§ 461a.20. Server supported slot systems.

 (a)  A slot machine licensee may utilize a server supported slot system that complies with the minimum design standards and the submission, testing and approval requirements of § §  461a.2—461a.7 and 461a.26.

 (b)  A server supported slot system must:

   (1)  Be capable of verifying that all component programs on the slot machine server are authentic copies of Bureau of Gaming Laboratory Operations approved component programs.

   (2)  Automatically verify the authenticity of the copies every 24 hours. A program used to verify the authenticity must reside on the slot machine server and be securely loaded from nonalterable media.

   (3)  Provide a visual notification identifying the invalid program if an error is detected.

 (c)  The slot machine licensee shall generate, and make available to Board staff, a report detailing the outcome of each automated verification including notifications identifying any invalid programs.

 (d)  Administrator access to server supported slot systems require the presence and participation of at least two departments. Dual access may be achieved using split passwords, dual keys or other suitable method. The slot machine licensee shall specify in its internal controls under §  465a.2 (relating to internal control systems and audit protocols) the two departments that have administrator access to the system and the method by which access will be achieved.

 (e)  A technical field representative shall be notified of the installation and loading of software on an approved slot machine server in accordance with §  461a.26 (relating to testing and software installation on the live gaming floor).

 (f)  Downloads of slot machine programs or computer files on a server supported slot system and activations, deactivations or changes thereto shall be controlled and implemented using scheduling software approved by the Bureau of Gaming Laboratory Operations. Except as otherwise authorized by the Board, written notice of downloads, schedules and changes shall be provided to the Bureau of Gaming Laboratory Operations, the Bureau of Casino Compliance Representatives and the Department at least 72 hours prior to implementation in accordance with §  461a.26.

 (g)  Access to slot machine programs or computer files on a server supported slot system may be provided at terminals in secure, restricted locations within the licensed facility as approved by the Bureau of Gaming Laboratory Operations. The slot machine licensee shall provide read-only access to the Bureau of Gaming Laboratory Operations and the Bureau of Casino Compliance.

 (h)  Prior to implementing a change to a feature or reconfiguring the server supported slot machine, the slot machine must be in idle mode for at least 2 minutes without errors or tilt conditions and with no play or credits on the machine.

 (i)  During the implementation of a change to a feature or the reconfiguration of the server supported slot machine, the slot machine must be disabled and rendered unplayable for at least 1 minute. During that time, a conspicuous message stating that a game configuration is being changed must be continuously displayed either on the slot machine’s video screen or in another manner as approved by the Bureau of Gaming Laboratory Operations.

 (j)  A slot machine server shall, at a minimum, comply with §  461a.19 (relating to remote system access) and the technical standards of §  461b.5 (relating to remote computer access).

 (k)  A slot machine server:

   (1)  Shall be maintained in the slot machine server room in a locked computer rack or other secure area approved by the Bureau of Gaming Laboratory Operations.

   (2)  Must be dual key controlled with one key controlled by the slot operations department and the other key controlled by the information technology department.

   (3)  May not be accessed unless an employee from the slot operations department, the information technology department and a Board representative are present.

 (l)  All changes made to the slot machine server shall be stored in an unalterable log which must include, at a minimum:

   (1)  Time and date of access.

   (2)  Name and Board issued credential number or other secure username identifier of the person logging in.

   (3)  Identification numbers of the games added, deleted or changed.

   (4)  The history of changes to programs on each player terminal.

   (5)  Changes to the configuration of player terminal settings.

 (m)  Prior to adding or removing software from a server supported slot machine, changing any configuration or activating or deactivating a slot machine game on a server supported slot machine, a complete set of meter information for the slot machine shall be accurately communicated to a slot machine server, a slot monitoring system or other Board approved slot accounting system.

 (n)  Communication between the server, slot machine and any interface elements must utilize a protocol that includes proper error detection and recovery mechanisms designed to prevent unauthorized access or tampering, employing Data Encryption Standards or equivalent encryption with secure seeds or algorithms as approved by the Bureau of Gaming Laboratory Operations.

 (o)  With prior Board approval, a slot machine server may be connected to:

   (1)  Other slot operating systems of the licensee, including a slot monitoring system, accounting system or gaming voucher system, located in a secure location within the licensed facility where the slot machine server is located.

   (2)  A computer or other equipment operated by the Board or the Department to monitor and approve activity.

 (p)  Any approved connection utilized under subsection (o) must include, at a minimum:

   (1)  A secure, hard-wired, dedicated, exclusive network.

   (2)  A hardware firewall located between the slot machine server and the slot operating systems utilized by the licensee.

Authority

   The provisions of this §  461a.20 amended under 4 Pa.C.S. § §  1202(b)(30) and 1207(2) and (9).

Source

   The provisions of this §  461a.20 amended February 1, 2013, effective February 2, 2013, 43 Pa.B. 660. Immediately preceding text appears at serial page (349919).



No part of the information on this site may be reproduced for profit or sold for profit.

This material has been drawn directly from the official Pennsylvania Code full text database. Due to the limitations of HTML or differences in display capabilities of different browsers, this version may differ slightly from the official printed version.