Only Win Logo
Registration Sign in

Glossary

Relevance Verified: 20-03-2026

Last updated: 31-03-2026

My work sits at the intersection of cryptography, probability theory and regulatory compliance — specifically the mathematical and algorithmic systems that determine whether every spin, every card draw and every dice roll in an online casino is genuinely unpredictable. RNG certification is not a marketing exercise. It is a rigorous statistical and source-code audit process that takes weeks, requires billions of simulated game rounds and must be repeated whenever significant software changes are made. Most players trust the padlock in the browser and the eCOGRA badge in the footer, which is reasonable, but it's worth understanding what those certifications actually mean — what was tested, how it was tested, and what "passing" actually means mathematically. This glossary gives you that vocabulary.

What are the essential casino and fairness terms every Canadian player needs before evaluating any platform?

These foundations apply whether you're playing a slot, a table game or a live dealer product. Understanding them changes your relationship to the word "certified" from trust-on-faith to trust-with-evidence.

Term Category What it means Technical dimension Notes
RNG Algorithm Random Number Generator — the certified algorithm producing game outcomes; in practice, almost all iGaming platforms use Pseudo-Random Number Generators (PRNGs) seeded from high-entropy sources A PRNG is deterministic given its seed but statistically indistinguishable from true randomness to any external observer — this property is what certification audits test The RNG generates numbers continuously, even between player spins — at the moment you press Spin, the current output is mapped to a game outcome. "Timing your spin" has no mathematical basis
PRNG Algorithm Pseudo-Random Number Generator — a mathematical algorithm that produces sequences of numbers statistically indistinguishable from true randomness, given an initial seed value The most common iGaming PRNG is the Mersenne Twister (MT19937) — a 32-bit implementation with a period of 2^19,937 − 1, far exceeding the number of spins possible in any realistic operational lifetime PRNG outputs are technically periodic and deterministic — their security comes from the infeasibility of recovering the internal state from observed outputs without direct access to the seed
Seed / Entropy Algorithm The initial input value that starts a PRNG sequence — the seed is the only truly unpredictable element; it must be derived from a high-entropy source (hardware clock, OS-level entropy, hardware noise) to ensure the sequence cannot be predicted A weak seed (e.g., a predictable timestamp) is the primary attack surface for PRNG exploitation — certification audits verify entropy source quality, not just the algorithm itself Most modern certified iGaming PRNGs continuously re-seed from OS-level entropy pools (/dev/urandom or equivalent) at defined intervals — the seed is never fixed for a player session
RTP Game Math Return to Player — the theoretical long-run mean percentage of wagered funds returned to players; mathematically determined by the game's probability distribution, which the RNG must faithfully implement RTP is verified during certification by comparing the empirical mean return across billions of simulated rounds against the developer-declared theoretical RTP — pass thresholds are typically within ±0.1% A game can have a certified RNG and still deliver a lower RTP than declared if the game's mathematical model (paytable and reel mapping) is incorrectly implemented — certification tests both layers
House Edge Game Math The mathematical complement of RTP — the operator's expected return per unit wagered; encoded into the game's paytable and symbol distribution, not into the RNG itself The RNG is mathematically neutral — it produces uniformly distributed outputs. The house edge is built into how those outputs are mapped to game outcomes (which symbols, which payouts, which frequencies) Certification confirms that the implemented house edge matches the declared house edge — an undisclosed increase in house edge through manipulated outcome mapping is a certification violation
Statistical Independence Statistics The property that each game outcome has no mathematical relationship to any previous outcome — past results provide zero information about future results for an independent sequence The serial correlation test specifically measures whether consecutive outputs are statistically independent — any detectable autocorrelation in a PRNG output stream is a certification failure Statistical independence is the mathematical basis for the statement "the machine is not due." Past spins have no causal or statistical relationship to future spins in a properly certified RNG
Wagering Requirement Bonuses The play-through threshold before bonus winnings are withdrawable; iGaming Ontario caps at 30x; must be cleared against the same certified RNG games with the same published RTPs From a fair play standpoint: bonus eligibility game lists must use the same certified software as standard play — an operator cannot route bonus play to a different, uncertified game variant Some operators operate reduced-RTP variants of popular games for bonus play — AGCO standards require disclosure of any RTP configuration differences between bonus and real-money mode
Bankroll Player Management Your dedicated gambling funds — from a fair play perspective, the correct budget against which to size each bet given a game's certified volatility and expected session variance A certified high-volatility game's published σ (standard deviation) lets you calculate the bankroll needed to have a given probability of surviving to the bonus round — fair play information enables rational bankroll planning C$50–C$300 is the typical recreational Canadian session budget; a C$50 budget at C$2/spin on a very high-volatility game gives fewer than 25 expected spins before ruin — always match stake to bankroll, not to desired win
KYC Compliance Know Your Customer — mandatory identity verification required by all iGO-licensed operators; also relevant to fair play in that KYC confirms a player is the verified account holder before any large withdrawal KYC and RNG certification are parallel pillars of regulated fair play — the RNG certifies outcome integrity; KYC certifies player identity integrity; both are required for iGO licensing Complete at registration to avoid withdrawal holds; required under FINTRAC/PCMLTFA for all iGO-licensed operators
Provably Fair Algorithm / Blockchain A system allowing players to independently verify each game round's outcome using cryptographic hashing — the pre-game commitment (server seed hash) and post-game reveal (client seed + nonce) are published for player verification Provably fair adds player-side verification on top of the RNG; it does not replace third-party RNG certification — the underlying PRNG still requires statistical auditing; the cryptographic layer adds a tamper-proof audit trail per-round Common in crypto-native casinos; rarely implemented at iGO-licensed Ontario operators, where third-party lab certification (eCOGRA, GLI, iTech Labs) is the regulatory standard

