S.D. Admin. R. 20:18:17:41.04
Current through Register Vol. 50, page 159, June 17, 2024
Section 20:18:17:41.04 - Prevention of unauthorized access or transactionsThe following minimal internal controls must be implemented to ensure that each game is prevented from responding to any command for crediting outside of a properly authorized cashless transaction:
(1) Secure the hubs, services, and connection ports in a locked and monitored room or area to prevent unauthorized access to the network and prevent access to any node without valid login and password;(2) Limit the number of stations where critical cashless applications or associated databases may be accessed;(3) Limit the number of users that have permission to adjust critical parameters; and(4) Identify and flag suspect wagering accounts to prevent unauthorized use by:(A) Establishing a maximum of three successive, incorrect secure personal identification code or number entries before account lockout;(B) Flagging hot accounts where cards or authentication credentials have been stolen;(C) Invalidating accounts and transferring balances into a new account;(D) Establishing limits for maximum cashless activity or overall gaming activities in and out as a global or individual variable to preclude money laundering.(E) Monitoring cashless devices for funds transferred into the cashless device from one wagering account, then transferred out to another wagering account; and(F) Monitoring wagering accounts for opening and closing in short time frames and for deposits and withdrawal without associated game play transactions.S.D. Admin. R. 20:18:17:41.04
36 SDR 22, effective 8/18/2009; 48 SDR 014, effective 8/22/2021General Authority: SDCL 42-7B-7, 42-7B-11(13).
Law Implemented: SDCL 42-7B-2.1(1), 42-7B-43.