Fortress of Fair Play: Stopping Frauds at Games24x7

At Games24x7, we believe that to best serve our players, our games must be both captivating and challenging, while also ensuring their protection from fraudulent activities. Ensuring fairness in real-money games means making the elimination of fraud a top priority. This commitment led us to develop a Risk Engine - RRE, a robust fraud detection framework that monitors player activity and triggers specific rules in response to unusual behaviour.

Importance of Fair Play in Real Cash Gaming

Fair play isn't just a legal requirement or an ethical guideline; it's the heartbeat of real cash gaming. It cultivates trust, boosting credibility and making players feel secure in the game's integrity.

A fair gaming environment keeps players engaged and satisfied, encouraging them to return and invite others, which drives growth and retention. Adhering to fair play ensures compliance with regulations, avoiding legal pitfalls and upholding ethical standards.

This commitment also gives a competitive edge, setting the platform apart in a crowded market. Most importantly, fair play fosters a strong, vibrant community where players feel valued and respected. Without fair play, the very foundation of any real cash gaming platform crumbles, leaving it unstable and untrustworthy.

The Challenge

Rummy

Imagine the excitement of Rummy, a card game played with two decks and two Jokers. Players must group their cards into sequences and sets to make valid declarations. The thrill comes from arranging 13 cards into valid sequences, with at least one pure sequence. The process of picking and discarding cards from a closed and open deck keeps the game exhilarating but also makes it a potential target for fraudulent activities.

Fantasy Cricket

Fantasy Cricket is an online platform where users can create virtual teams of cricket players, strategize based on real-world match conditions, and compete for real money. Success hinges on skillful analysis of pitch conditions, team squads, venue statistics, and past performances. Despite its strategic nature, the platform faces fraudulent tactics that can undermine the integrity of the game.

Poker

Poker is an exciting and strategic game where players craft the best hand from dealt cards, blending skill, strategy, and a bit of luck. With a standard52-card deck, players decide to play, raise the pot, or fold. The strongest hand wins the round and the prize. Though poker comes in many versions, the core rules stay the same.

However, poker isn't just about skill—it can be vulnerable to fraud. Cheating through collusion, marked cards, or other tactics underscores the need for vigilance and fair play.

The Problem

In both Rummy and Fantasy Cricket, users employed innovative methods to commit fraud. Initially, when users reported possible fraud, our agents and engineers had to manually sift through logs to investigate the claims. This manual process was time-consuming, error-prone, and often led to user dissatisfaction as we sometimes couldn't pinpoint the actual fraudulent activity due to incomplete log data.

Our internal agents also ran a cron job daily to investigate such claims. This process was not real-time, thus increasing the waiting period for disgruntled users.

We previously utilised JBPM, a solution akin to RRE, designed to handle astatic list of rules. However, each time we needed to add a new rule, it necessitated a full development cycle, causing delays and bottlenecks. Our agents, eager for more autonomy, desired a tool that would empower them to manage rules independently, enabling them to swiftly implement new rules on the fly with real-time targeting capabilities, without the constant need for developer intervention.

The Solution: RRE

To address these challenges, we created the RRE (Risk-Rule-Engine)framework—a dynamic system designed to detect and prevent fraud in real-time.

Key Components and Flow

User Activities

Imagine our players engaging in various activities:

• Login/Registration Activities: Players logging in or creating new accounts.
• Financial Activities: Adding or withdrawing funds.
• Compliance Activities: Completing KYC verification processes.
• Account Management Activities: Managing their account settings.
• Referral Activities: Inviting friends to join the platform.

Each of these activities is crucial for a seamless gaming experience but also presents potential avenues for fraudulent behavior.

Kafka Messages

Whenever a user performs an action, a Kafka message is triggered and sent to our Central Framework, Rule Engine. This immediate notification ensures that no activity goes unnoticed.