That note about the seed being the critical vulnerability is the most important technical point in this whole glossary for anyone interested in actual RNG security rather than just the concept. The Mersenne Twister algorithm itself — the MT19937 variant used widely in iGaming — is well-understood, extensively tested and cryptographically adequate for casino use when seeded correctly. Its period of 2^19,937 − 1 is so astronomically large that repetition within any conceivable operational timeframe is impossible. The attack surface is not the algorithm. It is the seed. A PRNG seeded from a predictable source — a fixed system timestamp, a sequential counter — can be exploited regardless of how robust the algorithm is. This is why certification audits inspect the entropy source, not just the output sequence.

PRNG TO GAME OUTCOME: ALGORITHM FLOW Certified Slot Generation: From OS Entropy to Displayed Symbols ENTROPY SOURCE OS Entropy Pool /dev/urandom Hardware Noise System Interrupts seed SEED INIT 64-bit value MT19937 CORE • State: 624 words • Period: 2^19937-1 • Twist Transform • Tempering Step OUTPUT: Uniform Int [0 to 2^32 - 1] MAPPING Int % Reel Length Indep. Reel Calls Symbol Lookup GAME DISPLAY Win/Loss Evaluated PLAYER SPIN Samples current state CERTIFICATION AUDIT (GLI / eCOGRA / iTech Labs) 1. Entropy Quality Verified source noise No predictive loops 2. Statistical Tests Dieharder / Chi-Square 10B+ spin simulation 3. RTP Audit Live vs Theoretical 99.9% Conf. Interval 4. Code Review White-box inspection No backdoors found Author's tip from Terrance Whitmore, RNG Algorithm and Fair Play Compliance Officer: "The most common misconception I encounter is that the RNG is activated when you press spin. It isn't. A properly implemented casino PRNG runs continuously, generating thousands of values per second, and your spin simply samples the current position in that sequence. This means there is no 'lucky moment to spin,' no optimal timing, and no pattern visible to you that could help predict the next output. The sequence advances whether you're spinning or watching the screen. Any system or strategy claiming to exploit spin timing is mathematically impossible if the RNG is correctly implemented — and certification audits specifically test for this."

What RNG certification and statistical testing terms does every informed Canadian player need?

These are the terms from my professional toolkit — the ones I use in audit reports, regulatory submissions and compliance reviews. Understanding them lets you evaluate what an audit badge actually guarantees, and what questions to ask when it doesn't tell you enough.

