FORM 2
THE PATENTS ACT, 1970
(39 OF 1970)
AND
THE PATENT RULES, 2003
COMPLETE SPECIFICATION
(See section 10 and rule 13)
“SYSTEM AND METHOD OF FRAUD DETECTION IN A MULTI-USER REAL-TIME GAMING ENVIRONMENT”
We, RELIANCE JIO INFOCOMM LIMITED, an Indian National, of 3rd Floor, Maker Chamber-IV, 222, Nariman Point, Mumbai- 400021, Maharashtra, India.
The following specification particularly describes the invention and the manner in which it is to be performed.

TECHNICAL FIELD
The present disclosure generally relates to a Real-time Interactive Content Distributed (RICD) game-playing scenario and more particularly to a new and improved system and method of fraud detection in a multi-user real-time gaming environment.
BACKGROUND OF THE DISCLOSURE
The following description of related art is intended to provide background information pertaining to the field of the disclosure. This section may include certain aspects of the art that may be related to various features of the present disclosure. However, it should be appreciated that this section be used only to enhance the understanding of the reader with respect to the present disclosure, and not as admissions of prior art.
Mobile applications have served as a catalyser in the online gaming environment which began over a decade ago when broadband internet became widely available to the consumers. Such mobile applications have moved away from the integrated software systems that are generally found on PCs. Instead, each app on the mobile provides functionality such as a game, calculator or mobile web browsing.
Earlier live events, gameplays and entertainment were often provided to a remote audience, for example, via traditional TV broadcasting or other distribution methods. However, the remote audience was often limited to an observation of the live event, and there was no possibility for interaction with the live event. In particular, old-fashioned TVs only allow receiving the broadcasted data and have no capabilities to transfer any feedback or to participate in the live event watched via TV broadcasting. Now, the local spectators may contribute to the live event where the number of spectators is limited.

From live game on the field, the user moved to Television and PC games such as ‘console game’ which is another type of interactive multimedia software that uses a video game console to provide an interactive multimedia experience via television or other display devices. The game console generally consists of a handheld control device (although some use cameras to monitor user movements) and a computer that runs the game's software. Console game developers eschewed the cartridge and distributed their games digitally over the internet.
‘Online game’ refers to playing electronic games, whether through consoles, computers, mobile phones or another medium altogether. Gaming is a nuanced term that suggests regular gameplay, possibly as a hobby. Although traditionally a solitary form of relaxation, online multiplayer video games have made gaming a popular group activity as well. Such online video games can produce large amounts of network traffic.
Several media entities have understood the importance of convergence of gaming content and technology and number of channels including broadcasters, telecommunication companies, etc. are using over-the-top (OTT) applications (digital platforms accessed on mobile devices) as well as native applications to provide users with gaming, movies, videos and exclusive content on their apps. An ‘over-the-top (OTT) application’ refers to an app or service that provides a product over the Internet and bypasses traditional distribution. The services that come over the top are most typically related to media and communication and are generally, if not always, lower in cost than the traditional method of delivery.
Multi-user online games (MMOG) are among the most successful interactive, world-scale distributed systems that have been built in the past decade. They possess a variety of features not limited to supporting large groups of players and supporting massive crowds. In the multiuser game, the target audience is

the gamer in the real-time environment, with interactions producing results much like the actual game.
More particularly, ‘massively multiplayer online game (MMOG)’ refers to video games that allow a large number of players to participate simultaneously over an internet connection. These games usually take place in a shared world that the gamer can access after purchasing or installing the game software. The explosive growth in MMOGs has prompted many game designers to build online multiplayer modes into many traditionally single-player games.
Another feature in the gaming industry that has come is ‘play along’ that refers to a format where the application on an app will display questions and its respective answer with probable options in sync with the live broadcast on the computing device not limited to the television set.
There are several categories of gaming content which are presently prevalent in the online gaming industry which are first-person shooter game (FPS), real-time strategy game (RTS), multiplayer online battle arena game (MOBA), massively multiplayer online game (MMO), console gaming, browser games, MUD which is class of multi-user real-time virtual worlds, player versus environment (PvE), player versus player (PvP) games amongst others.
Hence, the online gameplay can be broadly classified into two different sub-categories which are as follows:
1. Static Content Gaming: In static or simultaneous games, the players move one time simultaneously and no new/ additional information is revealed to any of the players during the game before they make their play. There is only static content related to static gaming.
2. Real-Time Content Gaming: The real-time multiplayer gaming is an online game with large numbers of players, typically from hundreds to thousands, playing simultaneously on the same server. Such games

enable its players to compete against each other on a large scale across the globe or in selected demography. The real-time gaming contains both static as well as dynamic/ real-time content. The real-time content display, concurrent call and scalability are some of the challenges.
According to various research reports, the trend of playing mobile games is consistently increasing and generating revenue at a rapid rate. Hence, the huge growth, as well as revenue associated with it, has made this industry an attractive target for potential online gaming activities.
The growth in popularity and complexity of multiplayer online games has been accompanied by an increase in the problem of fraud/ cheating. There are various kinds of fraud/ cheating which is rampant in use by players of such games. Characteristically, a fraud/ cheating is designed to give a player an unfair advantage over other players and commonly expose game states or other information that otherwise would be hidden from the player (for example, the ability to answer the questions before the questions are relayed on the application in parallel to the live program broadcasted on television or when multiple answers are being entered by a single user and answering of the previous question asked in the live gameplay). The mobile industry in general and the mobile gaming market, in particular, has become a magnet for fraudsters and fraudulent attacks.
‘Cheating’ refers to an act of lying, deception, fraud, trickery, imposture, or imposition and is typically employed to create an unfair advantage, often at the expense of others. ‘Fraud’ is a particular type of cheating, in which a victim is illegally deceived for the personal gain of the perpetrator. Cheating is rampant in online games, due to the relatively poor security of most game programs and the permissive atmosphere created by the mutual anonymity of participants in Internet-based games.

