Remote and gambling software technical standards
| |
|
Gambling software and remote operating licence holders
(including ancillary remote betting licence holders) are required
to comply with the Gambling Commission’s technical standards and
requirements relating to the timing and procedures for testing.
This requirement is set out in Condition 2 of the
Licence
conditions and codes of practice - consolidated December 2011.
What are the remote gambling and software technical
standards?
Remote gambling and software technical standards - August
2009 details the
specific technical standards and the security requirements that
licensed remote gambling
operators and gambling software operators need to meet.
The remote technical standards (RTS) comprises the
following:
- RTS including information provision requirements.
- Security requirements.
Technical standards
The technical standards cover:
- customer account information
- displaying transactions
- rules, game descriptions and the likelihood of winning
- time-critical events
- result determination
- result determination for play-for-fun games
- generation of random outcomes
- auto-play functionality
- skill and chance games with auto-play
- interrupted gambling
- limiting collusion/cheating
- financial limits
- time requirements
- responsible product design
- information provision (Annex A).
Security requirements
We have based the security requirements on the relevant
sections of Annex A to the ISO/EIC 27001: 2005 standard. A
full copy of the British Standards can be obtained from BSI
Customer Services (cservices@bsigroup.com).
The security requirements detail information security standards
with the aim of ensuring that operators have appropriate controls
in place so that customers are not exposed to unnecessary risks
when choosing to participate in remote gambling.
The requirements apply to:
- electronic systems that record, store, process, share, transmit
or retrieve sensitive customer information - for example,
credit/debit card details, authentication information, customer
account balances
- electronic systems that generate, transmit, or process random
numbers used to determine the outcome of games or virtual
events
- electronic systems that store results or the current state of a
customer’s gamble
- points of entry to and exit from the above systems (other
systems that are able to communicate directly with core critical
systems)
- communication networks that transmit sensitive customer
information.
Testing strategy for compliance with remote gambling and
software technical standards
The
Testing strategy for compliance with remote gambling and software
technical standards - August 2009 details:
- what we would normally consider to be the types of testing
required in order for us to be satisfied that the technical
standards are being met
- who we consider appropriate to carry out that testing
- the procedures for testing.
It discusses the testing strategy for
assessing compliance with the
Remote gambling and software technical standards - August
2009.