Term Category Definition What it means for fair play Notes
Chi-Squared Test (χ²) Statistical Test A statistical test measuring how closely an observed frequency distribution matches a theoretical uniform distribution — the foundational tool for verifying that all outcomes in a game are occurring at their declared probabilities Applied to billions of simulated game rounds: if a symbol appears 2.1% of the time when it should appear 2.0%, the chi-squared p-value determines whether that deviation is statistically significant or within expected variance Certification pass thresholds are typically set at a 99% confidence interval — a 1% chance of false rejection at any single test, corrected across the full test battery using the Bonferroni method
Diehard Tests Statistical Battery A suite of 15+ statistical tests for PRNGs developed by George Marsaglia — tests for birthday spacing, overlapping permutations, 3D spheres, serial correlation and minimum distance, among others; a demanding standard for output quality The Mersenne Twister passes all Diehard tests — weaker PRNGs (e.g., simple linear congruential generators with short periods) fail several; Diehard failures indicate exploitable patterns in the output sequence Diehard has been largely superseded by TestU01's BigCrush suite in modern certification — both are run as part of a complete battery; the MT19937 passes Diehard but exhibits minor failures in BigCrush linear complexity tests, which is why re-seeding and hybrid implementations are standard
TestU01 / BigCrush Statistical Battery The current state-of-the-art battery for PRNG statistical testing — 106 tests in the BigCrush suite, operating on sequences of up to 10^35 samples; the most stringent published randomness test available BigCrush exposes the MT19937's known linear complexity weaknesses — which is why certified iGaming implementations pair MT with a cryptographic post-processing layer (typically SHA-256 or AES-CTR) for the final seed derivation A game that passes BigCrush provides very strong evidence that its output distribution is computationally indistinguishable from true uniform randomness — the highest current bar for statistical verification
Serial Correlation Test Statistical Test A test measuring the statistical relationship between consecutive outputs from a PRNG — specifically whether knowing output n gives any predictive information about output n+1; any significant correlation is a certification failure Serial correlation is the mathematical basis for the statement that every spin is independent — a passing serial correlation test means past outcomes carry zero predictive power for future outcomes Weak early PRNGs (LCGs with short periods) failed serial correlation systematically — this is the exact vulnerability that historical slot machine exploits targeted before modern certification standards
eCOGRA Certification Body eCommerce and Online Gaming Regulation and Assurance — an independent UK-based iGaming test lab; conducts RNG certification, payout verification, and responsible gambling tool audits; one of the most widely recognised seals in the industry An eCOGRA badge confirms: the RNG has been statistically tested, the declared RTP matches empirical output, and the operator's responsible gambling tools meet eCOGRA's standards at the time of audit The badge date matters — a 2019 certificate offers less assurance than a 2024 one on the same platform, because game software updates may have occurred after the audit and before re-certification
GLI (Gaming Labs International) Certification Body One of the largest and oldest iGaming test labs — serves land-based and online operators; publishes detailed technical standards (GLI-11 for online systems, GLI-19 for online gaming systems specifically) that list acceptable PRNG algorithms GLI-19 explicitly lists acceptable algorithms including the Mersenne Twister and cryptographically secure generators — a game certifying against GLI-19 has been tested against a specific, published algorithmic standard, not just a general audit GLI's land-based experience means their certification is often required for convergence operators (land-based casinos offering online products) — common among Ontario's licenced operators with physical casino affiliates
iTech Labs Certification Body Australian-based testing lab operating across Asia-Pacific, European and North American markets — accredited by the AGCO for iGaming Ontario certification; conducts RNG, RTP and game logic audits iTech Labs certification is specifically recognised by iGaming Ontario's framework — an operator submitting iTech Labs reports to iGO gets regulatory credit for the statistical testing performed Certificates include a serial number and date — always verify both against the lab's public registry, not just the operator's website badge
White-Box vs Black-Box Testing Audit Methodology White-box: auditors have full source code access and inspect the algorithm directly for backdoors, hidden parameters or exploitable weaknesses. Black-box: the compiled game is tested only through its outputs, without source code access White-box testing is more thorough — it can detect issues invisible to statistical analysis (e.g., a correctly seeded RNG that routes specific outcome sequences to specific player accounts). Black-box is faster but can miss implementation-level fraud iGO-licensed operators are required to provide source code access for certification — which is why certification at iGO is structurally stronger than a Kahnawake or Curaçao badge from a book that only permits black-box testing
Ongoing Monitoring Compliance A continuous or periodic post-certification audit programme — typically including automatic statistical sampling of live game output and mandatory re-certification after significant software updates Certification at a point in time does not guarantee the game is currently operating correctly — a subsequent software update could introduce a bug that breaks the RNG's statistical properties. Ongoing monitoring catches this AGCO's 2025 updated standards require iGO-licensed operators to maintain incident response plans covering RNG integrity failures — a regulatory requirement for ongoing monitoring beyond initial certification
Game Logic Verification Audit Scope The audit layer that checks whether the game's outcome-mapping code (paytable, symbol weights, bonus trigger logic) correctly implements the declared probability model — separate from RNG quality testing A game can have a perfect RNG and still be unfair if the game logic maps RNG outputs to symbols incorrectly — e.g., mapping the jackpot symbol to a position that occurs less frequently than its declared probability This is why the full scope of certification includes both the RNG audit and the game logic audit — one without the other provides only partial assurance of fair play


