vinyl do you want to specify exactly how the online casino is to go forward and spy using unique machine identifiers?
I mean if a user deletes the cache and cookies, does not download any casino software, uses changing dynamic ip and yet still use different user name and password there is no way a online casino can identify it is the same user or is there?
Hence what is this going forward you are talking about
They can read the MAC address of the devices. You can only get around this by buying a new machine. It doesn't spy on users directly, but it shows that the same machine has been used in different sessions, and perhaps by different players. This is why it's a bad idea to use internet cafes to gamble online, you get a shared machine and it could be the same machine on which several other players have registered and played the same casino. The casino cannot tell that this is an internet café, as far as they know it could be a machine in someone's house who has a pile of stolen or borrowed IDs to play as several players.
They could use this to determine whether they have several different players based on IP address, or just the one machine doing it all based on the MAC.
The usual term is "one player per IP address", but this doesn't work with dynamic IP. However, if they had "one player per machine", and enforcement was done using the MAC, then players could not get around the rules by using a VPN to get a different IP address in a different location for each identity they try to use.
Of course, the final ID check is to ask the player to produce their documents. This is the hurdle that most trip up on if they are using multiple IDs.
If casinos were to allow players to use a VPN, they would have to do all the verification before the first deposit, and they could say that unless the player can satisfy the criteria, they either cannot have an account, or must not use their VPN when playing.
Poker software DOES do an awful lot of spying on a users machine, it even looks for oddities that suggest the user has tried to disguise parameters that should be open for all software to read, or whether there is something else running that shouldn't be alongside the poker client.
If one believes that deleting the cookies and cache, using dynamic IP, and not using a download client is enough to prevent any casino from spying on them, then surely they believe that they don't need the additional cost and burden of using a VPN. Therefore, if they DO still use a VPN despite these other measures, they are hiding something else.
It would be better overall if the casino software simply refused to take any bets when something like a VPN was detected, rather than only bringing this up as a reason for non payment of a withdrawal.