benito arriaga said:
A bug?
Is your pokerroom flash or download?
Use information and verification to discourage multiple accounts and detect them. Require full name, email address, phone number; validate email address, validate at least phone number if not name (faxed identification) before releasing bonuses; detect browser agent, IP address, MAC address (download only), unique system install id (download only) to flush out duplicate accounts and prevent collusion and bonus abuse.
What pokerroom, if you mind me asking?
Identity theft aside...
If your software makes a TCP connection, and you block common anonymizers, it becomes increasingly difficult to change IP address for each account.
If your software is download, and therefore you can send back MAC Address and other system identification, it becomes increasingly difficult to change computers for each account.
If you require telephone verification, it becomes inreasingly difficult/expensive to provide a unique phone number for each account.
If you require mailing address verification (i.e. snail mailing a secret code), it becomes inreasingly difficult/expensive to provide a unique mailing address for each account.
GeoTrust has a real nifty system that calls you up (automatically) and makes you record your name (to get an SSL certificate). You can register for a trial certificate (free) and see how this process works. Theoretically (and I expect inevitably) a gaming operation could setup something very similar, and use voice recognition technology.
Now, if the participant is using the name, address, phone, id, etc, of willing participants to engage in bonus fraud, there's nothing you can really do other than stop giving away unprofitable bonuses.
Identity theft aside...
If your software makes a TCP connection, and you block common anonymizers, it becomes increasingly difficult to change IP address for each account.
If your software is download, and therefore you can send back MAC Address and other system identification, it becomes increasingly difficult to change computers for each account.
If you require telephone verification, it becomes inreasingly difficult/expensive to provide a unique phone number for each account.
If you require mailing address verification (i.e. snail mailing a secret code), it becomes inreasingly difficult/expensive to provide a unique mailing address for each account.
GeoTrust has a real nifty system that calls you up (automatically) and makes you record your name (to get an SSL certificate). You can register for a trial certificate (free) and see how this process works. Theoretically (and I expect inevitably) a gaming operation could setup something very similar, and use voice recognition technology.
Now, if the participant is using the name, address, phone, id, etc, of willing participants to engage in bonus fraud, there's nothing you can really do other than stop giving away unprofitable bonuses.
