Super-user and Security FAQ
At Full Tilt Poker, our goal is to provide the safest environment possible for playing online poker. Security is our foremost priority, and providing the fairest games available anywhere is a cornerstone of our business. In the past, a few poker sites have had the security of their online games compromised, and learned the hard way that it must be treated systematically with careful planning from the outset. We have the most up-to-date technology in place to maintain the highest standard of security possible. Please read the following super-user and security FAQ to learn more about how we protect you as a player.
In computer systems, a "super-user account" is an account with special access privileges, able to control key aspects of the system. In online poker, this term is used to refer to an account that can be used to view the other players’ private hole cards.
Two online poker sites – owned by the same parent company – were found to have super-user accounts, and those special accounts were used to cheat players out of thousands of dollars. Full Tilt Poker has no association with these online poker sites.
No. When developing the complex software for an online poker site, the software engineers may be tempted to create a super-user account for legitimate purposes, such as monitoring and testing the system as it is developed. Although their intentions might be good, it would be a very poor design decision because of the potential for misuse. Once such a security risk has been introduced, it cannot be undone. The only way to ensure the perfect integrity of a system is never to create that capability in the first place.
Full Tilt Poker’s software was designed and developed by engineers who understood these critical security issues. Because our software was developed several years after the first online sites went into operation, we had the advantage of learning from the mistakes of others. By design, no one at Full Tilt Poker ever has real-time access to private hole card information while a hand is in progress.
Random Number Generator
A Random Number Generator (RNG) system is at the heart of any online poker room as it guarantees the randomness of the card dealing process.
Read more about the Full Tilt Poker RNG
A Random Number Generator (RNG) generates a sequence of numbers (or bits) that are devoid of any regular pattern or bias and therefore cannot be predicted in any way. Certified RNG systems are used by online poker rooms to ensure that every game is played using a randomly shuffled and unpredictable deck.
An RNG is essential for complete fairness and security and must be developed with great care. One of the first online poker sites actually failed in this regard, and their RNG was shown to have serious weaknesses that allowed future cards to be predicted. Since that time, online poker sites have used state-of-the-art RNG procedures that are close to perfect. Full Tilt Poker prides itself on having the best RNG system in the industry for a number of technical reasons.
Full Tilt Poker’s RNG is one of the many features that we use to ensure a safe and fair game. Our RNG ensures that no private card information can be predicted – players can be certain that they always experience the highest degree of safety and fairness available in online poker.
The architecture of the Full Tilt Poker RNG consists of many layers, and each layer produces random sequences, guaranteeing a random card shuffle. As an extra level of security, the cards at Full Tilt Poker are obtained on an as-needed basis and decks are effectively re-shuffled just prior to a card being dealt. This means it is strictly impossible for anyone to predict future cards, because they are not determined until the instant they are required. A player’s private hole card information is not available to anyone until well after the hand is finished.
Full Tilt Poker has also gained certification from two independent accredited testing companies, Cigital and Technical Systems Testing (TST). These accreditations require a comprehensive analysis of our RNG and its accuracy, taking into consideration all aspects including hardware components, software source code and servers for testing.
The card shuffles at Full Tilt Poker are better than any physical deck of cards. Our software uses advanced shuffle algorithms to ensure that every possible ordering of cards can be reached, and is as equally likely as any other. This is not achieved in real deck shuffles and it ensures that our players are guaranteed a completely random deal every time.
The server randomizes the deck by using several different core systems which each generate a random number. These randomized numbers are then combined to generate a random card. This redundancy ensures that even if several core systems failed or were compromised in some way, the output would still be random. This means that any card dealt on our system is always guaranteed to be random and completely unpredictable.
No. Only the server architecture knows what the hole cards are when they are generated, and as described above, the cards are random and unpredictable. The server then communicates the hole card information to the player. To ensure this is done securely, the server and the client program on the player’s computer establish a safe and secure communication process, involving several of the latest encryption systems. Once this communication channel is established, the client will decrypt and decode the player’s hole cards and show them on the player's screen.
The Full Tilt Poker software does not store any information until after the pot has been awarded. Once the hand is complete, the hand history information is stored in three ways:
- Spectators can view the hand without any hole card information
- Players can view the hand, but only their own hole card information
- Hand histories with full details are stored for security and fraud reasons
The few employees that have access to all movements and the full details that are recorded after poker hands are completed have been thoroughly screened and are closely monitored. The important thing to note is that Full Tilt Poker does not record any details until after the game has finished. This secure system ensures that this information cannot be accessed by anyone else.
As explained above, the worst damage that a trusted employee could do, would be to gain access to private hole card information after the hand has been completed and the pot has been awarded. They could potentially acquire personal information about a player's playing style, but they could not gain access to any hole card information while a hand is still in progress.
Employees with access to privileged information are not permitted to play on the site. All accesses to that sensitive information are monitored and recorded.
Yes, that is possible. If the security of your personal computer has been compromised, it is possible that malicious software could read your hole cards and transmit that information to a third party.
The Full Tilt Poker server sends your private hole cards only to your computer, using modern encryption technology to ensure that the information cannot be intercepted before it arrives at its destination. Each player in the game receives only the information they require, which does not include information about the cards of any other player.
Once your encrypted hole card information has been received and decoded by the Full Tilt Poker software, it is presented on the screen in a publicly readable format. At that point, the information is outside the realm of our software and is only as secure as your personal computer system. Although we have never heard of a confirmed instance of third party successfully gaining access to private hole card information in this manner, it is conceivable in principle.
If you have any more questions regarding super-user accounts and your security while you play on Full Tilt Poker, please email Customer Support at [email protected].