Brooding about something...

[Realitybitez]

Just a few questions, would love your guys thoughts on this:

Do you ever get nervous about all the documentation one has to send out to casinos to get out cashouts? I was just thinking, Gawd! Who knows what they're going to do with it, they could easily steal your identity with the stuff they're asking for, or use your identity for a front or something.

And why do some chat operators have the option to send the 'chat log' to your email and others dont? How are you supposed to prove anything if you dont have a copy of that chat log? Can you request a copy of that chatlog? Would they give it?

Just a thought

 

[AussieOnline]

When I first started playing online casino;s i was VERY worried about sending all my docs. I was very hesitant to do so, as the first time i played at a casino i had a decent win, and i wasnt sure if it was a scam or something, as i never new a thing about casinos and heard some horrible stories about them. In the end if i wanted my winnings i had to send the docs, so grit my teeth and wished for the best, 1 week later i got my winnings and was happy as larry. But yes ur right, i often do wonder what they could do with all our docs. IF they got into the wrong hands.

 

[Mousey]

Just a few questions, would love your guys thoughts on this:

Do you ever get nervous about all the documentation one has to send out to casinos to get out cashouts? I was just thinking, Gawd! Who knows what they're going to do with it, they could easily steal your identity with the stuff they're asking for, or use your identity for a front or something.

And why do some chat operators have the option to send the 'chat log' to your email and others dont? How are you supposed to prove anything if you dont have a copy of that chat log? Can you request a copy of that chatlog? Would they give it?

Just a thought

The good casinos take steps to see that this sort of thing doesn't happen. But... all it takes is one bad apple in the position to do this sort of thing.... The link is a couple years old, but I fear it happens a heck of a lot more than we know about. And what about all the info we (especially USA players) have given to webwallets, etc., that 'disappear'?

https://www.casinomeister.com/forums/threads/man-stole-ids-from-internet-gambling-website.25418/

Sorry I can't help with the chat logs. If CS can't send it, perhaps a quick 'Select All' and copy/paste into Notepad or something?

 

[sattty]

theres another thread going on at moment about 32red verifying players by doing a credit check for verification purposes..

i think it an excellent way to doit....it has no negative effect on ur credit file and saves on sending in docs..but i also was worried sending such docs somewhere to people i dont know in another country there has to be a better way to do it and verification through credit check is certainly a good way imho

 

[Realitybitez]

For sure. I had a certain casino (recently) that said they didn't receive my documents and I had to send them over and over again.

Then I started worrying, well if they weren't getting them, then who was? Crikeys, these are really important and private documents we are sending out.

The other side of this coin, is that they didn't have the option to have chat logs sent to one's email, so I cant prove that they said this and that, (though suspicious and paranoid person that I am) I did copy and paste on a word document the majority of conversations. Then again, what does that prove? Pasted text on a word document, doesn't prove anything in my opinion except the fact that I feel I'm really getting the run around.

Especially the 'we haven't received them' 'we haven't received them' part

Well if they didnt receive them, who did? Where are my documents.. scarey...

The good casinos take steps to see that this sort of thing doesn't happen. But... all it takes is one bad apple in the position to do this sort of thing.... The link is a couple years old, but I fear it happens a heck of a lot more than we know about. And what about all the info we (especially USA players) have given to webwallets, etc., that 'disappear'?

https://www.casinomeister.com/forums/threads/man-stole-ids-from-internet-gambling-website.25418/

Sorry I can't help with the chat logs. If CS can't send it, perhaps a quick 'Select All' and copy/paste into Notepad or something?

 

[Realitybitez]

Im not sure I'd be happy with that..