The term ‘cheat/ fraud’ may also involve the manipulation of the game client program to enhance the player's abilities. A cheating player might use the application programming interface provided with a game program to manipulate the workings of the program and extract information about the game, or the player might intercept graphics commands issued by the program to the operating system. Cheating and other unauthorized behaviours may also be perpetrated to harm other players and to cause general disruption in the operation of the game.
Also, with the increasing number of online real-time game players in the real¬time gaming environment, the biggest challenge is to prevent fraud/ cheating and effective monitoring of user activity to offer seamless and secure real-time gaming content. As evident, the availability of fast mobile internet access together with the increased adoption of smartphones across the consumer market has created an upsurge of Over-The-Top (OTT) gameplay applications and is constantly evolving with new risk such as fraud/cheating by the users to claim the prize money.
Markets like online gaming or a multiplayer role-playing game attract fraudsters and it becomes quite easy in the world of online gaming where everything happens fast i.e. where purchases are fulfilled instantaneously, bets are placed quickly, and through it all, and the customers expect their gameplay to continue without a hitch. The solutions available today lack adequate infrastructure to deal with issues related to fraud detection and user activity authentication in an online real-time gaming environment where millions of simultaneous responses are received simultaneously.
There are few inherent challenges concerned with the real-time gaming scenario, one amongst, which is preventing fraud/ cheating activity and effective monitoring of user activity to offer seamless and secure real-time gaming content. The other is to obstruct illicit user activity and to make the game

platform more reliable and also to prevent frauds conducted by bots and mischievous gameplay by certain users, considering the huge amount of network traffic at the same time in the Real-time Interactive Content Distributed (RICD) game playing scenario.
The detection and prevention of fraud/cheating and other unauthorized user behaviour is important in ensuring the quality of service of RICD online games because if such behaviour is not curbed, non-cheating players tend to abandon the game and cheating player win the bounty as prize money. There are many problems associated with the detection and prevention of fraud/cheating and other unauthorized user behaviours in a Real-time Interactive Content Distributed (RICD) game playing scenario. Firstly, the network traffic is very heavy during the live gameplay and it becomes an issue to monitor any such fraudulent activity. Secondly, the existing solutions are unable to perform dynamic and time-sensitive data analysis to check any such unauthorized user activity. Thus, the current solutions are unable to provide a secure gaming environment. In fact, Real-time gaming fraud has acted as an impediment on the rapidly growing real-time gaming industry.
In order to deal with above issues, some game providers have developed techniques for detecting cheats of various kinds, but the prior art solutions are only limited to indicate the relative likelihood of future fraud/ cheat event and to determine if an achievement obtained by a user during interaction with the gaming application was legitimately obtained in compliance with the rules or obtained improperly. The prior art solutions failed to provide efficient and effective fraud detection and fraud prevention in a multi-user, multi-instance and secure gaming environment which allows millions of players to play along a live game simultaneously.
Therefore, in view of these and other existing limitations and to provide seamless and efficient solution for detection and prevention of fraud/cheating

and other unauthorized user behaviour and also ensuring the quality of service of multiplayer online gaming, there arises an imperative need to provide a solution to provide a more efficient method and system for fraud detection in a multi-user real-time gaming environment.
SUMMARY
This section is provided to introduce certain objects and aspects of the present disclosure in a simplified form that are further described below in the detailed description. This summary is not intended to identify the key features or the scope of the claimed subject matter.
In order to overcome at least a few problems associated with the known solutions as provided in the previous section, an object of the present disclosure is to provide a novel automatic method and system for fraud detection in a multi-user real-time gaming environment. Another object of the present disclosure is to provide a secure gaming environment which allows millions of players to play along a live TV game show without any fraud. Yet another object of the present disclosure is to prevent fraud conducted by bots and mischievous gameplay by certain users considering the huge amount of network traffic at the same time. Also, another object of the present disclosure is to provide sufficient capacity to handle the fraud detection and its prevention at scale. One other object of the present disclosure is to provide sufficient capacity to handle a massive number of gaming events occurring simultaneously and ensuring fair chance being given to genuine players by preventing frauds. Another object of the present invention is to provide upgradation in the security of the user’s profile data and prevent any security breach. Yet, another object of the present invention is to provide a dynamic real-time gaming platform which uses the real¬time environment and context adapted for different media and could be utilised for games with varied contexts.

