Method of securing data on a portable gaming device from tampering

US 20080182667A1
Filed: 01/25/2007
Published: 07/31/2008
Est. Priority Date: 01/25/2007
Status: Abandoned Application

First Claim

Patent Images

1. A gaming device, comprising:

writeable memory containing gaming data used to perform operations at the gaming device;

a first mechanism for determining whether the gaming device is a trusted device; and

a second mechanism for wiping the gaming data from the writeable memory when it is determined that the gaming device can no longer be trusted.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems for securing select data on a gaming device are disclosed. The gaming device includes writeable memory such as RAM and/or hard drive that contains the select data. The select data may for example be gaming data associated with operating the gaming device. The gaming device also includes one or more mechanisms for determining whether it is a trusted device (e.g., whether it has been compromised). The gaming device also includes mechanisms for immediately removing the select data from writeable memory when it is determined that the gaming device is not trusted.

122 Citations

43 Claims

1. A gaming device, comprising:
- writeable memory containing gaming data used to perform operations at the gaming device;
  
  a first mechanism for determining whether the gaming device is a trusted device; and
  
  a second mechanism for wiping the gaming data from the writeable memory when it is determined that the gaming device can no longer be trusted.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The gaming device as recited in claim 1 wherein the writeable memory includes one or more memory components selected from non volatile memory components, volatile memory components, hard drive memory components, removable media memory components, and memory components located over a network.
  - 3. The gaming device as recited in claim 1 wherein the gaming data includes gaming logic for controlling a game played on the portable device or logic for maintaining a gaming state during game play or preserving a game history
  - 4. The gaming device as recited in claim 1 wherein the gaming device is selected from a gaming machine, handheld game player or peripheral gaming device.
  - 5. The gaming device as recited in claim 1 wherein the gaming data is stored entirely in one memory component of the writeable memory.
  - 6. The gaming device as recited in claim 1 wherein the gaming data is spread across multiple memory components of the writeable memory.
  - 7. The gaming device as recited in claim 1 wherein the gaming data only resides in at least one partition of a hard drive.
  - 8. The gaming device as recited in claim 1 wherein the gaming data only resides in volatile memory.
  - 9. The gaming device as recited in claim 1 wherein the gaming data only resides in non volatile memory.
  - 10. The gaming device as recited in claim 1 wherein the gaming data only resides in RAM and a hard drive.

11. A method for securing data on a gaming device, the method comprising:
- storing data in writeable memory on a gaming device, the data including at least select data;
  
  at the gaming device, continuously determining whether the gaming device is trusted; and
  
  immediately removing at least the select data from writeable memory when it is determined that the gaming device is not trusted.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
- - 12. The method as recited in claim 11 wherein the writeable memory is a hard drive.
  - 13. The method as recited in claim 11 wherein the writeable memory is RAM.
  - 14. The method as recited in claim 11 wherein the writeable memory is a hard drive and RAM.
  - 15. The method as recited in claim 11 wherein the select data is gaming data for operating the gaming aspects of the gaming device.
  - 16. The method as recited in claim 11 wherein the gaming device is a portable gaming device that is connected to a gaming controller via a wireless network.
  - 17. The method as recited in claim 11 wherein the gaming device is a wireless handheld gaming machine.
  - 18. The method as recited in claim 11 wherein the gaming device is a wireless ticket validation machine.
  - 19. The method as recited in claim 11 wherein the gaming device is a client device that is persistently connected to a server system.
  - 20. The method as recited in claim 11 wherein the step of determining whether the gaming device can be trusted comprises:
    - at the gaming device, sending a heart beat message to a server system, the heart beat message indicating that the gaming device is connected to the server system;
      
      at the gaming device, looking for an acknowledgement message from the server system, the acknowledgement message indicating that the server system received the heart beat message and that the gaming device is connected to the server; and
      
      at the gaming device, indicating that the gaming device is not a trusted device if the acknowledgment is not received.
  - 21. The method as recited in claim 20 wherein the gaming device enters a retry step when the acknowledgment message is not received, the retry step including resending the heart beat message until an acknowledgement message is received or until a retry count reaches a maximum retry count, and wherein the gaming device is not a trusted device if the acknowledgment message is not received or if the retry count reaches the maximum retry count.
  - 22. The method as recited in claim 20 further comprising authenticating the heart beat message.
  - 23. The method as recited in claim 11 wherein the step of determining whether the gaming device can be trusted comprises:
    - at the gaming device, providing a global positioning system (GPS);
      
      at the gaming device, indicating that the gaming device is not a trusted device if the GPS signal is lost for a period of time;
      
      at the gaming device, indicating that the gaming device is not a trusted device if the GPS determines that the gaming device has moved outside of a predetermined acceptable location.
  - 24. The method as recited in claim 11 wherein the step of determining whether the gaming device can be trusted comprises:
    - at the gaming device, determining whether a door has been opened or a panel removed, the door or panel providing access to the internal components of the gaming device; and
      