That seems like a real invasion of privacy by dipping into someones credit history. In saying that if it stops all the hassle of sending verification documents, by all means - lets do it that way

theres another thread going on at moment about 32red verifying players by doing a credit check for verification purposes..

i think it an excellent way to doit....it has no negative effect on ur credit file and saves on sending in docs..but i also was worried sending such docs somewhere to people i dont know in another country there has to be a better way to do it and verification through credit check is certainly a good way imho

 

[Seventh777]

That seems like a real invasion of privacy by dipping into someones credit history. In saying that if it stops all the hassle of sending verification documents, by all means - lets do it that way

They do not dip into your credit history, they use them to verify whom you are, there is a huge difference here, when a company checks your credit history your credit score takes a minus hit, there are other ways to verify people ie:- electoral rolls but these are very expensive and are not 100% guaranteed of having the necessary data required, long story short, being a builder I am often in a situation where I need to credit check possible customers, this is done curtsey of my sister/accountant via an agency available from the Federation of Master Builders that I belong to, and it is very thorough. If someone had used this service for checking Robert Maxwell`s credit score just before he died, they would have uncovered a once perfect score that had shot down to zero over a few days as he plundered people`s pension scheme cash to try and save his empire, for a paltry cost of £6 .

 

[Realitybitez]

Well I've decided I'd really rather go with the credit check. I have been asked 'again' to send my verification documents by a certain casino. Sending all my sensitive stuff to some casino who reckons they're not getting it, is really getting to me.

I going pass the stage of slightly frustrated to 'boiling mad' I feel like I might as well just post all my personal details all over the internet cause that's whats it feeling like. 'Its for your own security' blah blah. Whatever I bet, they wouldn't send their credit card details etc etc over and over again.

Cant understand why they are not receiving my emails considering I carbon copied them to another one of my emails and they got to that other email of mine just fine. Grrrrr!

Ok, rant over : going for a walk before I decide to blow all the winnings I got from Euro Palace (who Im in love with at the moment) back into their casino.. lol!

They do not dip into your credit history, they use them to verify whom you are, there is a huge difference here, when a company checks your credit history your credit score takes a minus hit, there are other ways to verify people ie:- electoral rolls but these are very expensive and are not 100% guaranteed of having the necessary data required, long story short, being a builder I am often in a situation where I need to credit check possible customers, this is done curtsey of my sister/accountant via an agency available from the Federation of Master Builders that I belong to, and it is very thorough. If someone had used this service for checking Robert Maxwell`s credit score just before he died, they would have uncovered a once perfect score that had shot down to zero over a few days as he plundered people`s pension scheme cash to try and save his empire, for a paltry cost of £6 .

 

[Przecinek]

Cant understand why they are not receiving my emails considering I carbon copied them to another one of my emails and they got to that other email of mine just fine. Grrrrr!

Hmm...

"In every life we have some trouble
When you worry you make it double
Don't worry, be happy......"

 

[AussieOnline]

Well I've decided I'd really rather go with the credit check. I have been asked 'again' to send my verification documents by a certain casino. Sending all my sensitive stuff to some casino who reckons they're not getting it, is really getting to me.

I going pass the stage of slightly frustrated to 'boiling mad' I feel like I might as well just post all my personal details all over the internet cause that's whats it feeling like. 'Its for your own security' blah blah. Whatever I bet, they wouldn't send their credit card details etc etc over and over again.

Cant understand why they are not receiving my emails considering I carbon copied them to another one of my emails and they got to that other email of mine just fine. Grrrrr!

Ok, rant over : going for a walk before I decide to blow all the winnings I got from Euro Palace (who Im in love with at the moment) back into their casino.. lol!

Hi, not sure if its been mentioned before, but are u sending Jpeg or PDF files? Most casino ( or all casino only accept this type of stuff ), IF u are sending this type, then please try sending 1 attachment in email at a time, a nusiance i know, but it works, i had same trouble with G.Riviera casino. I sent my documents 6 times!!!! In the end i sent 1 at a time, they finally got recieved.

 

[mattsgame]

These threads interest me a bit,

I have never been asked more than twice to provide more than just my Driver License to prove who I am.

Are most of you who are asked for more using Credit Cards? as your primary deposit methods?
and as for 32Red, they identified me through my tax file number but I would trust 32Red with the deed to my house, so that was not a problem.


