Hijack or just Jack-High?
October 1, 2022
Over the last 72 hours, the poker community has been debating what may be the most controversial moment in poker live streaming history. The discussion of cheating in live gaming has also increased recently with scandals in chess, online poker, and live streams over the last couple years. When I started RF Labs, I realized that building a technology to reinvent live gaming would not be possible without putting security and privacy at the forefront of design. Over the last few days, I have discussed with our team the role RFID has played and how cheating could be possible in the Robbi Jade Lew vs Garrett Adelstein situation. Here are what we believe to be the possible security leaks in manually tracked poker live streams.
RFID IN POKER
RFID (radio-frequency identification) is the technology that uses electromagnetic fields to identify and track tags in a given space. The technology has been used for decades in ID cards, inventory management, healthcare, and many other industries. RFID was first introduced in poker over a decade ago to increase the speed and accuracy of live streaming hole cards while reducing costs. The technology has made it so that card rooms and homes can afford a table that can record hands and live stream them on a delay to viewers. The technology works on the basis that the antennas placed inside the table emit an RFID signal to the cards and are then received and processed by a computer. The computer then takes the information and displays it to an operator, also known as the “Action Tracker'', who inputs each player’s bets and controls the action of the game. This operator is in communication with the dealer over a wireless headset to verify each action in real-time. The output of this entire process is stored on a computer for 15 minutes and then sent to a streaming service where commentators and viewers can watch remotely. When we first set out to build a more secure version of this process, we noticed five potential areas of vulnerability. These are the five possible ways that a player could possibly take advantage of and “hijack” the system.
THE ACTION TRACKER
The most obvious way to cheat a system like this would be through aid from an outside party. In current RFID systems, the only person who should have access to card information in real-time is the Action Tracker. Some card rooms allow the entire production team to see this data, some allow phones in the production room, and some don’t have any surveillance there. Depending on the level of security precautions taken, it is possible that the operators of a live stream are in communication with players at the table. This was what was determined to be the security leak in the Mike Postle cheating scandal on Stones Live. This could be done as simply as sending a text message with a certain vibration tone setup on the player’s phone, or even device through on their body. Many people on social media claim that this is not possible since players are not allowed to have their phones on some streams. Others are saying that patting down players in the future should solve the problem. This is not necessarily true since these devices can easily be disguised or covered with EMF blocking material until reaching the live stream room. Even a visual signal setup somewhere in the room could be a vulnerability.
SCANNING THE RFID CARDS
A more direct approach to knowing another player’s whole cards would be to scan the cards themselves. Each RFID card is embedded with a small tag inside. These tags store data, similar to how a barcode or QR code stores information. The RFID tags usually contain a unique serial number that allows the reader and computer to know which tag is on which antenna. Although we cannot be sure how the card information is stored, there is always the possibility that the RFID software makers stored the data directly on the card. Even if the data is stored elsewhere, there is a possibility that the key-pair information was either hacked, or the player themselves scanned every card they received and stored the serial number and card value in a device. It is also important to note that the RFID cards used in poker are known as “vicinity” tags rather than “proximity” tags. Although these are made to be read from a few feet away, the antennas used in tables do not have enough power to do so, therefore the potential of having a device meters away would require a large power supply. This is something that would be very difficult to do without being noticed, but modern wearable technology makes it a possibility when the player is at close proximity. In recent events, many suggest that this could be done through a water bottle on a table. Although possible, metals create a lot of noise in RFID signals. The bottle would not be able to read the cards dealt to opponents as well. This should be considered when investigating such possibilities.
Live stream tables have been designed in a way where card rooms can operate from a different room, or even use a tablet in the same room. This means the information being sent from the table to the computers has the possibility of being set up in a way where it is sent over the network. We have seen card rooms in the past use systems where they are connected to the table on the same Wi-Fi network as other players. There is also the possibility a device could be connected between a wired line somewhere else in the card room that bypasses the network and reads all information going from the table to the operator’s computer. Although we have not seen any device like this or know of any situation where this has taken place in the past, this is a possible vulnerability that all live stream operators should be aware of when designing their setup. This is a hypothesis I have not seen many people talk about, but the only way to determine tampering in the network would be through specialists onsight during the investigation.
ACCESS TO STREAM FOOTAGE
All card rooms ensure that the live stream is played on a delay. This stops viewers from communicating with the players in any way during the hand that is being streamed. However, this footage is usually stored on a computer during the delay in active memory before being streamed. Just like the card data or network vulnerabilities, if an external party was able to gain access to this footage before it is sent to the streaming service, its information could be taken advantage of. Although modern broadcasting systems have encryption and compression when live streaming on a delay, we have seen poker streaming software that directly stores video footage in real-time or even shares it over a Virtual Camera. When designing our live streaming software, we decided to require card rooms to use software like OBS that ensure proper security standards, since there is a possibility that a device connected to an operator’s computer could take access to the RAM or Virtual Camera and directly share the data over the network. Operators can also install remote access software, like what we have seen with online poker, to share the Virtual Camera. Although it would be very difficult to pull off such a task without a physical device or access to the producer’s computer, this is yet another vulnerability that should be considered when live streaming poker games.
Modern shufflers have the ability to scan each card as they are shuffled. They can also sort the decks to be in a specific order. This feature was made to improve card room operations so they could set the deck faster. Although such shufflers are banned in many card rooms, there is a possibility that players could be in communication with operators who have access to the shuffler’s data. This is also the only way a player could possibly have information on future runouts. Players should be aware when such shufflers are being used. There was a scandal earlier this year where such collusion using this technology could have been taking place between card room management and players.
Although each of these vulnerabilities are extremely difficult to take advantage of when proper precautions are taken, it is important to know that they are flaws in design that should be considered when using such systems. Whether there was such cheating taking place in the recent scandal can only be determined through an investigation done by the card room knowing the precautions that had already been taken. No one knew the potential RFID had in pushing the game of Poker through this second boom we have seen in recent years, but based on the current systems, we can learn and make better decisions in the future.
At RF Labs, we designed our latest system to be integrated. From the computer to the embedded equipment (table, cards, and even chips) to the cameras, we ensure that all of the hardware devices are connected and have no chance of being accessed by a third party. We ensure that cards are not shown to external operators, video and card data are encrypted and stored locally until the hand is complete, and we use the industry standard for security protocols when it comes to RFID, networking and cloud computing. We also realized that security should not be a problem that card rooms have to deal with and players should have to worry about. By creating an integrated system, we leave security and system architecture in the hands of the experts rather than the card rooms. With no one having real-time access to card information, the possibility of cheating through technology is close to zero.
We believe that RFID technology has the potential to take the game further than ever. With the potential for making live streaming accessible, advanced analytics for players to improve their game, and data for card rooms to improve operations and build their community, we believe that our technology plays a large role in live gaming’s future.