One of the cornerstones of creating a fair and honest game is to ensure that each player has the
same chance and opportunity to win. This entails the creation of rules that not only allow participants
to enjoy the game equitably without interference, but also the institution of security measures to
provide high levels of assurance. CardRoom.com uses similar server technology as that
used by online financial institutions to ensure the protection of any and all sensitive communications
made between the client and server to provide the highest levels of protection to our players.
Security Specifications
Security begins immediately when the software is downloaded from the CardRoom.com site
to the computer of the player, as it must be retrieved from the server and installed in the unaltered
form in which it was designed.
On all subsequent downloads and updates, we compare each individual file to the applicable server
version and update to the current version thereby removing any potential anomalies. In addition,
any discrepant files are automatically replaced before the client can connect to our servers.
The CardRoom.com client software download is secured by our private key as provided
by the GoDaddy certificate authority.
Customer Safeguards
After the install is completed, the next layer of protection occurs within the actual game to act as
the first line of defense against any potential breaches of integrity. Below are the steps we take in
providing customer integrity:
All personal information for each client is kept confidential and is only available to that specific
individual upon logging on to the site.
Account information stored at our data center is protected by strong safeguards, available only to
carefully screened, dedicated personnel, and only as necessary to perform specific duties.
Private data, including hole or pocket cards for each person, is never sent to other players, and is
sent to the client software in a doubly-encrypted form, preventing network "snoopers" from
discovering private data.
The CA certificate key utilized by the web site is 1,024 bits in length.
The client software uses the industry-proven PKCS v2.0 protocol (a subset of the functionality of SSL)
for secure key exchange. It is configured to use RSA for authentication and session key generation/exchange and
AES (Advanced Encryption Standard), the tough "defense-strength" standard used by the US Federal Government.
High-strength RSA keys are generated as needed for protecting client sessions and discarded regularly to
protect private key integrity. In addition to the industry leading encryption, we incorporate a second
level of custom private encryption for all of our data.
Collusion Prevention
Perhaps the biggest concern of any player participating in an online game or contest is the opportunity for
individuals to work together to their disadvantage. Collusion, as this is more commonly referred to, is a
method of cheating whereby two (2) or more players communicate their cards to the disadvantage of other
participants in the game. Any player involved in collusion at CardRoom.com will be
permanently banned from the site. Our collusion monitoring constantly assesses betting anomalies relative to
the distribution of hands dealt to the table. Irrespective, there are no foolproof methods for detecting
collusion, yet it is quite difficult for colluding parties to succeed over a protracted period online as,
unlike brick and mortar cardrooms, there is a perpetual record of every hand dealt since inception. In the
event any player poses a complaint, the poker room manager and the associate staff will thoroughly investigate
the issue at hand and summarily make a ruling. CardRoom.com management reserves the rights to
terminate without prejudice the account of a player that was involved in any form of collusion.
Data Security
The primary mission of CardRoom.com is to provide an environment where our members can enjoy
the action of card games in a trusted atmosphere and win cash and prizes. To that end, we have implemented a multitude of precautions
in designing our security protocols and procedures. The measures we take to this end commence the instant your
computer communicates with CardRoom.com.
Besides encrypting all messages between the client software and CardRoom.com, we never send
private data, such as any personal or account information that is not designated solely for the relevant recipient,
including "hole" or pocket cards. When we are required to execute communications it is done in a doubly
encrypted form, configured to use RSA (for authentication and session key generation/exchange) and Advanced Encryption
Standard ("AES"), the tough "defense-strength" benchmark used by the U.S. Federal Government.
Moreover, in addition to industry leading encryption, we incorporate a second level of custom encoding for all of
our data, thereby going above what others consider "industry standard".
Check out the Interactive Help section for
information on all of our cool game features.
If you still have questions, try visiting the
FAQ page or contacting one of our friendly
customer support representatives.