Some news from Nevada recently provided a wakeup call to the embedded system and gaming device industries alike. The Nevada Gaming Commission will allow gambling on mobile devices within casino and hotel grounds. While the NGC is only one of the many organizations that regulate gambling, its reputation for technical precision means its standards often are adopted across the nation and even internationally. As Nevada reaches out to merge two previously disparate technologies—mobility and gaming—it’s important to consider what the key features of such a device will be.
Nevada is going into this effort pragmatically. The NGC is issuing provisional licenses, with some features specified “to the satisfaction of the commissioner.” Suppliers seem to be using adapted commercial off-the-shelf PDAs and other devices. But the technology and the business model both need to be proven. That said, some basic elements of gaming will influence the eventual development of purpose-built mobile devices for gaming.
Suppliers will need to incorporate hardware security capabilities into their devices. Embedded hardware security module (HSM) capabilities can help give the mobile environment the same security that fixed, secured gaming such as slot machines enjoy now.
Casinos know that smart, well funded crooks will attempt to defeat their systems, and these crooks might have agents inside the casinos’ organizations. In fact, mobile devices are connected to the casino back office wirelessly or through the Internet, so security becomes paramount because the network is now open to the world. For gaming, security most of all means verifying the legitimacy of the game programs in the device.
The term used in the information security business is “strong authentication.” This typically mandates a special bootstrap process with trusted personality modules that can identify the software to the hardware and the hardware to the software and keep such identification keys in a very private location—or in the case of traditional fixed slots, in a ROM verifiable to a Nevada state inspector.
In the long term, mobile devices must meet or exceed the standards in place for fixed slots. To ensure that the mobile platforms have adequate and verifiable security, they could have embedded internal devices with validated security ratings to FIPS 140-2 Level 2 or higher, as well as anti-tamper resistance.
The mobile devices will be network aware, and they must only allow play in public areas of the hotel. Obviously, the network needs to be highly secure. It also must resist penetration, even from a hostile party who may have full custody and control of the device and can attack it with sophisticated network hacking equipment. This is a tall order, probably outside the scope of the IEEE 802.11 committees and the Wi-Fi Alliance.
Strong authentication merged with network security is possible and affordable. In fact, it’s a standard feature of various Department of Defense systems that use software and crypto chips that are now available commercially. It should be noted that these security standards interact strongly with the power conservation required for battery-powered mobile devices. Again, the hotel or casino must assume that the local network security may be attacked by internal sources or by the Internet community in general.
Gambling caters to the impulse. In any casino, rows of slots are stacked upon rows of slots to satisfy every impulse to drop a dollar. Mobile gaming devices must be as available and always on. Imagine the reaction of casino managers if they were told all of their slot machines had to be fitted with a “on/off” button! Achieving this in a mobile device impacts power management, biometric identification, and other issues. Any length of time, even a second or two to boot up or log on, would probably detract from the game’s revenue.
Fixed games are getting more and more media savvy and responsive with graphics, sound, and light. These audio/visual clues are like the bell to Pavlov’s dog or the buzzer to Skinner’s pigeon. Sensory clues trigger the gaming response. Just because the device is mobile doesn’t mean it can forget about these media-based stimuli. Indeed, new forms of stimuli might emerge, such as the vibrating controllers that now appear in home video game consoles.
Every form of mobile electronics seems to shrink as it goes through multiple generations. Cell phones have evolved from bricks to candy bars. MP3 players have shrunk from pocketbooks to keychains. People want devices to be more like jewelry and less like luggage. Smaller devices will be carried and played more than larger devices. Perhaps the ultimate device would be a hotel room key fob that’s also a keno or poker game. Again, the need for device security and anti-tamper capabilities is important.
Compact, secure, but stimulating ubiquitous devices on secure networks will be the future of in-hotel gaming, eventually not only adding to the fixed machines but perhaps supplanting them to some extent. The technology is here, and the demand is certainly present. Gradually, the form and specification of these mobile devices will take shape and gravitate to a form as standardized as the typical slot today.