      at the gaming device, indicating that the gaming device is not a trusted device if the door has been opened or the panel removed.
  - 25. The method as recited in claim 11 further comprising:
    - at a server system, looking for a heart beat message from the gaming device, the heart beat message indicating that the gaming device is connected to the server system; and
      
      at the server system, indicating that the gaming device is not a trusted device if the heart beat message is not received.at the server system, raising a security alert when it is determined that the gaming device is not trusted.
  - 26. The method as recited in claim 25 further comprising authenticating the heart beat message.
  - 27. The method as recited in claim 11 further comprising:
    - at the gaming device, entering a security mode where the gaming device stops accepting input when the gaming device is not a trusted device.
  - 28. The method as recited in claim 11 further comprising:
    - checking the gaming device for tampering when it is determined that the gaming device is not trusted; and
      
      if the gaming device has not been tampered with, reinstalling the select data that had been removed so that the gaming device can function normally.
  - 29. The method as recited in claim 28 wherein the step of checking the gaming device includes performing forensics on the un-trusted gaming device
  - 30. The method as recited in claim 11 wherein all the data stored data in writeable memory is removed when it is determined that the gaming device is not trusted.
  - 31. The method as recited in claim 11 wherein the step of storing data comprises:
    - storing data in a hard drive of the gaming device, the data being partitioned into multiple system partitions on the hard drive, at least one of the system partitions including gaming data associated with operating the gaming aspects of the gaming device; and
      
      wherein the step of removing at least the select data from writeable memory comprises;
      
      erasing the system partition containing the gaming data when it is determined that the gaming device is not trusted.
  - 32. The method as recited in claim 11 wherein the step of storing data comprises:
    - storing data in volatile memory of the gaming device, the data including at least gaming data associated with operating the gaming aspects of the gaming device,and wherein the step of removing at least the select data from writeable memory comprises;
      
      erasing the volatile memory when it is determined that the gaming device is not trusted.

33. A method of securing data on a client device against tampering, comprising:
- selecting data stored on a client device, the data including at least operational data associated with operating the client device, the operational data comprising executable code, binaries or resources;
  
  locally monitoring a client device to see if it has been compromised; and
  
  immediately removing the selected data from the client device when it is determined that the client has been compromised.
- View Dependent Claims (34, 35, 36, 37, 38, 39, 40, 41, 42, 43)
- - 34. The method as recited in claim 33 wherein the step of monitoring includes:
    - sending a heart beat message at regular intervals to a server system in communication with the client device, the heart beat message indicating that the client device is connected to the server system;
      
      sending an acknowledgement message to the client device when the heart beat message is received at the server system;
      
      if an acknowledgement message is not received within a certain amount of time, indicating that the client device has been compromised.
  - 35. The method as recited in claim 33 wherein the client device additionally stores an operating system and communication code designed to maintain contact with the server system, and wherein the method further includes partitioning the operational data associated with operating the client device, the operating system and communication code into separate partitions in memory, the operating system residing in a first partition, the operational data residing in a second partition, the communication code residing in a third partition.
  - 36. The method as recited in claim 35 wherein the step of removing includes erasing the partition that contains the operational data.
  - 37. The method as recited in claim 33 further comprising:
    - placing the client device in a compromised mode that keeps the client device from accepting input when it is determined that the client device has been compromised.
  - 38. The method as recited in claim 33 wherein the step of monitoring includesgenerating a location signal, the location signal indicating the location of the client device;
    - andwherein the operational data is removed when the location signal is lost for a period of time or when the location signal indicates a location outside preconfigured acceptable location.
  - 39. The method as recited in claim 33 wherein the step of monitoring includes:
    - monitoring a physical attribute of the client device; and
      
      wherein the operational data is removed when the physical attribute has been altered.
  - 40. The method as recited in claim 39 further including sending a security message to a server system when the physical attribute has been altered.
  - 41. The method as recited in claim 33 wherein the operational data is stored in volatile memory.
  - 42. The method as recited in claim 33 wherein the operational data is stored in non volatile memory.
  - 43. The method as recited in claim 33 wherein the operational data is stored in a hard drive.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
IGT (International Game Technology)
Original Assignee
IGT (International Game Technology)
Inventors
Oberberger, Michael M., Low, Michael, Davis, Dwayne

Application Number

US11/698,329
Publication Number

US 20080182667A1
Time in Patent Office

Days
Field of Search
US Class Current

463/43
CPC Class Codes

G07F 17/32   for games, toys, sports, or...

G07F 17/3218   wherein at least part of th...

G07F 17/3241   Security aspects of a gamin...

Method of securing data on a portable gaming device from tampering

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

122 Citations

43 Claims

Specification

Solutions

Use Cases

Quick Links

Method of securing data on a portable gaming device from tampering

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

122 Citations

43 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links