28.0 Cashless System Requirements
A Cashless System may be entirely integrated into an On-Line Monitoring System or exist as an entirely separate entity. Cashless systems may include Promotional, Bonusing or Player Account based systems.
28.1 Error Conditions
The following sections outline the Error Conditions that apply to the Cashless System, which must be monitored, and a message must be displayed to the patron at the host Card Reader for the following:
(a) invalid PIN or Player ID (can prompt for re-entry up to maximum allowed); and
(b) Account Unknown.
28.2 Transfer of Transactions
If a player initiates a cashless Transaction and that Transaction would exceed game configured limits (i.e. the credit limit, etc) then this Transaction may only be processed provided that the patron is clearly notified that he/she has received or deposited less than requested to avoid patron disputes.
28.3 Security Requirements
The Communication process used by the EGS and the host system must be robust and stable enough to secure each cashless Transaction such that failure event(s) can be identified and logged for subsequent audit and reconciliation. In addition, Cashless systems must conform to the following Security Requirements:
(a) The numbers of users that have the requisite permission levels/login to adjust critical parameters are limited.
(b) Only a logged, authorized employee shall have the ability to access all player information. Security of this information (including patron PIN codes or equivalent patron identification) must be maintained at all times.
(c) Any adjustment to an account balance, would require a supervisor’s approval with all changes being logged and/or reported indicating who, what, when, and the item value before and after the change, with the reason.
28.4 Prevention of Unauthorized Transactions
The following minimal controls shall be implemented by the host system to ensure that games are prevented from responding to commands for crediting outside of properly authorized Cashless Transactions (hacking):
(a) The Network hubs are secured (either in a locked/monitored room or area) and no access is allowed on any Node without valid login and password;
(b) The number of stations where critical Cashless applications or associated Databases could be accessed is limited; and
(c) Procedures shall be in place on the system to identify and flag suspect player and employee accounts to prevent their unauthorized use to include:
i. Having a maximum number of incorrect PIN entries before account lockout;
ii. Flagging of “hot” accounts where cards have been stolen;
iii. Invalidating accounts and transferring balances into a new account; and
iv. Establishing limits for maximum Cashless activity in and out as a global or individual variable to preclude money laundering.
28.5 Diagnostic Tests on a Cashless EGS
Controls must be in place for any diagnostic functionality available at the device such that all activity must be reported to the system that would reflect the specific account(s) and the individual(s) tasked to perform these diagnostics. This would allow all Cashless diagnostic activity that affect the EGS associated electronic meters to be audited by the EGS Section.
28.6 Transaction Auditing
The Cashless system shall have the ability to produce logs for all pending and completed Cashless Transactions. These logs shall be capable of being filtered by:
(a) Machine number
(b) Patron account; and
28.7 Financial and Player Reports
The system shall have the ability to produce the following financial and player reports:
(a) Patron Account Summary and Detail Reports. These reports shall be immediately available to a patron upon request. These reports shall include beginning and ending account balance, Transaction information depicting EGS number, amount, and date/time.
(b) Liability Report. This report is to include previous days starting value of outstanding Cashless liability, aggregate Cashless-in and out totals, and ending Cashless liability.
(c) Cashless Meter Reconciliation Summary and Detail Reports. These reports will reconcile each participating EGS Cashless meter(s) against the host system’s Cashless activity.
(d) Cashier Summary and Detail Reports. These reports will include patron account, buy-ins and cash-out, amount of Transaction, date and time of Transaction.
28.8 Account Balance
Current account balance information should be available on demand from any participating EGS via the associated Card Reader (or equivalent) after confirmation of patron identity and be presented, in terms of currency, to the patron.