Security and Game Integrity
The measures that we take to safeguard our players combined with the security we build into our games make The Stars Group brands the most trusted in the industry. Millions of players choose us because we provide the very best online experience available in a fair and honest environment. This is a real passion for everyone at The Stars Group.
All our games and the technology that supports them are regularly and independently assessed by the most robust international gaming regulators in the world, and backed by teams of more than 300 Security and Game Integrity professionals. These teams utilise proprietary fraud management systems 24 hours a day to prevent malicious activity, track game play, and reduce financial risk.
Ensuring that our desktop software is downloaded in its intended and unmodified form is the first critical step in protecting the integrity of our games. The installer executable file is signed using an RSA 2048-bit code-signing certificate that was issued to The Stars Group by VeriSign. This is a public certificate authority which can be validated using your web-browser and ensures that the desktop client came from the software publisher. It protects the desktop client installer from alteration between the point of publication and later installation on your machine.
Registration, Verification and Validation
The registration process is central to preventing players who are not of legal age from being able to participate in any real money activity on all licenses. It is also the first opportunity to identify any intent to abuse our systems. Players are required to show they are over the applicable legal age to play real money online poker in their respective jurisdiction. The exact requirements for how a player completes account validation varies by license and market. The Stars Group strives to maintain full compliance in every jurisdiction.
AML and Fraud
The Stars Group employs stringent rules, alerts and limits to review and reduce risks of fraud, money laundering or terrorist financing, making money-laundering very hard to achieve. These include game protocols and screening processes at onboarding, KYC processes and rigorous analysis of fund movement. All real-money players across the group are screened within 24-hours using World Check to ensure we have no player on a global sanction or terrorist watch-list.
Every one of the millions of daily transactions which occur on our platforms is parsed through our Global Security systems. Those that trigger on pre-formulated rulesets are manually reviewed by dedicated investigators. Those rules draw upon the attributes of the individual transaction as well as past transactions, account history, technical account attributes, player profile and behaviour.
The Security teams use other in-house rule engines that analyse the movement of funds, post-deposit, to search for inconsistencies with good play. This analysis will consider possible chip dumping, bonus abuse, compromised accounts, big winners and losers, and other items to maintain the integrity of our platforms and games. The source of funds for all transactions is also reviewed to protect potentially vulnerable players. This is always uppermost in our consideration.
Account Sharing is a form of cheating wherein a player uses more than one account to deceive other players either to gain an anonymity advantage, misuse the Late Registration feature in tournaments or bypass restrictions placed on accounts. This is unique to online gaming and something we counter using state-of-the-art tools and detection methods. These protect honest players and safeguard the integrity of our site without compromising the player experience.
Third Party Tool Policy
We have an in-depth policy designed to clearly outline our rules pertaining to third-party tools as well as set a balance between fairness, enforceability and clarity. These rules were created in consultation with players, staff and software developers and have been adapted over time to suit the changing gaming and software environments. If a tool is detected on our system, we will typically seek to first educate and warn players against its use. In rare cases, if players persist, we may go as far as to bar them and confiscate their funds for redistribution to victims of unfair play, as is permitted under our terms of service.
Collusion is a form of cheating in which two or more players signal their holdings or otherwise form a partnership to the detriment of other players within a game. Every single hand dealt on PokerStars is recorded and can be examined after play using our sophisticated detection methods which run 24/7. Every unusual play pattern and player report is thoroughly and manually investigated by our expert security personnel. If any player is found to be colluding with others, his or her account may be permanently closed and funds redistributed to affected players.
We take pride in ensuring that the brains behind an account belong to a human and not a computer, analysing every one of our accounts in three main areas: interaction with our software, detection of computer set-ups, and the way our players play poker. We also cross reference our data-base of billions of hands to determine how individual accounts play in comparison to known bot profiles. Every potential risk is investigated. Flagged accounts are quarantined and subjected to a series of sophisticated Turing tests to ensure a safe and level playing field for every player.
Our desktop client software uses the certificates issued by our own Certificate Authority (CA) to authenticate our servers. Our desktop client software uses the industry standard SSLv3 protocol. We are currently using a 2048-bit RSA key, which according to RSA is sufficient until 2030. We support the following ciphers: AES128-SHA (128 bits) and DES-CBC3-SHA (168 bits). No private data, such as pocket cards, is ever transferred to other players except in accordance with the game rules and all client input is validated server-side.
Shuffling the deck
A fair and unpredictable shuffle algorithm is critical to our software. Two independent hardware sources of truly random data work together to keep our poker games fair.
- Quantis: a true hardware random number generator developed by Swiss-based company ID Quantique, which uses quantum randomness as an entropy source.
- User input: thousands of random variables generated by human interaction with our desktop client software, including mouse-movement and events timing.
Our Random Number Generator (RNG) has successfully been tested to generally-accepted industry standards for highly-regulated jurisdictions by Gaming Laboratories International (GLI). See here to read the Certification of Integrity. To read more about the PokerStars shuffle and Random Number Generator, click here.