General Requirements
2.1.1 POS applications must display sufficient information to be identifiable, such as the software name and version.
2.1.2 The ELS must only allow purchase of Lottery Tickets when conflicts will not occur, such as to prevent tickets from being purchased during the Draw time that will therefore not be included in the Draw.
2.1.3 POS applications must ensure all Lottery transactions are completely and accurately forwarded to the Backend System.
2.1.4 POS applications must clearly communicate all relevant information messages to Sellers and players during Lottery transactions, such as wagering, cancellations, validations, redemptions, and when a Lottery transaction is being rejected.
2.1.5 Lottery transactions must be securely, completely and accurately communicated between the POS application and Backend System:
- In real-time whenever possible; and
- As soon as possible when not possible in real-time such as during power or communication interruption.
2.1.6 All accepted payment mechanisms must be compliant with the applicable Payment Card Industry (PCI) Security Standard(s) as confirmed by a laboratory recognized by PCI Standards Security Council to make this determination.
2.1.7 All Personally Identifiable Information (PII) captured must be securely protected from unauthorized access.
2.1.8 There must be no hidden or undocumented buttons or touch points (if applicable) that affect any of the POS approved functions anywhere on the Lottery POS interface used for Game Play.
2.1.9 POS applications must not be adversely affected by the simultaneous or sequential activation of the various inputs and outputs.
2.1.10 There must be no negative integrity impacts from one Lottery Game to another Lottery Game.
2.1.11 User input fields must be validated to prevent invalid data from being entered which could potentially impact the integrity of the Game.
2.1.12 When POS limits on Lottery Ticket transactions configured in the Backend System are reached, there must be clear and accurate messaging to inform Sellers and players. The limits themselves must not negatively impact to the integrity of Lottery Games.
2.1.13 Sufficient reports must be available to review at minimum thirty (30) days’ history of Lottery Ticket transactions, accounting, and security logs.
2.1.14 A Remote Disable mechanism must be provided to disable the Lottery Terminal and Self-Service Terminal in real-time.
Lottery Terminal Applications
2.1.15 Lottery Terminal usage must be monitored by the Operator. The Lottery Terminal must be disabled when unlawful or non-compliant usage occurs, or any integrity or security issues occur.
Self-Service Terminal Applications
2.1.16 Self-Service Terminal usage, integrity, and security must be monitored by the Seller. The Self-Service Terminal must be disabled by the Seller to prevent unlawful or non-compliant usage, and to mitigate any detected integrity or security issues.
2.1.17 Self-Service Terminal usage, integrity, and security must be monitored by the Operator. The Self-Service Terminal must be disabled by the Operator when unlawful or non-compliant usage is detected, and to mitigate any integrity or security issues, when not already mitigated by the Seller.
2.1.18 Self-Service Terminals must limit a single purchase transaction to $300 or less.
2.1.19 Self-Service Terminals must limit redemption of prizes in a single transaction to non-cash prizes only having a combined value of $300 or less.