Calling for a security alliance

All reputable online poker companies employ security staff, both to protect the company's interests by preventing fraud, and to guard players' interests by thwarting collusion, multi-accounting and bot use in the games. Effective security measures can save you money, boost player satisfaction and trust, and safeguard your reputation.

However, there is a major problem with the current status quo. Say your security team has a major breakthrough, and catches a ring of colluders. It's a huge case that has taken hundreds, maybe even thousands, of man hours to reach a conclusion. As a company, you've spent a fortune on developing tools to catch collusion rings like this one and training expert staff to use them. You confiscate the colluders' money, and return it to the players. Perhaps you chip in some of your own money to meet any shortfall in the compensation.

That's great. Unfortunately, the colluders don't go to court to be sentenced. Instead, they simply learn from their mistakes, and move on to one of the many other sites, equipped with a more advanced strategy for avoiding detection. They continue to cause harm to players and to the industry - the only difference is they are doing it somewhere else.

When you go to a shop to buy a DVD, you don't buy two copies of the same movie. When you go to get your hair cut, you don't get it done twice by two different hairdressers. When you pay an affiliate commission for sending you a new player, you don't pay them twice. It's one of the most obvious rules in business - you don't pay for the same thing more than once. And yet this is what happens in the online poker industry every single day, because you are paying to catch cheats and fraudsters that have already been caught and barred by other operators.

Learning from casinos

In the brick and mortar casino industry, information on cheats and other undesirables is shared among operators, either through lists of unwelcome players supplied by the local regulator, or through a commercial service such as that provided by Griffin Investigations (Las Vegas' famous 'black book'). It may be that a particular cheat or fraudster has never set foot in your casino before, but using this shared information, you can identify and catch them before they are able to cause any harm.

In policing, information on known criminals is shared between different police forces, through organisations such as Interpol. If a criminal commits fraud in the UK, they can't simply run to France or the US and start over with a clean slate. They'd be arrested by the authorities and returned to face the music. There are now 188 Interpol member countries that have come to realise they are better off working together in this way. Like the world's police forces, we are stronger together. Those within the poker industry should put aside their differences on security issues.

If we share information about known cheats and fraudsters - such as user IDs, IP and MAC addresses, hardware identifiers, suspicious VPNs (virtual private network) and colocation servers, geographical trends, as well as the actual cheating techniques used - then we, like casinos in Las Vegas, can catch undesirables before they cause any harm. I am not suggesting we build another bureaucracy, but I do feel that an independent security alliance, comprising expert members from each of the operators that wishes to participate, is the best way to accomplish this goal.

The authority can disperse information on new detection techniques, best practice, and information about trends in fraud and other security issues between its members, and can run as a not-for-profit organisation. An independent authority can also provide an escalation point for high profile cases where players feel they have been treated unfairly, and provide a greater scope for peer review of complex fraud, collusion or bot use scenarios.

Avoid the traps

It's easy to fall into the trap of seeing security as a competitive advantage. After all, if your security is stronger than your competitor's, then they will tend to lose a greater proportion of their revenue to fraudsters and cheats, which has knock-on effects in how much money they can devote to competing in other areas such as new acquisitions and player retention.

Also, a site with poor security doesn't do its reputation any favours and may lose some more discerning customers as a result. You might also think that because there are so many operators, each with very different numbers of players, that the bigger sites would contribute a disproportionately large amount of information to the security alliance compared to smaller operators.

That may be true, but the amount of quality, useful information is what really counts. Site A may have ten times as many players as site B, but it would certainly not have ten times as many fraudsters because fraudsters are much more likely to play on multiple sites compared to a typical player. So the information contributed by site A would not be ten times as useful to the security alliance.

Further to this, any fraudsters that were caught by site B would be very likely to also target site A, or have targeted it in the past, simply due to its size. So a healthy compromise is reached, with a single piece of site A's information of a lower quality than site B's, but site A providing more information than site B to redress the balance. I think it's important to recognise that we are all interconnected and that our actions have a ripple effect throughout the industry.

Every poker operator depends on others for a certain amount of its success. When one operator breaks into a brand new market in a previously untapped area of the world, every other operator benefits (though perhaps not to the same degree) from the new surge of interest in that region. Conversely, when there is a huge scandal in the industry, every operator is damaged, regardless of their involvement. I think we can agree that all poker operators were harmed significantly when the 'superuser' scandals affecting the UltimateBet and Absolute Poker brands were publicised.

Saving millions

Improving our trustworthiness and each player's feeling of security is of paramount importance to attracting new players and retaining existing ones. By launching a security alliance, we would send a strong message to cheats and fraudsters that their time was up, and companies that took part would enjoy a significant boost both in PR and in player trust.

This wouldn't be the first time that we've worked together as an industry. We've worked together on responsible gaming issues, through organisations such as GamCare. We've worked together on the US legal situation, and on defining regulatory frameworks in emerging markets such as Italy, France and Estonia. So why not work together on an effective response to security issues? We are an industry that deals with colossal amounts of cash, so you never know when it might save you a million dollars or two.