looks forward to streamlining online gaming operators' capabilities to be 100% compliant, enter their markets first, and benefit from proven, cost-efficient and scalable solutions.

To learn more about Dictao and its online gaming solutions, please visit www.dictao.com or contact Grégory Kuhlmey at +33 1 73 00 26 81 / gkuhlmey@dictao.com

  • Be the first to comment

  • Be the first to like this

Dictao traceability solution for i gaming operators in spain and newly regulated markets

  1. 1. Traceability Solution for iGaming operators on newly regulated European markets Asensi Abogados - Business Breakfast Workshop Madrid ! September 8th, 2011 DICTAO 152, avenue Malakoff 75116 PARIS, France +33 1 73 00 26 00Copyright Dictao 2011 www.dictao.com 1
  2. 2. Agenda Regulation and traceability Impact of traceability requirements on technical architecture !"#$%&( offering Case: Spain ! Technical requirements ! Gaming system architecture ! Central Gaming Unit ! Internal Control Unit ! Dictao offering & requirements coverage Pricing principles Benefits Company presentation Copyright Dictao 2011 2
  3. 3. European markets introduce traceability as theyregulate Regulators see transaction traceability as key to achieve ! Tax control ! Anti money laundering ! Fight against fraud A core constraint in current EU markets ! )$%*+,--./0,%12,/345)(,#61$7%*"862,(+($69,:;<<=>, ! ?7%1#6,-@A5B0,C?7&1$%*,:;<D<> ! !619%7E,!4-0,C/-?5,:;<DD> ! /F%"1,GHA0,C/6#I76,!%$%J%(6,:;<DD> ! 4766#6,4/GG0,C/IF67K"("&1,%12,G&1$7&*,)L,/+($69, (2011 M est.) Expected in the next EU markets Q (I) AAMS: Amministrazione autonoma dei monopoli di Stato Q (II) ARJEL: Autorité de Régulation des Jeux en Ligne ! 4679%1+N,H6$O67*%12(N,@&9%1"%N,P,, Q (III) DGA: Danish Gaming Authority Q (IV) CNJ: Commission Nacional del Juego Q (V) GSCC: Games of Chance Supervision and Control Commission Copyright Dictao 2011
  4. 4. Traceability requirements are complex, and increase costs andtime Each jurisdiction requires distinct and specific : Core Gaming Platforms ! Data formats Capturador ! Server location .DK .FR .GR ! Backup location Proxy .ES ! Certifications ! Secure storage ! Data retention policies Capteur ! Language ! P This wide diversity ! Increases go-to-market and running costs ! Slows down new regulated market projects ! Mobilizes resources Copyright Dictao 2011 4
  5. 5. Traceability made simple A single partner for every regulation Operator platform ! For all jurisdictions that do not Casino Sports Poker impose a central system book ! For all games Focus on gameplay rather than traceability ! We are regulation and traceability experts Dictao ! Only extract your data ! We manage traceability data storage and download by the local regulator DGA ARJEL GSCC CNJ Copyright Dictao 2011 5
  6. 6. Spain: Technical requirements Implement a monitoring and supervision system (Internal Control System) Gaming events and transactions must be stored in real-time in a vault on Spanish soil The regulator CNJ must have real-time access to the vault Software, Hardware and Organization used to perform gaming activities must be audited by an approved third-party test lab Specific security audit on the most critical modules ! Player personal information, RNG and system computing game outcomes Player « blacklists »: Compulsive players by CNJ, and operator-managed list Responsible Gaming Copyright Dictao 2011 6
  7. 7. Gaming system architecture Central Game Unit CNJ Game Platform (Player management, Payment Player Info "#"$%&"()**%""(+,-"./ Internal Control Game software System (Sportsbook(0,1%2(345-,./ Capturador Random number generator Secure Supervision Vault Copyright Dictao 2011 7
  8. 8. Central Gaming Unit (CGU 1/4) Can be located outside of Spain Disaster recovery plan to recover all data Secondary site to ensure business continuity CNJ access to the Central Gaming Unit: remote and on-site Strong authentication Traceability of all access and configuration changes Intrusion detection Physical security of the premises Copyright Dictao 2011 8
  9. 9. Player registration and authentication (CGU 2/4) .ES website Geolocalization of players. Spanish IP addresses must be redirected to .ES website Registration using ! Electronic National ID (DNIe) ! Electronic certificate ! Physical documents onsite or via fax/email « Blacklists » ! CNJ system for age verification and banned player list (RGIAJ) ! Operator-managed listing owners, executives, spousesNP Authentication with login and secure password Privacy and data protection Copyright Dictao 2011 9
  10. 10. Gameplay (CGU 3/4) Spending limits (daily, weekly, monthly) ! Deposits ! Bets ! Increases effective after 7 days, limited to 50% Interface showing at all times: ! Clock and timer indicating duration of play ! Account balance ! Total amount wagered ! Winnings of previous game Information on game rules, prizes and theoretical chances of winning in Spanish Temporary self-exclusion Link to CNJ website to register as compulsive player Robots OK to fill multiplayer tables if clearly identified as such to other players Access to game history Copyright Dictao 2011 10
  11. 11. Random number generator (CGU 4/4) Hardware based Software based Statistical audits Scaling and mapping Copyright Dictao 2011 11
  12. 12. Gaming system architecture Central Game Unit CNJ Game Platform (Player management, Payment Player Info "#"$%&"()**%""(+,-"./ Internal Control Game software System (Sportsbook(0,1%2(345-,./ Capturador Random number generator Secure Supervision Vault Copyright Dictao 2011 12
  13. 13. Internal Control System (ICS 1/5) Equipment to capture and store all gaming operations and economic transactions between a Spanish player (on Spanish soil or Spanish account) Operator can accept stakes only if ICS is available For all sales channels Standardized file format and structure ICS redundancy: Main and backup system both on Spanish soil Remote and on-site access by CNJ Time synchronized with Spanish official time Copyright Dictao 2011 13