In order to achieve the aforementioned objectives, the present disclosure provides a method and system of fraud detection in a multi-user real-time gaming environment. One aspect of the present invention relates to a method of fraud detection in a multi-user real-time gaming environment. The said method comprises, dynamically maintaining a database comprising a list of one or more fraudulent user devices in the multi-user real-time gaming environment at a gaming server. Thereafter the method comprises receiving, at the gaming server, one or more login requests from one or more user devices. The method then leads to authenticating, by the gaming server, each of the one or more user devices based on said database of fraudulent user devices.
Further, the method encompasses establishing, based on said authentication, a connection between said gaming server and each of a one or more successfully authenticated user devices. The method thereafter comprises broadcasting one or more questions from the gaming server to each of the one or more successfully authenticated user devices. Also, the method encompasses receiving, at the gaming server, one or more responses from the one or more successfully authenticated user devices. The method further leads to detecting one or more new fraudulent user devices from said one or more successfully authenticated user devices based on one or more rules. Thereafter, the method comprises dynamically blocking said one or more new fraudulent user devices by terminating the connection between the server and the one or more new fraudulent user devices.
Another aspect of the present disclosure encompasses a system (i.e. gaming server) for providing fraud detection in a multi-user real-time gaming environment. The system comprises a database comprising a list of one or more fraudulent user devices. The system also comprises a transceiver connected to the database, the transceiver configured to receive one or more login requests from one or more user devices. Further the system comprises a login

authenticator to the transceiver and the database, said login authenticator configured to authenticate each of the one or more user devices based on said database of fraudulent user devices, and to establish, based on said authentication, a connection between said gaming server and each of a one or more successfully authenticated user devices. Further, the transceiver of said system is also configured to broadcast one or more questions to each of the one or more successfully authenticated user devices and to receive one or more responses from the one or more successfully authenticated user devices. The system also comprises a fraud detector connected to said database, said transceiver and said login authenticator, the fraud detector configured to detect one or more new fraudulent user devices from said one or more successfully authenticated user devices based on one or more rules, and dynamically blocking said one or more new fraudulent user devices by terminating the connection between the gaming server and the one or more new fraudulent user devices.
BRIEF DESCRIPTION OF DRAWINGS
The accompanying drawings, which are incorporated herein, and constitute a part of this disclosure, illustrate exemplary embodiments of the disclosed methods and systems in which like reference numerals refer to the same parts throughout the different drawings. Components in the drawings are not necessarily to scale, emphasis instead being placed upon clearly illustrating the principles of the present disclosure. Some drawings may indicate the components using block diagrams and may not represent the internal circuitry of each component. It will be appreciated by those skilled in the art that disclosure of such drawings includes disclosure of electrical components, electronic components or circuitry commonly used to implement such components.
FIG.1 illustrates an exemplary diagram of network architecture for implementing the gaming server, in accordance with the exemplary embodiment of the present disclosure.

FIG.2 illustrates an exemplary diagram of a gaming server, in accordance with the exemplary embodiment of the present disclosure.
FIG. 3 illustrates an exemplary method flow diagram depicting a method for fraud detection in a multi-user real-time gaming environment, in accordance with the exemplary embodiment of the present disclosure.
FIG. 4 illustrates an exemplary login process flow diagram [400], in accordance with the exemplary embodiment of the present disclosure.
FIG. 5 illustrates an exemplary flow diagram depicting a method for fraud detection in a multi-user real-time gaming environment, in accordance with the exemplary embodiment of the present disclosure.
The foregoing shall be more apparent from the following more detailed description of the disclosure.
DESCRIPTION OF THE INVENTION
In the following description, for the purposes of explanation, various specific details are set forth in order to provide a thorough understanding of embodiments of the present disclosure. It will be apparent, however, that embodiments of the present disclosure may be practiced without these specific details. Several features described hereafter can each be used independently of one another or with any combination of other features. An individual feature may not address all of the problems discussed above or might address only some of the problems discussed above. Some of the problems discussed above might not be fully addressed by any of the features described herein.
The ensuing description provides exemplary embodiments only and is not intended to limit the scope, applicability, or configuration of the disclosure. Rather, the ensuing description of the exemplary embodiments will provide those skilled in the art with an enabling description for implementing an exemplary embodiment. It should be understood that various changes may be

made in the function and arrangement of elements without departing from the spirit and scope of the invention as set forth.
Specific details are given in the following description to provide a thorough understanding of the embodiments. However, it will be understood by one of ordinary skill in the art that the embodiments may be practiced without these specific details. For example, circuits, systems, networks, processes, and other components may be shown as components in block diagram form in order not to obscure the embodiments in unnecessary detail. In other instances, well-known circuits, processes, algorithms, structures, and techniques may be shown without unnecessary detail in order to avoid obscuring the embodiments.
Also, it is noted that individual embodiments may be described as a process which is depicted as a flowchart, a flow diagram, a data flow diagram, a structure diagram, or a block diagram. Although a flowchart may describe the operations as a sequential process, many of the operations can be performed in parallel or concurrently. In addition, the order of the operations may be re-arranged. A process is terminated when its operations are completed but could have additional steps not included in a figure.
The present invention provides a novel method and system for fraud detection in a multi-user real-time gaming environment. The invention provides a solution to prevent fraud/cheating and other unauthorized user behaviours for ensuring the quality of service of RICD online games and also it provides a solution to check frauds/cheating conducted by bots and mischievous gameplay by certain users. Further, the method and system to prevent frauds includes a mechanism to check whether in a real-time gaming scenario, an answer to the question is provided before the questions are relayed on the gaming application in parallel to the broadcasted live gaming program or when multiple answers being entered by a single user or answering the previous question displayed in the live gameplay. Consequently, a deterrent action is taken if any such patterns are