Anyway, even if I was asked to provide more I would provide it... My identity is not worth stealing

 

[Realitybitez]

hmm good point! ok, I will try. Save me the frustration of been told that nope, we didnt get them send them again.. grrr

Thanks

Hi, not sure if its been mentioned before, but are u sending Jpeg or PDF files? Most casino ( or all casino only accept this type of stuff ), IF u are sending this type, then please try sending 1 attachment in email at a time, a nusiance i know, but it works, i had same trouble with G.Riviera casino. I sent my documents 6 times!!!! In the end i sent 1 at a time, they finally got recieved.

 

[Realitybitez]

I use a visa/debit card - dont use a credit card because they're just too easy too get carried away on

Actually when I was with Intercasino and 888 Poker, I was never asked for Id at all. Probably because I wanted any winnings won put right back into the card I deposited with.

That's why ever since I've been on the hunt for new casinos, its taken me totally by surprise how much ID they are wanting.

These threads interest me a bit,

I have never been asked more than twice to provide more than just my Driver License to prove who I am.

Are most of you who are asked for more using Credit Cards? as your primary deposit methods?
and as for 32Red, they identified me through my tax file number but I would trust 32Red with the deed to my house, so that was not a problem.


Anyway, even if I was asked to provide more I would provide it... My identity is not worth stealing

 

[Nifty29]

Like Matt, I have no fear of identity theft.

I have absolutely no idea who I am.

 

[Realitybitez]

hahahahha I hear ya Not only that, moneys gone as fast as it come in2 my account so cant see why anyone would hack my card

Just to end this thread, the casino in question came through though after how many days and emails back and forward, and probably wasn't until I ended up emailing the rep on this site to get everything finalized that totally speed-ed up the process but resolved it was so at present one of my favourite casinos because they came through

Like Matt, I have no fear of identity theft.

I have absolutely no idea who I am.

 

[P.V.]

Just a few questions, would love your guys thoughts on this:

Do you ever get nervous about all the documentation one has to send out to casinos to get out cashouts? I was just thinking, Gawd! Who knows what they're going to do with it, they could easily steal your identity with the stuff they're asking for, or use your identity for a front or something.
Just a thought

You should get nervous, doc requests, card info. , by unencrypted email , fax etc..

Last site I talked too said it wasn't in their business plan to provide a better way, take that for what it's worth.

Good call Realitybitez as others should fear your concerns.

 

[Jasminebed]

I've never had a request for ID from a casino that didn't at least have a rep here at CM. I use an ewallet or prepaid card to deposit and withdraw usually, although I have provided banking info to one casino which I trust to have a wire directly sent to my bank account, and banking info for an ACH transfer a long time ago with another casino.

Really, I worry more about having my purse stolen on the bus or at the mall than I do about providing info to online casinos. Mind you, I don't play anywhere that doesn't at least have a rep here. An offer of a free $10 or $25 dollars is not enough to get me to sign up at a known rogue, or a totally unknown casino.

 

[SlotMonster]

We are about to implement a functionality which will allow players to upload their documents through the casino website (we are using IOM SSL certificate for all our connections), without sending them via email. This will save us a lot of time and become more secure for players.

We are regulated by the IOM (UK), and if ANY document(s) are obtained by the 3rd party - we will be under VERY SERIOUS penalties.

As for documents requests - we MUST request them in several cases, even if we are sure that the player is 100% "legal", because we follow rules set by the IOM Gambling Commission.

ADD: I'm happy that we have strict rules, because following them helps me sleep well every night

 

[P.V.]

We are about to implement a functionality which will allow players to upload their documents through the casino, without sending them via email.

As for documents requests - we MUST request them in several cases, even if we are sure that the player is 100% "legal", because we follow rules set by the IOM Gambling Commission.

I agree that this process of providing doc's is a much better way, you'll be one in a small handful doing it.

Although, my problem with uploading additional personal information directly to the casino's server is for example, per IOM regulations all data collected through your website must be backed up on the server for a minimum of six years. I wouldn't want all my data held for this timeframe, which it will be by adding this process directly to your server per the regulations.

The data should be verified by the gaming site, approved or denied but it should be the players option to leave the data on a particular server, update as needed, or completely remove the data from a server.

