Hey, everybody, and welcome back to the show. I'm your host as always, Ben Thomas. You know, one of my favorite things about coming back from trade shows and trips and events in Las Vegas and other places that have, casinos and gaming is I'm constantly reminded of how much our industry plays a pivotal role, especially increasingly, in those communities, whether it be through OEM technology on slot machines or payment terminals or, LED walls or digital signage throughout the casino. You can't walk into a a gaming institution these days and not see our technology, literally, in some cases, spilling off of the walls. But, you know, one of the conversations sometimes that I think that we we may not have as we should is some of the ramifications of what that means for our industry, not only from a, you know, market development standpoint, but from a technology compliance and security standpoint. There's a lot of regulations that that industry specifically, is subject to that maybe other verticals like, UCC and, you know, education and even hospitality to a larger extent may not be, as stringent on. So I wanted to have a conversation today with somebody who's gotten to live, really across both sides of that world from a a technology installation and and hardware, delivery side of things, but also kind of the software, side of things. And that's Christopher Justice, who is one of the board members for, the American Gaming Association. Christopher, thanks so much for coming on today. Hey, Ben. It's great to be here. Thanks for, thanks for inviting me on. Well, absolutely, Christopher. It's good to have you back on the show, and I wanna ask to kinda set the table. Right? You know, a lot of, of our audience on this show skew a little bit more engineer product centric sales, but we don't always get to have the conversations and and talk to our end users and some of our applications. The world of casinos and gaming really is unique when it comes to things like compliance because you've even in the world of sports betting, you've got, bandwidth, requirements, and you've got, you know, secure cybersecurity requirements for all sorts of different things. But I wanna ask, on a high level, maybe what are some of those requirements that's asked from a part of the especially when you get into the world of gaming, part of the especially when you get into the world of gaming, and coming to it from my perspective where, you know, deep seated, in the payments world. So it really creates this very unique intersection where highly regulated payments, highly regulated gaming all comes together. And so it does present itself some its own unique sets of challenges. And I think from a overall, from a regulatory perspective, one of the gaming gaming laboratories, GLI created a a set of standards that are all documented at which gaming technology then is tested against to make sure that that the, that the software itself or hardware complies with all of those various regulatory standards. Then you start layering onto that some of the other three letter acronyms like PCI compliance, AML, and know KYC, know your customer compliance, responsible gaming. There are just a variety of layers of regulatory, standards that all have to be met in order to operate successfully within the gaming space. You know, it's it's funny to walk into, you know, a bank versus a casino because exactly like you mentioned, the gaming industry in a lot of ways resembles a lot of the same requirements as the finance industry, right, from a compliance standpoint, from a security standpoint, whether that be with ATMs or payment terminals or or or different things. You know? But but one of the places that you see a lot of threats coming these days, especially as you see a lot of devices become connected, whether it's via five g or cellular or just IP connectivity in general, is that world of cybersecurity. Right? Whether that is, you know, I'm a digital signage provider, and I need to make sure that my odds are actually updating in real time with, what's happening at the books and that those odds are translating to the kiosks and that somebody's not hacking the system because, our our bandwidth requirements are too low for, you you know, real time betting. There's a lot of different frustrations and conversations around that world as we we we sort of expand. You know, but I wanna ask about cybersecurity specifically. Right? Everybody's always looking for an edge, whether that's, you know, matters of milliseconds to try and cheat a game or to have an advantage in a sports betting standpoint. And people will do things to, either nefariously or in some cases on accident to to, you know, breach some of those systems. From a cybersecurity standpoint, what are some of the requirements that we have to deal with now maybe that weren't even in the conversation maybe even ten years ago? Well, you're bringing up a you're you're bringing up a a terrific topic because I think like most areas, technology is expanding so much faster than regulations can even hope to keep, keep, up with. And so the challenge the challenge too then in the gaming industry is gaming regulations are in and around some of the things I talked about. Right? Fair play, integrity, etcetera. Gaming regulations don't look at all really around compliance with data security or technology standards. So, therefore, you can have a gaming compliant system that is terrible when it comes to cybersecurity, whereby the vendors need to then look at some of the other things like NIST, PCI DSS, and other standards to layer in and around their applications. Because, let's face it, just because you're compliant with a gaming reg but failing on data security does still leave you open to PCI vulnerabilities, you know, some of the European and California standards or individual state standards. And so you've gotta really be looking at layer upon layer of of of technology solutions, if you will, which really will boil back down to having an organization that has a culture of compliance to look at things that are beyond maybe just the straight point between a and b, which is I need a gaming I need to be reg gaming reg compliant, but let me look at all of these other standards. Case in point, by the way, the, the breach that happened to MGM and Caesars over the course of the last twelve months, whereby all of their systems are gaming