found from same user device/number whereby, that particular user/number may be permanently blacklisted and the user cannot re-join the RICD online gameplay. Thus, the present invention provides a seamless and efficient multi¬user, multi-instance and secure gaming environment which allows millions of players to play along a live game show.
In order to provide fraud detection in a multi-user real-time gaming environment, the present invention dynamically maintains a database comprising a list of one or more fraudulent user devices at a gaming server. When one or more login requests are received from one or more user devices at the gaming server, the gaming server first authenticates each of these user devices based on said database of fraudulent user devices. Thereafter, the gaming server establishes a connection between said gaming server and each of one or more user devices that have been successfully authenticated. During live game-play, the gaming server broadcasts one or more questions to each of the one or more successfully authenticated user devices, and receives one or more responses from these successfully authenticated user devices. The invention then detects one or more new fraudulent user devices from said one or more successfully authenticated user devices based on one or more rules. These fraudulent user devices are then dynamically blocked by terminating the connection between the server and these newly identified fraudulent user devices.
As used herein, the “user device” is a ‘smart computing device’ refers to any electrical, electronic, electro-mechanical or an equipment or a combination of one or more of the above devices. Smart computing devices may include, but not limited to, a mobile phone, smartphone, pager, laptop, a general-purpose computer, desktop, personal digital assistant, tablet computer, mainframe computer, or any other computing device as may be obvious to a person skilled in the art. In general, a smart computing device is a digital, user-configured,

computer networked device that can operate autonomously. A smart computing device is one of the appropriate systems for storing data and other information. The said device operates at all the seven levels of ISO reference model but the primary function is related to the application layer along with the network, session and presentation layer with any additional features of touch screen, apps ecosystem, physical and biometric security, etc. Further a ‘smartphone’ is one type of “smart computing device” that refers to the mobility wireless cellular connectivity device/mobility device that allows end-users to use services on 2G, 3G or 4G mobile broadband Internet connections with an advanced mobile operating system which combines features of a personal computer operating system with other features useful for mobile or handheld use. These smartphones can access the Internet, have a touchscreen user interface, can run third-party apps including capability of hosting online gameplay applications, music players and are camera phones possessing high-speed mobile broadband 4G LTE internet with video calling, hotspot functionality, motion sensors, mobile payment mechanisms and enhanced security features with alarm and alert in emergency situations. Further, said mobility devices/user devices may include the devices capable of hosting online gameplay applications such as smartphones, wearable devices, smart-watches, smart bands, wearable augmented devices, and such other device obvious to a person skilled in the art. Further, for the sake of specificity, the mobility device refers to both feature phone and smartphones in this disclosure but it will not limit the scope of the disclosure and may extend to any mobility device in implementing the technical solutions.
As used herein, the term “cheating” refers not only to actual violations of rules of play with respect to particular online games but also more broadly to disruptive or unauthorized behaviour by a player that has the effect of undermining the integrity of and players' trust in the game system. The term “unauthorized behaviour” includes, but is not limited to, cheating by a game participant.

“Detecting” is employed herein to refer both to identifying cheating players and to taking action against such players and behaviour.
As used herein, “couple”, “connect”, “associate” and its cognate terms, such as “coupled”, “connected”, “associated” includes a physical connection (such as a conductor), a virtual connection (such as through randomly assigned memory locations of data memory device), a logical connection (such as through logical gates of semiconducting device), other suitable connections, or a combination of such connections, as may be obvious to a skilled person.
Referring to Fig. 1, an exemplary diagram of the network architecture [100], in accordance with the exemplary embodiment of the present disclosure is shown. As shown in Fig. 1, a plurality of user devices [102(A)], [102(B)], [102(C)]….. [102(N)] (Collectively referred to as user devices [102]) may be connected to at least one gaming server [106] via at least one network [104], wherein the network [102] enables a web-socket connection between said at least one user device [102] and at least one gaming server [106].
The network [104] may be a wired network, a wireless network, or a combination thereof. The network [104] may be a single network or a combination of two or more networks. Further, network [104] may include, but is not limited to, personal area network, local area network, metropolitan area network, wide area network, Internet, or any combination thereof. A network may be a storage area network, virtual private network, enterprise private network or a combination thereof.
The gaming server [106], is configured to provide a multi-user real-time gaming environment to the user device [102]. The said user device [102] is a ‘smart computing device’ refers to any electrical, electronic, electro-mechanical or an equipment or a combination of one or more of the above devices. Smart computing devices may include, but not limit to, a mobile phone, smartphone, pager, laptop, a general-purpose computer, desktop, personal digital assistant,

tablet computer, mainframe computer, or any other computing device capable of hosting online gameplay applications and /or events or any other similar device as may be obvious to a person skilled in the art.
The user device [102] is configured to launch at least one Real-time Interactive Content Distributed (RICD) gameplay. The user device [102], is also configured to transmit one or more login requests to at least one gaming server [106] in a multi-user live gaming environment via at least one network [104]. Also, the user device [102] may further be categorised as at least one of, an authenticated/valid user devices and fraudulent user devices, based on the activity performed by the said user device [102] during a gameplay event.
Although a limited number of user devices [102] and gaming servers [106] are shown in Fig. 1, however, it will be appreciated by those skilled in the art that the invention encompasses the use of multiple such user devices [102] and gaming server [106], as may be necessary to implement the features of the invention.
Referring to FIG. 2, a block diagram of the gaming server [106], in accordance with the exemplary embodiment of the present invention is shown. The gaming server [106] comprises at least one login authenticator[202], at least one database [204], at least one transceiver [206] and at least one fraud detector [208].
The gaming server [106] is configured to provide a multi-user real-time gaming environment to the user device [102]. The gaming server [106] is also configured to provide fraud detection and prevention in said multi-user real-time gaming environment. Further, the gaming server [102] provides said fraud detection and prevention with the help of the interconnection between the said at least one login authenticator[202], at least one database [204], at least one transceiver [206] and at least one fraud detector [208].