They can't do this with your proposed secure upload as the data is backed up and stored daily.

I've really never understood why but if a gaming site requests a players hard documents, the player is willing to share them, then why does the casino dictate how a player provides the data. If I ran a casino I'd be willing to accept a players documents anyway the player felt comfortable sharing them.

Something else to ponder on is the growth in mobile gaming. If one of your UK players are gambling on a mobile phone while traveling and can't get to their documents stored on their home/work computer to upload if requested, this could put a long delay on the player receiving their funds until they return from the trip.

Same applies to poker players visiting Nevada. It's my understanding, if passed you don't need to be a resident of Nevada to play online poker, just visiting the state. So if I win big playing online poker while sitting in my Nevada Hotel, I'd prefer a way to send my doc's right then and get my cash asap.

I'm in the process of either making a mobile app., or just a mobile friendly website for this process in addition to the current system. Haven't decided the best way to go yet.

I do agree that you need to ask for documents, even the proposed Nevada poker regulations require internal checks during registration and hard document ID checks within 30 days of registration, or something like that.

 

[SlotMonster]

I agree that this process of providing doc's is a much better way, you'll be one in a small handful doing it.

Although, my problem with uploading additional personal information directly to the casino's server is for example, per IOM regulations all data collected through your website must be backed up on the server for a minimum of six years. I wouldn't want all my data held for this timeframe, which it will be by adding this process directly to your server per the regulations.

The data should be verified by the gaming site, approved or denied but it should be the players option to leave the data on a particular server, update as needed, or completely remove the data from a server.

They can't do this with your proposed secure upload as the data is backed up and stored daily.

Just imagine that someone got an access to player's account with all documents stored in it, with possibility to remove/update/delete or copy (steal) them. And now, having all the documents, a thief can do everything with them, for example, open fake accounts in other casinos etc etc etc. This is absolutely inacceptable.

I would like to reveal some details about our security (no specific data of course, just basic structure).

When we were "building" our security system, we had to decide how should we store players' data and their documents. We tried to discuss every possible problem or data breach, and finally took into a conclusion that we should use PCI-DSS. For those who don't know what is this - here is the link:

You do not have permission to view link Log in or register now.

(you can replace "cardholders data" with "players data" to see what we do).

If you take a look on "Requirements" section - I would like to point your attention to #9 and 10

#9 - all players' data are stored on dedicated server in locked room, and no one but Security officer have an access to it. And even more, even he can't do it alone, because it's possible to open this room only using TWO keys (and of course, another key could be provided only upon request, can't tell you who stores another one). There are also few cameras on this room, and we store video records for 3 months.

#10 - only few computers have an access to players' data, and all these computers located in dedicated subnetwork with two DMZs "above" it. For those who don't know what does it mean - here is another link:

You do not have permission to view link Log in or register now.

. Only authorized personnel have an access to these computers.

Sorry, there is no much I can tell about the whole "system", but we tried to reach the TOP level of security (see my post about possible penalties above).

I've really never understood why but if a gaming site requests a players hard documents, the player is willing to share them, then why does the casino dictate how a player provides the data. If I ran a casino I'd be willing to accept a players documents anyway the player felt comfortable sharing them.

I will be happy to discuss any idea about alternative ways.

Something else to ponder on is the growth in mobile gaming. If one of your UK players are gambling on a mobile phone while traveling and can't get to their documents stored on their home/work computer to upload if requested, this could put a long delay on the player receiving their funds until they return from the trip.

We are flexible. If you are on a trip - OK, it means you have documents with you (at least passport or driver id). Make a photo using your mobile phone and send it to us or upload using mobile version of the website.