RNG statistical test battery: pass/fail comparison of LCG, MT19937 and CSPRNG across Diehard, TestU01 BigCrush, chi-squared, serial correlation and other certification tests RNG STATISTICAL TEST BATTERY: PRNG COMPARISON How three common PRNG types perform across certification test suites · iGaming standard: MT19937+ or CSPRNG LCG (Linear Congruential) MT19937 (Mersenne Twister) CSPRNG (Crypto-secure) Frequency / χ² Test Output distribution uniformity FAIL (short period) PASS PASS Serial Correlation Independence of consecutive outputs FAIL PASS PASS Diehard Battery 15 classical randomness tests PARTIAL FAIL PASS PASS TestU01 BigCrush 106-test modern standard MULTIPLE FAILS PARTIAL Linear complexity known issues PASS Linear Complexity Predefined sequence complexity FAIL KNOWN ISSUE Mitigated in iGaming via CSPRNG PASS Period Length Non-repetition over use lifetime SHORT (2^31 typ.) Exploitable in high-volume use 2^19,937 − 1 Effectively infinite for iGaming Non-periodic No period — OS entropy driven iGaming standard: MT19937 + CSPRNG seeding post-processor · LCG alone is not acceptable for certification · AGCO/iGO requires minimum MT19937 standard per GLI-19 guidelines Author's tip from Terrance Whitmore, RNG Algorithm and Fair Play Compliance Officer: "When you see an eCOGRA, GLI or iTech Labs badge on a casino, the first question to ask is the date on the certificate — not just whether the badge exists. A certificate from four years ago covered the software as it existed four years ago. If the game has been updated since then and not re-certified, the badge is technically valid but practically incomplete. At iGO-licensed operators, AGCO standards require re-certification on significant software changes — which is a meaningful protection. At offshore operators with a single point-in-time certificate, that protection doesn't exist. Always check the date."

How does the RNG certification process work from submission to ongoing compliance?

Understanding the pipeline from a developer submitting a game for certification through to the badge appearing on your screen is genuinely useful for evaluating what that badge means and what it doesn't cover.

RNG certification lifecycle: from game developer submission through audit phases to certificate issuance and ongoing compliance monitoring RNG CERTIFICATION LIFECYCLE: SUBMISSION TO ONGOING COMPLIANCE Typical timeline for a major iGaming title · iGO/AGCO-aligned process · GLI-19 or equivalent standard PHASE 1 SUBMISSION Game builds + source code + math spec submitted Day 1–3 PHASE 2 WHITE-BOX Source code inspected for algorithm, seed, backdoors Days 4–10 PHASE 3 BLACK-BOX 10+ billion spins χ², Diehard, TestU01 suites run on output Days 11–20 PHASE 4 RTP VERIFY Empirical mean vs declared RTP Pass: ±0.1% Game logic check Days 21–28 PHASE 5 CERTIFICATE Serial number + date + lab name issued; registered on lab registry Day ~30 PHASE 6: ONGOING MONITORING (continuous post-certification) Automatic statistical sampling of live output · Mandatory re-certification on software changes AGCO incident response plan required · Annual audit review recommended · Version control logging COMMON CERTIFICATION FAILURES Weak/predictable entropy source · Short PRNG period Serial correlation detected · Empirical RTP off by >0.1% Session init weak-seed bug (triggers corrected RNG off-path) WHAT A BADGE GUARANTEES Statistical randomness of output at time of test Declared RTP matches measured RTP (±0.1%) No backdoors in source code (white-box only)

The lifecycle diagram illustrates why the certificate date is the first verification step, not the last. A certificate issued in 2022 covers the software as it existed in 2022. A significant update to the game's bonus round logic in 2023 — one that inadvertently alters the trigger frequency of the free spins feature — would not be covered by that certificate unless a re-audit was commissioned. At iGO-licensed operators in Ontario, AGCO standards require re-certification on significant changes and mandate incident response plans covering RNG integrity failures. This is a structurally stronger system than most offshore licensing frameworks provide.