The database [204] is configured to store a list of one or more fraudulent user devices [102]. The details of fraud/blocked players are stored in said database [204] and work in parallel to the system which keeps adding if any user tries to commit fraud/cheat in the game. Also, the database [204] is configured to store one or more questions that are to be asked in a gaming event, during the gaming event said questions are retrieved from said database [204] and published to at least one authenticated/valid user device [102]. The database [204], is also configured to store the respective answers to said one or more questions, to provide said at least one authenticated/valid user device [102], the response to their submitted answers for said questions.
Also, the database [204] may include but not limited to a durability data-store, which stores all the scheduled events and keeps the data available during the gaming event. Also, the database [204], maybe a distributed, in-memory data structure and in-memory key-value database which provides durability and high availability of data during the gaming event. The term “database” or “storage unit” as used herein refers to any non-transitory media that store data and/or instructions that cause a machine to operate in a specific fashion. Such storage media may comprise non-volatile media and/or volatile media. Non-volatile media includes, for example, optical disks, magnetic disks, or solid-state drives, such as the storage device. Volatile media may include dynamic memory, such as the main memory. Common forms of storage media include, for example, a floppy disk, a flexible disk, hard disk, solid-state drive, magnetic tape, or any other magnetic data storage medium, a CD-ROM, any other optical data storage medium, any physical medium with patterns of holes, a RAM, a PROM, an EPROM, a FLASH-EPROM, NVRAM.
In an example implementation, the database [204] may store information in the following manner:

S. No. Device ID User ID
1 12345678901 Gamer_1
2 23456789012 Gamer_2
3 34567890123 Gamer_3
… … …
n 90123456789 Gamer_n
Table 1: List of fraudulent devices
The transceiver [206] comprises a combined radio receiver and transmitter and also a switch that connects the radio receiver and transmitter to an antenna (components not shown in the figure). The transceiver unit [206] may be operated in half-duplex mode (i.e. transmitter and receiver operate on the same frequency) or full-duplex mode (i.e. transmitter and receiver operate on different frequencies).
The transceiver [206] connected to said database [204], is configured to receive one or more login requests from one or more user devices [102]. The transceiver [206] is also configured to transmit web-socket connection established indication to at least one authenticated/valid user device [102], wherein the authenticated/valid user device [102] is the user device [102] which is not listed in the stored list of one or more fraudulent user devices [102]. Also, the authenticated/valid user device [102] is a valid user device [102] which is not associated with any fraud/cheating activity during the gameplay/live gaming event. Also, the transceiver [206], is configured to broadcast the one or more questions to each of the one or more successfully authenticated user devices

[102] in real-time and in synchronization with a live broadcasted gaming content. The transceiver [206], is further configured to receive one or more responses from the one or more successfully authenticated user devices [102], wherein the said one or more responses comprises answers provided by the authenticated user devices [102], with respect to the broadcast the one or more questions.
The login authenticator [202], connected to said database [204] and said transceiver [206], is configured to authenticate each of the one or more user devices [102] based on said database [204] of fraudulent user devices [102] and also the login authenticator[202] is configured to establish, based on said authentication, a connection between said gaming server [106] and each of a one or more successfully authenticated user devices [102]. The connection established between the said gaming server [106] and each of one or more successfully authenticated user devices [102] is, for instance, a web-socket connection. The login authenticator[202], also verifies the validity of the user device by checking its credentials based on the login details and authenticates the device registered with a user number.
The fraud detector [208], connected to said database [204], said transceiver [206] and said login authenticator [202], is configured to detect one or more new fraudulent user devices [102] from said one or more successfully authenticated user devices [102] based on one or more rules, maintain/ updating the database [208] on the basis of said determined one or more new fraudulent user devices and dynamically blocking said one or more new fraudulent user devices [102] by terminating the connection between the gaming server [106] and the one or more new fraudulent user devices [102]. Also, the fraud detector [208] is further configured to determine a number of responses received from each of successfully authenticated user devices [102], and marking the successfully authenticated user device [102] as a fraudulent device in an event said number of responses exceeds a pre-determined threshold. Further, fraud detector [208]