compliant, and they, you know, they they, needless to say, right, support the industry, but yet people were able to get in using a variety of of social and or technological vulnerabilities and and penetrate those systems and and obviously do quite a bit of damage over the course of a short period of time. Well, that was that was kinda my next question. Right? Is that's exactly where my mind went when it came from a cyber security standpoint because you're right. I like the differentiation that you have between gaming integrity and cybersecurity. Right? Because, you know, I was I was even on a cruise, last month, and you're you're able wirelessly and digitally to, you know, turn off the ability to play slots and things like that. It's great that all of our devices are connected until it's not. Right? Whether that's somebody who gets in nefariously and steal somebody as identity and player information and data, and uses the the console or the the gaming device as as a point of entry. But I wanna ask kind of about the requirements from from that that privacy side of things. It's really interesting. Right? Because you've got globally, you've got all sorts of different compliances even here in states, whether it's, you know, GDPR compliance overseas or, you know, CCPA, things like that. How, you know, how much impact do those kind of decentralized and even disjointed regulations play specifically when it comes to, you know, maybe manufacturers of gaming systems or even infrastructure software, things like that? Well, they're all those are all critical, but but they are very much dependent on the manufacturer or the the system developer to implement those kinds of technologies. And, certainly, I can say from my time at at Global Payments, you know, aka Pavilion after our spin off, we very much had a culture of compliance because in in our world, it was very much payments first, gaming second. So, CCPA, GDPR, all of those other requirements, KYC, AML, anything coming down from the, you know, CFPB, we paid a lot of attention to make sure that everything that we deployed, first and foremost, right, protected the consumer data. And then after that, we could layer on the fact that now that we're protecting the data, how will how will those systems comply with gaming rules and regs that vary across the state? And so, but it was very much left and incumbent on us. You can it's it's it's maybe it's not obvious, but but let me just point out the fact that these are all complex environments. You've got the comp the complexity of us as a Fortune five hundred company also dealing with a multi multibillion dollar set of casino operators with varying levels of technology and network and infrastructure, which all has its, you know, its own intricate complexities that that make it very, very difficult. So, it it's it's a tough job, if you will, for the CIO of one of those large organizations to figure out, are all of their vendors coming together and all doing the things that they need to do to work in concert to protect against malware or other cybersecurity vulnerabilities. Well, it's sort of a wild dance too between you know, I was at G2E, last year, and, you know, you've got the game developers, the software providers. You've got the OEM manufacturers. You've got the people making the buttons. And somehow, some way, they're all kind of synchronous with each other, and then, obviously, the payment terminals and things like that all built into this one device. You know? But what's happened as we we sort of combine technologies, not only just in the world of gaming in casinos, but even globally on a macro level where, you know, as everything sort of conglomerates into connected devices, the decision makers and the owners of these devices are are sort of changing. And I wanna ask, you know, at a casino and a gaming level, who typically ends up being kind of the on-site owner of a lot of these devices to make sure that the compliance is happening, that cybersecurity is in place, that people aren't breaching systems? Is it is it the IT folks? Is it the security folks, or does it end up being even the slot techs? Who who takes accountability for that typically on a granular level? Well, I I guess not to necessarily paint anybody with the same brush, but it would all it would all point back to IT. Somebody in IT has gotta be paying attention to these kinds of things because I would say and and, again, not to paint everybody with a similar brush, but for the most part, I believe the assumption is, oh, this has passed gaming regulatory. This is on the casino floor someplace else. Somebody's had to check this. It's fine. Let's let's move it in and install it. But these are incredibly complex, organizations whereby everything is tested against the set of standards, but, you know, the long and short of it is when a game comes on to the casino floor, each individual environment is incredibly bespoke because I might be using the same IGT or Light and Wonder system, but the modules that I've deployed may be different than the modules that you've deployed. Infrastructure that's going to be remarkably enough different from yours, which which, again, adds to the complexity where, which which, again, adds to the complexity whereby I may say, wow. I want to encrypt my infrastructure, but I've got software applications that, you know, are some are brand new, some are thirty years old. How do I go about making sure that the data flowing through my now new encrypted infrastructure doesn't cripple my ability to do tax reconciliation or, handle customer data or be able to deliver the right offers to the right player at the right time to, to help develop my organization. I wanna do single sign on, multifactor authentication, etcetera. I mean, these are just these small words, right, are big challenges to implement to a lot of organizations when you've got dozens of systems, that are dozens of generations old. What what's really interesting too, and this is, like I said, kind of a global challenge is as IT continues to take on more and more of these responsibilities, they have to absorb and become subject matter experts on things that were not even remotely part of their purview previously. And one of the things too that that stands out, I I just had the chance to go to Resorts World last week, is there's a handful of areas or or places inside that