  14. 14. Standardized file format (ICS 2/5) Player records (« DP ») Game records (« JU ») ! RegistroJugador ! RegistroJuegoPoker ! Cash Session records (« SE ») ! Tournament ! RegistroSesiones ! RegistroJuegoApuestas ! Fixed Odds Sports Movement records (« MO ») ! Fixed Odds Horses ! RegistroMovimientos ! Pool Sports ! Pool Horses Balance records (« SA ») ! Pool other ! RegistroSaldos ! RegistroJuegoBlackJack ! RegistroJuegoRuleta Totals records (« TO ») ! RegistroJuegoBingo ! RegistroTotalesJugadoresCenso ! RegistroJuegoConcurso ! RegistroTotalesCuentasResumen ! RegistroTotalesCuentasDetalle Copyright Dictao 2011 14
  15. 15. Periodicity (ICS 3/5) File generation as events happen ! Player records (« DP ») ! Session records (« SE ») ! Movement records (« MO ») ! Game records (« JU ») File generation on request and periodic ! Balance records (« SA ») ! Totals records (« TO ») Copyright Dictao 2011 15
  16. 16. Movement types (ICS 4/5) Movement records trace all financial transactions between following account types: ! Deposits ! Operator ! Player ! Game ! Other operators Each financial movement must be traced with an « MO » record Copyright Dictao 2011 16
  17. 17. Record storage in secure vault (ICS 5/5) Main site and backup site located on Spanish soil Digital signature to seal the records (XAdES BES 1.3.2) Timestamp using approved TSA (RFC3161) Encrypt the records (AES256) Ensure regulator real-time access via secure channel Backup data for 6 years Copyright Dictao 2011 17
  18. 18. 64*$),7" offering Operator platform Vault Sports Other ! Located on Spanish soil CRM Poker book game ! Sign the records ! Timestamp using approved TSA ! Encrypt the records Dictao Time- ! Generate aggregated reports Format Sign stamp Encrypt Geoloc. records records records records ! Ensure regulator real-time access Store ! Backup data for 6 years Generate game Publish Backup reports records data history ! Batch records API CNJ ! Format records Sign. Decryption verification ! Store game history Player Info Replay SFTP game access Copyright Dictao 2011 18
  19. 19. Optional Regulatory helpdesk In addition to the vault service, !"#$%&( compliance offering includes a regulatory helpdesk The helpdesk provides: ! A workshop to walk through the technical regulation requirements ! A checklist to measure coverage of the technical requirements ! Answers to your compliance questions with guaranteed turn-around time ! Advice regarding technical architecture Copyright Dictao 2011 19
  20. 20. Timeline 2012 September October November December January Commercial LOI Contract Negotiation Capturador design & development Build & Test Kick-off Dictao integration Go-live deployment Production Hardware sourcing Installation & Load tests configuration Technical project file License Licence request Licence grant Certification Copyright Dictao 2011 20
  21. 21. Compliance service pricing principles Aligned with &F67%$&7( metrics: based on volumes Service subscription and country packages Fixed service subscription Measure previous Following First year years fee to access the year actual volumes compliance service for a market Select appropriate Use fee based on operator package forecast of volumes and most suitable package We reward long-term and broad relationships with our customers ! Discounts for multi-year commitments ! Discounts for multi-jurisdiction commitments Copyright Dictao 2011 21
  22. 22. Benefits (1/3) Guaranteed compliance We keep close relationships with local regulators Compliance with current regulations ! Our solution was the first one approved by ARJEL (French regulator) ! We offer a Denmark-compliant vault today Continuous compliance with future regulations ! Our solution will adapt to comply with future local regulation requirements ! Our solution will implement modifications of the current regulations Copyright Dictao 2011 22
  23. 23. Benefits (2/3) Flexibility Business model flexibility ! Software license: operator integrates and operates the service ! Software as a Service (SaaS): Dictao hosts and operates the service on behalf of the operator ! Managed service: Dictao operates the service hosted in &F67%$&7(,premises Integration flexibility ! Standard Webservices API ! Managed test environment ! Connection link ! over the internet ! over dedicated leased line Technical flexibility ! Scalable : from a few to several thousands of events per second ! Reliable: high availability (>99.99%) and multiple sites Copyright Dictao 2011 23
  24. 24. Benefits (3/3) Cost-effectiveness Low investment costs ! The solution is based of existing in-house products ! The development costs are spread across multiple customers ! The SaaS platform shares infrastructure Low recurring costs ! One dedicated compliance team operates the vaults of several customers ! Evolutions in regulation included Copyright Dictao 2011 24
  25. 25. Dictao, the trust architect Dictao is a software company since 2000 and employs 100 people Dictao is specialized in 3 areas: ! Data traceability ! Strong authentication ! Electronic signatures Dictao products power mission-critical applications across multiple sectors ! Gaming, banking, industry, defense, government, P Dictao products are certified EAL3+ by the French Network and Information Security Agency (ANSSI), by Visa and MasterCard and are approved in Germany by the Bundesnetzagentur 25
  26. 26. For more information, please contact : Gregory Kuhlmey gkuhlmey@dictao.com +33 1 73 00 26 00 +33 6 42 15 62 49 (mobile) www.dictao.comhttp://www.dictao.com/en/solutions/jeux-en-ligne

×