is configured to determine a time frame of the responses received from each of successfully authenticated user devices [102], and marking the successfully authenticated user device [102] as a fraudulent device in an event said time frame exceeds the pre-determined threshold time. The fraud detector [208] is also configured to determine a timestamp of the responses received from each of successfully authenticated user devices [102], and marking the successfully authenticated user device [102] as a fraudulent device in an event said timestamp is below a timestamp of the one or more questions broadcasted from the gaming server [106]. For instance, where a time frame to answer a question is defined as 10 seconds and the response of an authenticated user/ authenticated user device [102], exceeds the pre-determined threshold time i.e. 10 seconds, the fraud detector [208], in said event, marks authenticated user device [102] as a fraudulent device.
Also, the fraud detector [208], on the basis of this analysis mentioned above, is further configured to dynamically add said new fraudulent user devices [102] to said database of fraudulent user devices [102] at the gaming server [106].
Although a limited number of units and connections between said units are shown in Fig. 2, however, it will be appreciated by those skilled in the art that the invention encompasses the use of multiple such units and multiple such connections as may be necessary to implement the features of the invention.
Referring to Fig. 3, an exemplary method flow diagram [300] depicting a method for fraud detection in a multi-user real-time gaming environment, in accordance with the exemplary embodiment of the present disclosure is shown. As shown in Fig. 3, the method begins at step [302]. The invention encompasses that the method begins when a user logs in to the gaming server [106].
At step [304], the method comprises dynamically maintaining a database [204] comprising a list of one or more fraudulent user devices [102] in the multi-user real-time gaming environment at a gaming server [106]. The said method, at said

database [204] stores details of fraud/blocked players and works in parallel to keep adding the new user devices [102] to said database [204] as a fraudulent user device, if any user tries to commit fraud/cheat in the game.
Further, the method at step [306] encompasses, receiving, at the gaming server [106], one or more login requests from one or more user devices [106]. The method in response to said received one or more login request, at step [308] performs authentication of each of the one or more user devices [102] based on said database of fraudulent user devices. The invention encompasses the verification of the validity of the user device [102] by checking its credentials based on the login details and authenticates the user device registered with a user number. The said authentication based on said database of fraudulent user devices is further based on presence of at least one of, one or more user devices [102] in said list of one or more fraudulent user devices [102]. In an instance if a user device [102] is present on the list of one or more fraudulent user devices [102], then said user device [102] is considered as a fraudulent user device and the access of said user device [102] to a gameplay event is further blocked by the server [106].
Next, the method at step [310] comprises, establishing, based on said authentication, a connection between said gaming server [106] and each of a one or more successfully authenticated user devices [102], wherein the said connection is a web-socket connection. No connection is established for any user device [102] that is not successfully authenticated in the previous step. Successfully authenticated devices are those devices that are not present in the list of fraudulent devices in the database [204].
Also, the method after establishing said web-socket connection between said one or more successfully authenticated user devices [102] and a gaming server [106], at step [312] encompasses, broadcasting one or more questions from the gaming server [106] to each of the one or more successfully authenticated user

devices [102]. The broadcasting the one or more questions from the gaming server to each of the one or more successfully authenticated user devices [102] comprises broadcasting the one or more questions in real-time and in synchronization with a live broadcasted gaming content. Also, the one or more questions that are to be broadcasted in a gaming event are stored in said database [204], and further during the gaming event said questions are retrieved from said database [204] and published to at least one authenticated/valid user device [102].
The method then at step [314] encompasses receiving, at the gaming server [106], one or more responses from the one or more successfully authenticated user devices [102]. The method also encompasses storing the respective answers to said one or more questions in said database [204], to provide said at least one authenticated/valid user device [102], the response to their submitted answers for said questions.
Thereafter, the method at step [316] comprises detecting one or more new fraudulent user devices [102] from said one or more successfully authenticated user devices [102] based on one or more rules. The detecting one or more new fraudulent user devices [102] from said one or more successfully authenticated user devices [102] based on one or more rules further comprises determining a number of responses received from each of successfully authenticated user devices [102], and marking the successfully authenticated user device as a fraudulent device in an event said number of responses exceeds a pre¬determined threshold. This rule ensures that multiple answers are not received from a single user. For instance, if the gaming server [106] broadcasts a question to each of successfully authenticated user devices [102], wherein the question is supposed to be answered only once, or has only one correct answer, and the game rules do not allow a user to change the answer once provided, in such a case the gaming server [106] shall check if the number of responses received

from each successfully authenticated user device [102] exceeds a pre-determined threshold, i.e. 1 in this example. If more than one answer is received, the device is marked as a new fraudulent user device.
The detecting one or more new fraudulent user devices [102] from said one or more successfully authenticated user devices [102] based on one or more rules further comprises determining a time frame of the responses received from each of successfully authenticated user devices [102], and marking the successfully authenticated user device [102] as a fraudulent device in an event said time frame exceeds the pre-determined threshold time. This rule ensures that answers received from the devices after the allowed time period, then the same are not accepted by the server [106]. For instance, if the gaming server [106] broadcasts a question to each of successfully authenticated user devices [102], wherein the question is supposed to be answered within 30 seconds, then any answers received from any devices [102] after the 30 second period are not accepted and such devices may be marked as fraudulent devices.
The detecting one or more new fraudulent user devices [102] from said one or more successfully authenticated user devices [102] based on one or more rules also comprises determining a timestamp of the responses received from each of successfully authenticated user devices [102], and marking the successfully authenticated user device [102] as a fraudulent device in an event said timestamp is below a timestamp of the one or more questions broadcasted from the gaming server. For instance, , if the gaming server [106] broadcasts a question to each of successfully authenticated user devices [102], wherein the question is broadcasted at 10:12 pm and the answer is received at 10:11 am, i.e. before even the question is broadcasted, the answer is not accepted by the server [106] and this device may be marked as a fraudulent device.
Although a few rules have been illustrated herein, it will be appreciated by those skilled in the art that there may be other rules for detecting fraudulent devices