Central Framework (Engine)

Rule Engine is the heart of our monitoring system. Here's how it collaborates with other services:

• Aggregator Service: Aggregates data from all user activities and stores it in reliable databases for backup and retrieval. This data repository is essential for historical analysis and real-time decision-making.
• Evaluator Service: Based on the aggregated data and user-defined rules from the Agent UI, Evaluator Service computes whether specific rules should be applied. It acts as the brain, analysing patterns and making informed decisions.
• Graph Service: Takes the aggregated data and stores it in Amazon Neptune in a graph format. This graphical representation provides a clearer picture of user interactions and relationships.
• Action Service: Executes the rules. If Evaluator Service determines that a rule should be fired, Action Service takes the necessary action, ensuring swift and appropriate responses.

Machine Learning Integration

Graph Service feeds the data into machine learning models that compute a User Rating. This rating is a comprehensive indicator of a player's profile and behaviour, derived from their activities and interactions on the platform.

User Rating

The User Rating isn't just a number—it's a story of the player's journey. It provides insights into their habits, preferences, and potential risks. This rating helps our agents make informed decisions and take proactive measures to ensure fair play.

Agent UI

Our agents are the guardians of fair play. Using the intuitive Agent UI, they can:

• Create and manage rules.
• Receive User Ratings and suggested actions.

Based on these insights, agents can:

• Block a User: Temporarily prevent access for further investigation.
• Bana User: Permanently prohibit access for severe violations.
• Stop With drawals: Prevent fund withdrawals to secure the player's account.
• And many more actions

Marketing and Advertising

But that's not all. The User Rating also fuels personalized marketing campaigns and advertisements, enhancing the overall user experience. Players receive tailored offers and recommendations, making their time on our platform even more enjoyable.

The Impact

With RRE, we've significantly enhanced our ability to detect and prevent fraud. Automation has replaced manual log checks, reducing the time and errors involved in fraud investigations. Users now benefit from faster issue resolution and greater confidence in the fairness of our platform.

Our journey with RRE underscores our dedication to providing a secure and enjoyable gaming experience. As we continue to refine and expand this framework, we remain steadfast in our mission to outpace fraudsters and protect our player community..

Some Numbers

During peak load, our system seamlessly handled an impressive 5,547 requests per second. Each of these requests, totalling over 19.9 million per hour, was concurrently processed to evaluate 20 distinct fraud rules, ensuring the integrity of settlements in our Fantasy contests.

Our cutting-edge systems are designed to meticulously compute hand history—monitoring every card picked, discarded, and swapped—at an astonishing rate of 7.165 million requests per second. This extraordinary capability enables real-time tracking and unparalleled fraud detection, ensuring that our games remain fair and secure for all players.

Tech Stacks That Power Our Framework

• Java Development: We're passionate about Java, crafting our code in Java11, and gearing up for the transition to Java 21.
• ScyllaDB: As our data expands, ScyllaDB efficiently manages it, offering scalability while keeping our data organized.
• Kafka Messaging: Kafka seamlessly handles our real-time data flow, ensuring precise delivery of every message.
• Redis with Redisson Client: Redis empowers us with rapid querying capabilities, enabling swift retrieval of results.
• Elasticsearch: Elasticsearch enhances our data querying and analytics, providing powerful search functionalities.
• MongoDB: MongoDB supports our flexible data models, enabling seamless integration and efficient storage.
• Druid: Druid bolsters our analytics with real-time data ingestion and fast queries, providing insights at scale.
• AWS Sagemaker: AWS Sagemaker drives our AI initiatives, hosting machine learning models and deepening our understanding of user behavior.
• AWS Cloud Services: Our entire infrastructure thrives on AWS, leveraging services like EC2 and S3 for dependable performance and storage.
• Amazon Neptune: Amazon Neptune powers our graph database needs, allowing us to efficiently manage complex relationships and queries in our data.

Conclusion

Our journey with RRE has been a game-changer, empowering us to fortify our platform and guarantee fair play for everyone. As we push the boundaries and refine our approach, our dedication to safeguarding players and delivering an unparalleled gaming adventure stands firm.

Authors

• Ankit D Sharma, SDE-2 at Games24x7 (LinkedIn)
• Mohd Salman Hauq, Architect at Games24x7 (LinkedIn)
• Anil Kumar, Senior Engineering Manager at Games24x7 (LinkedIn)
• Mayank Kumar, Architect at Games24x7 (LinkedIn)