casino where the actual slot machines themselves are integrated with LED wall technology. And whenever somebody wins, the LED walls in the area go crazy. So now IT not only has to manage the the cybersecurity and the the compliance side of things, but they have to manage the the the freaking AV infrastructure, right, and worry about the lighting and and, you know, in some cases, HVAC automation. It's kinda ridiculous, the ads that were being made. But, you know, from a from an outsider's perspective, how have you seen casinos and IT staff specifically try and make that adjustment from a technology ownership perspective, especially as it decentralizes sort of across different disciplines. Yeah. Man, you are hitting on a you're hitting on a hot topic because there are quite a few organizations trying to do some of the things that you just said, and it does it layers on the complexity. Because when you think about there's, like, fifteen hundred line items of data for every spin on a slot machine because it's, right, how much did I how much did I how much did I, insert to make my deposit? How much did I play? How many lines? What are the outcomes of all of those lines? Did I win? Did I lose? Blah blah blah blah blah. Right? Goes on and on and on. And, oh, by the way, something in all of that data comes back out to trigger that light wall to where now I've got cash raining down on the walls and from the ceiling based on something that happened on my specific machine, which also then triggers sound and all kinds of other all kinds of other great things. Likewise, think about there you add the complexity now of of each of us individually as players, our behaviors, our preferences. There's a tremendous amount of data to where our ability to customize an experience for you based on the things that you want. Right? We'll start to add incredible complexity to to what the IT organizations are gonna have to try to develop, the in interfacing with with mobile so that we can become mobile first or or at least something along that line. The ability then through your mobile to drive augmented or virtual reality. Where is your favorite game? Oh, by the way, Ben, if not only here's your favorite game, but here's twenty bucks in free play if you wanna play this other game that I think is similar and you might even like even more. There are so many great things that the industry can do with the amount of data that it has. It just it becomes a just an incredibly complex, puzzle piece, right, to try to figure that out. And I think the companies that are doing a good job, like you mentioned Resorts World, Caesars is doing some similar things, The more they lean in to creating those customized environments, the more they're going to do to differentiate themselves from the standard run of the mill gaming experience that a lot of the other places are delivering. You know, Christopher, what what I am always struck by when I go into a lot of these places is how technology, you know, kinda like we mentioned, has moved just even off of the casino floor. Right? You've got fully integrated rooms with with, you know, TVs now that know your that know your name, that know your the offer you're staying on, know what tickets you have, can make recommendations based on things like that. So we're at the point now where where we're at a really fully connected resort in a lot of ways. And and, you know, it it's interesting, obviously, as you cross things like from the hotel side and then the gaming side and then the technology integration side and, you know, the theaters and performing arts side of things. It's become cohesive. You know, one of one of the things that I I'm struck by is that, you know, the user experience still actually is is considered first in a lot of ways. Right? We talk about a lot of these compliance standards and regulations and things like that, and we always kind of assume, hey. That's there to protect the company or that's there to protect the corporation. But the inverse is true in a lot of ways where it's actually there to protect the consumer, right, to to allow them to know what to expect and to make their experience easier. And and I wanna ask kinda specifically about that user experience. Right? As we continue to evolve from a technology standards and and capability standpoint, how does that continue to better evolve and support that end user experience? Whether it's the person hitting the slot machine or whether it's the person that's at the, you know, David get a concert at Dre's. Yeah. Yeah. And it's this is a difficult I think this is the difficult part of the conversation in that if you look at the typical casino reward system, they're all basically four tiers. And if I took MGM's name off the top and put Caesars or Stations or Boyd or any of the other names along the top, you'd be hard pressed as a consumer to tell the difference from one program to the next. So they're all trying to figure out how did they how do they deliver that level of customization to you to help drive off your preferences. But a lot of the times, because of the complexity of everything that we talked about, they do have to basically deliver things down through one of four distinct ways that are very, very cookie cutter, and a lot of which is to protect your consumer data, to make sure that the offers you get are the offers that you deserve, to make sure that somebody isn't able to tunnel in through through the video screen, through the coffee maker, through whatever to be able to gain access to your confidential information and not only expose you as a consumer, but but, you know, expose the organization as a whole. So I think there's a lot there's a lot of hard work being done by a lot of really talented people to figure out how to take those things to the next level. But but right now, securing the edges and securing the infrastructure and controlling, you know, how those things are delivered is is very much job one for the majority of the organizations. You know what's wild is this thing right here is the great equalizer. Right? This this cell phone because, you know, not only is it a touch point, for, you know, your your check-in. It's a touch point for your hotel key. It's a touch point because it's where you're booking your entertainment. It's a touch point because it's how you're betting with MGM locally. It's sort of been the great