that are encompassed by, and fall within the scope of, the present disclosure. The method further encompasses dynamically adding said newly identified fraudulent user devices [102] to said database of fraudulent user devices at the gaming server [106].
The method further at step [318] comprises dynamically blocking said one or more new fraudulent user devices [102] by terminating the web socket connection between the server [106] and the one or more new fraudulent user devices [102].
Thereafter the method terminates at step [320], after providing fraud detection in a multi-user real-time gaming environment.
Referring to Fig. 4, an exemplary login process flow diagram [400], in accordance with the exemplary embodiment of the present disclosure is shown.
As shown in Fig. 4, the process begins at step [402] when a user device [102] transmits a login request to login authenticator [202] of the gaming server [106]. The request may be received at the transceiver [206] and maybe forwarded by the transceiver [206] to the login authenticator [202].
The login authenticator [202], verifies the validity of the user device by checking its credentials based on the login details and authenticates the device registered with a user number, on the basis of said verification. Thereafter at step [404], the login authenticator [202] transmits a ‘validate users login’ indication to a database [204]. The database [204] comprises a list of one or more fraudulent user devices [102]. The details of fraud/blocked players are stored in said database [204] and said database [204] also works in parallel to keep adding the user device [102] as a fraudulent user in said list of one or more fraudulent user devices [102], if any user tries to commit fraud/cheat in the game.
In an instance, the user device [102] is considered as an authentic user device if the details of said user device [102] is not found in said list of one or more

fraudulent user devices, otherwise the user device [102] is considered as a fraudulent user device.
Thereafter, once login authenticator[202], validates the user device [102] by verifing the validity of said user device [102], the process leads to step [406], where the login authenticator [202] transmits a ‘validate the user with fraud detector’ indication to a fraud detector [208]. The fraud detector then at step [408] determines if the said user device [102] is a part of said list of one or more fraudulent user devices, by sending an indication/ query to the database [204] and further on the basis said determination the fraud detector [208] updates the database [204] accordingly.
Further, at step [410], if the said user device [102] is found to be a part of said list of one or more fraudulent user devices, the database [204] sends an indication stating “yes, user found” to the fraud detector [208]. The fraud detector [208] further on the basis of said indication from the database [204], sends a “not authorize to login” indication to the login authenticator[202] at step [412]. Thereafter, the login authenticator[202], at step [414] rejects the user device [102] login, by transmitting a login reject indication to user device [102]. Thus, any device [102] that is listed as a fraudulent device in the database [204] is unable to login to the gaming server [106].
Referring to Fig. 5, an exemplary flow diagram [500], depicting a method for fraud detection in a multi-user real-time gaming environment, in accordance with the exemplary embodiment of the present disclosure is shown. As shown in Fig. 5, the process begins at step [502].
The step [504] indicates a user device [102] configured to submit an answer of a question to a gaming server [106] which is further evaluated by said gaming server [106]. Each gaming event question has its respective answer submission time frame within which the user needs to submit the answer which can be submitted only once per user/player.

Thereafter at step [506], the process leads to submitting an answer of a question via a user in a multi-user real-time gaming environment. Further, the process leads to step [508] to evaluate the user’s submitted answer. At step [508], the process comprises validating whether the answer submitted by the user is for a current question that is being displayed in said multi-user real-time gaming environment. If the said submitted answer is for said current question, then the process will lead to step [510]; otherwise the process leads to step [516]. At step [516] the said user is then added into a blocked list, which further leads to the termination of said user device connection from said multi-user real-time gaming at step [518]. Also, at step [508], the process also encompasses dynamically and continuously updating the database [204], by updating the said blocking list.
Next, at step [510], the process encompasses validating whether first-time answer is submitted for said question or the answer is submitted more than once. If the said answer is found to be submitted for the first time the process will further lead to step [512]; otherwise the process leads to step [516]. At step [516] the said user is then added into a blocked list, which further leads to the termination of said user device connection from said multi-user real-time gaming at step [518]. Also, at step [510], the process encompasses dynamically and continuously updating the database [204], by updating the said blocking list.
Thereafter, at step [512], the process encompasses validating whether answer submitted within question start and end time. If the answer is found to be submitted within said question start and end time, the process will further lead to step [514], otherwise the process leads to step [516]. At step [516] the said user is then added into a blocked list, which further leads to the termination of said user device connection from said multi-user real-time gaming at step [518]. Also, at step [512], the process encompasses dynamically and continuously updating the database [204], by updating the said blocking list.

Next, at step [514], after said evaluation of the submitted answer, the process encompasses acceptance of said submitted answer. Also, at step [514] the process encompasses transmitting an indication of said acceptance of answer to the user device [102]. The process at step [514] is also comprised of dynamically and continuously updating the database [204]. Thereafter, the process terminates at step [520] after providing fraud detection in a multi-user real-time gaming environment.
According to one embodiment of the present disclosure, the techniques described herein are implemented by one or more special-purpose computing devices. The special-purpose computing devices may be hard-wired to perform the techniques or may include digital electronic devices such as one or more application-specific integrated circuits (ASICs) or field-programmable gate arrays (FPGAs) that are persistently programmed to perform the techniques.
The gaming server [106] may include a bus or other communication mechanism for communicating information between different units of the server, and a processor coupled with the bus for processing information.
As is evident from the above disclosure, the present invention provides a novel automatic method and system for fraud detection in a multi-user real-time gaming environment. In view of the fraud detection mechanisms provided by the present invention, a secure gaming environment is enabled which allows users to play along a live TV game show without any fraud. The present invention provides various checks in the form of one or more rues for determining fraudulent users and hence helps in preventing fraud conducted by bots. Further, the real-time and dynamic updation of the database [204] as encompassed by the present disclosure ensures that fraudulent users/ user devices are blocked immediately and be never allowed to access the sever [106]. These and other advantages make the invention substantially technically advanced over existing solutions.

