PokerSec: An Online Security Firm Focusing on Online Gaming PokerSec: An Online Security Firm Focusing on Online Gaming
gerard79

idkyet

The need for increased security in online poker has never been more apparent than it is today. Scandal after scandal has rocked the online poker world. Stories of superusers, collusion, bots, and hacking have “The new organization combines the knowledge of the inner workings of many of the popular online poker clients with the years of experience in the IT security and compliance field.” become synonymous with online poker are the current push towards regulation in the US has brought these skeletons out of the closet and into the public spotlight.

In response to these recent trends PokerSec was formed. The new venture is collaboration between a poker datamining company HHSmithy and an information Security firm SeNet International Corporation. The new organization combines the knowledge of the inner workings of many of the popular online poker clients with the years of experience in the IT security and compliance field. Pokerfuse sat down with two of the founding members of PokerSec, Gus Fritschie and Kader Belbina, to find out more about their latest venture.

PokerSec is a B2B company that plans to provide services to online operators and work with regulators to provide a safer more secure environment for the online poker community. Belbina categorized the company’s range of services offered to operators as online security related to infrastructure and “the integrity of the games” from both a proactive and reactive approach.

Poker Sites

In dealings with poker sites, Belbina explained that their proactive approach encompasses more than code analysis that would detect backdoors, superuser accounts, or privacy and security issues that may be inherent in the client/server interface. Fritschie added, “we also examine the operational processes that can expose vulnerabilities associated with the use of peripheral services which could compromise the integrity of the system as a whole such as mail and web servers.”

PokerSec also plans on increasing online poker sites’ abilities to detect bots, collusion and chip dumping through the analysis of hand histories. Belbina sees the company’s reactive services being made available to those that suspect foul play as a way of giving back to the poker community.

When asked if any backlash could be expected from the poker sites as a result of PokerSec’s close ties with a datamining company – an industry viewed as “blackhat” by many online poker operators – Belbina indicated“We also examine the operational processes that can expose vulnerabilities associated with the use of peripheral services which could compromise the integrity of the system as a whole such as mail and web servers.” that reactions thus far have been positive.

On the topic of helping operators block dataminers, Belbina said, “it does not make sense for a company like PokerSec to work on a project that’s outright goal was to 'ban datamining’ because it doesn’t lead to a safer environment to play poker. What we would be more than willing to work on is things such as securing the poker client from code injection, reverse engineering and other activities which could be used in nefarious ways despite some of these techniques being used by dataminers.”

With operators already having security teams in place, convincing them that devoting additional resources to an aspect of the business that is rooted in the long-term health of the game and not in the short-term profits can be a quite challenge. Belbina see it as a matter of cost efficiency.

Hiring PokerSec requires operators to maintain “less infrastructure and they won’t have to retain their own in-house team and keep up to date with the ever evolving world of collusion and botting,” he said. “This is especially true for smaller poker rooms that hold the integrity of the game in high regard.”

Regulators

Plans are also in the works to forge relationships with regulators. “There is a lot of excitement about regulation of online poker but I never hear anyone talking about the security” Fritschie said. Take for example “the latest Nevada gaming regulation related to online poker for intrastate gaming. There is not a lot touching on security. It is more about the operational and management controls that are in place to prevent a fiasco like [Full Tilt].”

“I think if you had regulation to enforce some of these basic security controls and then you had a firm like PokerSec to audit and verify that these controls are in place so that the public can feel comfortable and “Let’s face it, online poker doesn’t have a very good track record of providing secure services.”safe playing on these sites I really think it’s a win-win situation for everybody.”

The responsibility for information security controls cannot continue to be the burden of the players alone. Considering the amount of money that people regularly hold in online poker accounts there is an overall lack of security on most sites as compared to equivalent industries in the financial sector.

PokerSec’s plans for the future go beyond just servicing regulatory bodies. “Part of our roadmap is to gain some more influence [with regulators] in order to help them tailor the regulations to make sure they include security,” Fritschie said.

Public Perception

Fritschie emphasized the online poker industry’s need for such a company. “Legitimacy is a concern for players.” Online poker operators “need to take security seriously in order to offer a fair environment to the players” and promote a positive image of the game. “Let’s face it, online poker doesn’t have a very good track record of providing secure services.”

A company whose “focus and core competency is in online gaming security should give the public confidence”, said Fritschie. “I do not believe that there are any firms that have the focused approach combined with a team of online gaming and security experts like PokerSec.”