equalizer, but also one of the biggest kind of, I don't know, wrenches in the whole system because now the expectation for a lot of people, especially a sports book or a sports betting, continues to globalize, is that people you know, as a casino, you can't control someone's private device in theory. Right? And and that seems to be the greatest variable. But how do you see that cell phone and maybe we'll call it the second screen experience, I guess. But how do you see that cell phone continuing to play a factor, not only in the gaming side of things, but even in the the hospitality side of of the casino world? Well, it it your second screen really became the first screen in America several years ago, replacing television and everything else. You start to look at the amount of time consumers are spending on that device is incredible. The amount of data that is produced by that device is is incredible. I think the ultimately, the dream would be as a mobile as a which should be as a mobile first industry, we would understand your play preferences, your behavior preferences, where you like to stay, what you like to eat, where you like where you like to do whatever, very similar to the way Google already knows everything about you and your and your preferences. Because the more we can understand about you, the more we can deliver experiences tailored to you. Right, we see you. The fact that you are now in the casino, it's about dinner time, you're dis you're displaying behaviors that would say, Ben's getting hungry. Well, you know, if if you're not a fast food kind of a guy, I don't need to be saying, hey. By the way, we've got extra capacity here at Taco Bell, but I could utilize some of the data that we know about you to go, hey. We have created an incredible menu for you at Wolfgang Puck. Here's a couple of free cocktails. Here's something that would entice you to go to the restaurant because I've got excess capacity, and I can seat you right now. I wanna deliver incredible, an incredible service experience from the time you walk in the door to the time you leave, and I'm gonna do all of that because I can leverage information that your phone already knows about you. That's where I think the industry wants to get. The challenge of a lot of that is a lot of the infrastructure that's within the casino, your player loyalty systems, the the casino management systems, you know, the slot machines themselves, while a lot of them are brand, you know, they're brand new themes, the technology in them, it it's it's not your latest mobile phone. Right? These are generations old and trying to tie all that stuff together to be able to deliver this mobile first kind of capability is incredibly difficult. But where I think the industry needs to go is trying to think about this differently. And instead of saying, wow. I've spent twenty twenty million or two hundred million dollars developing an infrastructure that I need to leverage to deliver that kind of approach. If I think about that differently and say, wow. Ben's carrying a device with him that's already got his behaviors that are that are, enmeshed in Google and Apple and all of these other companies. What if I leverage that technology, right, to bring you and your preferences to me, and your system tells me what I should be doing as opposed to me having to figure it out and push it back to your system, if that makes if that makes sense. I think it's just a a reverse way of thinking about innovation and delivering a better customer experience, through the process. Well, I think that's an incredible lens to look at, you know, the crux of our conversation, which is kind of that world of compliance and certification, things like that because it helps build a base for, you know, our audience of of tech manufacturers, service providers, folks really who say, hey. You know, I've got great technologies or whether I'm an OEM provider for a a slot display, things like that. We've got great technologies that we're always finding different use cases for. And I think the gaming and casino market, whether it's, you know, kind of that eye candy side of things where it's LED walls, lighting, even some sound, things like that, or actually part of the gaming or payment processing devices. We find ourselves in a lot more of these conversations as our techno technology continues to evolve. And I I tell you what, I really appreciate you you coming on and kinda setting that lens and setting that table for us, for for our community. Well, so happy to be here, Ben. Anything I can do to help? Hopefully, this has given some takeaway value to help them expand their business and and, deliver, frankly, better better guest experiences for all of us who wanna come enjoy, enjoy gaming. I I agree with that, Christopher. I'll give you the last word here. You know, there are a lot of folks probably listening for the first time who say, you know, I really have to at least consider or look into getting into this world or, forging partnerships and things like that. How do you recommend that people start that conversation? Is it through AGA, or is it, through a a different provider? You know, well, certainly, the AGA can help because the AGA is connected to all of the manufacturers, all of the casino operators, regulators, etcetera. Right? It is the it is the community that is gaming, and so that's that's a great place to start. But I guess it would also depend as well on, what what channel folks are wanting to wanting to go through. There's there's plenty of ways to access the industry. It's just it's certainly one that does warrant a little bit of research to make sure that whatever it is that you're wanting to do, that you have the capability of delivering it in a highly regulated environment. Well, Christopher, thanks so much for coming on. We, we always love having you. Look. We've we've gotta make you feel like a regular guest at this point because this is a conversation that comes up. It feels like every single time we have a conference in Vegas, which is three or four times a week. So it's a nonstop conversation that we have, but I appreciate you sharing your insights with us today. Always, my friend. I appreciate you. Thanks so much for having me on today. Well, thank you, and thank you to the audience too for tuning in. Be sure to like and subscribe, and check us out next time on ProAV Today.