The practical player takeaway: verify the certificate exists, verify the lab name (eCOGRA, GLI, iTech Labs, BMM), verify the date is within the past 12–18 months, and verify the serial number against the issuing lab's public registry — not just the operator's badge. Most labs maintain public certificate registries. It takes two minutes and it is the most direct evidence-based confirmation of fair play available to you as a player.

You must be 19+ to play at iGO-licensed casinos in Ontario, BC and most provinces (18+ in Alberta, Manitoba and Quebec). iGaming Ontario's operator registry at igamingontario.ca lets you verify that any operator claiming iGO licensing is actually listed. FINTRAC reporting and KYC compliance are structural protections that operate alongside RNG certification — together, they are what makes a regulated Canadian market categorically safer than its offshore alternatives. ConnexOntario is available free, 24/7 at 1-866-531-2600. Explore the full game library at Only Win — all certified, all iGO-compliant — via the home page, or go directly to your account and find the game information panel to verify RTP and certification for any title before you play.

FAQ

What is a "Sticky Wild" and why is it valuable?
A Sticky Wild is a symbol that remains locked in its position for subsequent spins. This is highly beneficial for punters at Only Win because it increases the likelihood of forming multiple winning combinations as more Wilds accumulate on the grid.
What does "Nudging" mean in pokie mechanics?
Nudging occurs when a reel moves up or down by one position after a spin to bring a potentially winning symbol or a bonus icon into view. It’s an automated feature that "rescues" a near-miss result for the player.
What is the "Paytable" and where can I find it?
The paytable is the digital manual found within every game at Only Win. It lists the value of each symbol, explains the bonus rules, and shows the specific payline patterns. Always consult this before starting a new game in Canada.
What are "Megaways" and how many are there?
Megaways is a random reel modifier that changes the number of symbols on each reel with every spin. This can create up to 117,649 ways to win, offering a much more dynamic experience than traditional fixed-line games.
What defines a "Bonus Round" vs. a "Base Game"?
The base game is the standard reel-spinning mode. A bonus round is a separate mini-game, often with different mechanics and higher payout potential, triggered by specific combinations like three scatter symbols.
What is meant by "Bet Level"?
Bet level allows you to adjust the number of coins wagered per payline. Combined with coin value, it gives punters in Canada granular control over their total stake, allowing for strategies ranging from micro-bets to high-roller wagers.
What is a "Re-trigger" in free spins?
A re-trigger occurs when you land the required scatter symbols again while already inside a free spins round. This adds more spins to your current total, potentially extending the bonus round indefinitely at Only Win.
What is a "Gamble Feature"?
The gamble feature is an optional mini-game (often involving a coin flip or card colour guess) offered after a win. It gives you a 50/50 chance to double your prize, but a wrong guess results in losing the entire win from that spin.
Terrance Whitmore
Terrance Whitmore
RNG Algorithm and Fair Play Compliance Officer
Terrance Whitmore is a former software developer who now specializes in auditing Random Number Generators (RNG) for online gaming providers. He provides a bridge between complex code and player trust, explaining how independent testing labs like eCOGRA and iTech Labs certify game fairness. Terrance’s mission is to demystify the "black box" of casino software, proving that legitimate platforms cannot "flip a switch" to change game outcomes. His guides help players identify truly licensed software and avoid the dangers of pirated or "cracked" slot games found on unregulated sites.
Download Only Win app Download App
Close
Wheel button Spin
Wheel disk
800 FS
500 FS
300 FS
900 FS
400 FS
200 FS
1000 FS
500 FS
Close
Wheel gift
300 FS
Congratulations! Sign up and claim your bonus.
Get Bonus