While considerable emphasis has been placed herein on the disclosed embodiments, it will be appreciated that many embodiments can be made and that many changes can be made to the embodiments without departing from the principles of the present invention. These and other changes in the embodiments of the present invention will be apparent to those skilled in the art, whereby it is to be understood that the foregoing descriptive matter to be implemented is illustrative and non-limiting.

We claim:
1. A method of fraud detection in a multi-user real-time gaming
environment, the method comprising:
- receiving, at the gaming server [106], one or more login requests from one or more user devices [102];
- authenticating, by the gaming server [106], each of the one or more user devices [102] based on a database comprising a list of one or more fraudulent user devices;
- establishing, based on said authentication, a connection between said gaming server [106] and each of a one or more successfully authenticated user devices [102];
- broadcasting one or more questions from the gaming server [106] to each of the one or more successfully authenticated user devices [102];
- receiving, at the gaming server [106], one or more responses from the one or more successfully authenticated user devices [102];
- detecting one or more new fraudulent user devices [102] from said one or more successfully authenticated user devices [102] based on one or more rules; and
- dynamically blocking said one or more new fraudulent user devices [102] by terminating the web socket connection between the server [106] and the one or more new fraudulent user devices [102].
2. The method as claimed in claim 1, wherein detecting one or more new
fraudulent user devices from said one or more successfully authenticated
user devices based on the one or more rules, comprises at least one of:

- determining a number of responses received from each of successfully authenticated user devices, and marking the successfully authenticated user device as a fraudulent device in an event said number of responses exceeds a pre-determined threshold;
- determining a time frame of the responses received from each of successfully authenticated user devices, and marking the successfully authenticated user device as a fraudulent device in an event said time frame exceeds the pre-determined threshold time; and
- determining a timestamp of the responses received from each of successfully authenticated user devices, and marking the successfully authenticated user device as a fraudulent device in an event said timestamp is below a timestamp of the one or more questions broadcasted from the gaming server.

3. The method as claimed in claim 1 further comprising dynamically adding said new fraudulent user devices to said database of fraudulent user devices at the gaming server.
4. The method as claimed in claim 1 wherein broadcasting the one or more questions from the gaming server to each of the one or more successfully authenticated user devices comprises broadcasting the one or more questions in real-time and in synchronization with a live broadcasted gaming content.
5. A gaming server providing a multi-user real-time gaming environment, the server comprising:
- A database [204] comprising a list of one or more fraudulent user
devices;

- A transceiver [206] connected to the database [204], the transceiver [206] configured to receive one or more login requests from one or more user devices [102];
- A login authenticator [202], connected to the transceiver [206] and the database [204], said login authenticator configured to:
authenticate each of the one or more user devices [102] based on said database of fraudulent user devices, and
establish, based on said authentication, a connection between said gaming server [106] and each of a one or more successfully authenticated user devices [102]; and
wherein the transceiver [206] is further configured to:
broadcast one or more questions to each of the one or more successfully authenticated user devices [102],
receive one or more responses from the one or more successfully authenticated user devices [102],
- A fraud detector [208] connected to said database [204], said
transceiver [206] and said login authenticator [202], the fraud
detector [208] configured to:
detect one or more new fraudulent user devices [102] from said one or more successfully authenticated user devices [102] based on one or more rules, and
dynamically blocking said one or more new fraudulent user devices [102] by terminating the web socket connection between the gaming server [106] and the one or more new fraudulent user devices [102].

6. The gaming server as claimed in claim 5, wherein the fraud detector [208]
is further configured to at least one of:
- determine a number of responses received from each of successfully authenticated user devices [102], and marking the successfully authenticated user device as a fraudulent device in an event said number of responses exceeds a pre-determined threshold;
- determine a time frame of the responses received from each of successfully authenticated user devices [102], and marking the successfully authenticated user device as a fraudulent device in an event said time frame exceeds the pre-determined threshold time; and
- determine a timestamp of the responses received from each of successfully authenticated user devices [102], and marking the successfully authenticated user device as a fraudulent device in an event said timestamp is below a timestamp of the one or more questions broadcasted from the gaming server.

7. The gaming server [106] as claimed in claim 5 wherein the fraud detector [208] is further configured to dynamically add said new fraudulent user devices [102] to said database of fraudulent user devices at the gaming server.
8. The gaming server as claimed in claim 5 wherein the connection established between the said gaming server [106] and each of a one or more successfully authenticated user devices [102] is a web-socket connection.
9. The gaming server as claimed in claim 5 wherein the transceiver [206] is configured to broadcast the one or more questions to each of the one or more successfully authenticated user devices [102] in real-time and in

synchronization with a live broadcasted gaming content.