And I still think if you could send/upload a photo of yourself, holding your passport or any ID - IMO this is the best way to verify a player. But well, we already discussed it in the other thread started by me

 

[lettingyouknow]

Terrible Idea Only if you are serious about your credit!!!!!

theres another thread going on at moment about 32red verifying players by doing a credit check for verification purposes..

i think it an excellent way to doit....it has no negative effect on ur credit file and saves on sending in docs..but i also was worried sending such docs somewhere to people i dont know in another country there has to be a better way to do it and verification through credit check is certainly a good way imho

Having been in Mortgage Banking and working for the Big Banks which includes running credit checks for 30 yrs, this idea is TERRIBLE!!!! Every time anyone runs your credit it shows as a credit INQUIRY. These Inquiries are the First place I would go to see your character and where you are at in your life at present. If you have Credit inquiries, (Inquiries and EVERYONE who checks your credit shows on your report).

 

[lettingyouknow]

Inquiries affect your credit

Showing that a CASINO just ran your credit is a sure fire way to destroy your credit. I will bet (no pun intended) that the Underwriter looking at your future credit for a home loan will think twice if she/he sees a Casino ran an inquiry, on your credit report.

Banks etc will tell you "Oh, it is only an inquiry, it won't effect your credit" we call it in the industry a SOFT credit hit not hard hit. The list of ALL Inquiries ran on your credit will show whether you opened a loan or not. It absolutely brings down your Credit Score!!!!!!!!!

Also keep in mind that most Banks not only look at the credit score they look at the inquiries to see where you are at in your life at present. If they see a credit inquiry for a jewelry store and then another one for a Jaguar and oh another one for a Casino all in the last 6 months and now you are applying for a home loan?

DO NOT ALLOW ANYONE TO RUN YOUR CREDIT without your knowledge first, and second always be aware that credit inquiries ALWAYS effect your credit score. The number of inquiries will bring down your credit score.

Also bill collectors go to your credit report first to track you down, so if you have moved changed addresses phone numbers, etc want to leave something behind and want to start over etc. anyone telling you this information is only for us, we do not share it with anyone, is a LIE.

Everyone running your credit has to enter your CURRENT INFO address phone etc to even pull up your report, once they have your credit report in hand anyone else bill collector etc can also come behind that inquiry and find your RECENT phone and address etc.

 

[P.V.]

When we were "building" our security system, we had to decide how should we store players' data and their documents. We tried to discuss every possible problem or data breach

I'm sure your system is secure, like mine, I wasn't implying this. I can't imagine someone getting hold of a players documents either and this is why I've been discouraging the process of online casino's requesting personal information via unencrypted email , fax and mail. You're obviously on the right track.

I was pointing out the fact that IOM regulations requires you to save this information in your server for a min. of six years, I wouldn't want that no matter how secure the system. Example: If a player opens an account, uploads their doc's to your casino, closes the account you'll still be holding their information for at least six years. UK DSA states - (Where sensitive personal data is concerned, it is particularly important to make sure you collect or retain only the minimum amount of information you need.)

It's the IMO regulation requirement which you can't avoid. So even though you've taken steps to help your staff and player security, I can't support it being done through the casino server.

Under the UK Data Security Act, if a UK player for example asks for an (SAR) subject access request, players can ask to see information being held on computer and some paper forms and I'm assuming servers too. This might cause a problem for you too if people should start asking for information on them being held in your system five or six years down the road.

 

[P.V.]

Just imagine that someone got an access to player's account with all documents stored in it, with possibility to remove/update/deleteThis is absolutely inacceptable.

I should have pointed this out in my previous post, maybe you'd like to expand on the quote about players having access to remove/delete or update their own documents.

As outline in the US - EU Safe Harbor Act it's in fact a requirement for this process. I know you're not offering services to the US but the procedure is common and a requirement.

Access

(Individuals must have access to personal information about them that an organization holds and be able to correct, amend, or delete that information)
So actually it's not anomalous to offer this type feature to a person in a secure encrypted, password protected environment as maybe your suggesting, not sure.

I commend you Viktar at looking for better and more secure solutions but if you want to keep it all in house I'd suggest keeping it separate from the casino sever and building this function on another dedicated sever not under the control of IOM regulations as suggested.

This is my personal opinion as I've researched this stuff endlessly, I do have an interest in this area.

I feel contented in saying when OC's start requesting more personal data uploaded to their offshore gaming servers than just the data captured during registration, you're going to be required to supervene more data protection guidelines.