All sensitive data are stored, encrypted with a software key known only to the customer, in the internal database. This database cannot be reached from the outside. It is connected to a separate internal network and thus is not on the same physical circuit as the user-accessible front-end servers. When the information is needed to perform a transaction, the user is asked for his password (which is used to decrypt the information); the front-end then instructs a special communications module to perform the transaction and supplies the password.
The interface module, which is the only means of access to the internal database, relays this instruction to the database, which in turn uses the user-supplied password to decrypt the required information and perform the transaction.
This procedure may seem to be complicated and unnecessary but it has been designed to ensure that not a single piece of sensitive information is, even for a moment, stored in an environment which is linked to the outside world. This in turn means that even if one of Lucky-Play servers is compromised, the intruder would not be able to acquire any sensitive data. Furthermore, the use of encryption with a key known only to the customer in question minimises the possibility of internal fraud.