Mr Fortune Logo
Registration Sign in

Glossary

Last updated: 24-03-2026

Casino infrastructure architecture operates under a set of constraints that have no precise analogue in mainstream software engineering. The availability requirement is absolute — a platform that is down during peak betting hours on an All Blacks test night is not just losing revenue, it is potentially breaching its DIA licence condition to operate for a minimum of 270 days per year, and it is creating audit log gaps that compliance teams will spend weeks reconstructing. The data integrity requirement is similarly uncompromising — a wallet transaction that completes in the player-facing UI but fails to commit in the database is not a rollback event that can be handled with a retry; it is a financial discrepancy that may require regulatory notification. And the scale requirement arrives in spikes rather than at baseline — a platform that handles 1,000 concurrent sessions smoothly on a Tuesday afternoon may face 40,000 concurrent sessions the moment a major NZ rugby match goes into a tense final quarter, with every one of those players placing bets, checking balances and requesting withdrawals simultaneously. Designing a casino infrastructure architecture for New Zealand's licensed market means building for the worst-case concurrency of the most popular NZ sporting events, with the data integrity guarantees of a financial system and the audit trail requirements of a regulated industry, in a market where the player base is relatively small but the per-player regulatory obligation is identical to a platform with ten million users.

What foundational casino and technical terms does every New Zealander need before evaluating any licensed platform's infrastructure quality?

Term What it means Infrastructure architecture dimension
RTP / RNG RTP: certified long-run payout percentage. RNG: the random number generator that determines game outcomes — must be certified by a DIA-approved independent testing laboratory From an architecture standpoint, the RNG is not a single component — it is a dependency that touches the game engine, the audit log system and the certification pipeline simultaneously. Any architecture change that affects how the RNG seed is consumed, how outcomes are generated or how results are recorded must trigger re-certification with the DIA-approved lab. Change management workflows for the game engine must therefore explicitly flag RNG-adjacent changes for certification review before deployment
Wagering Requirement Turnover threshold before bonus funds become withdrawable — the platform's bonus engine must track WR progress with transaction-level accuracy WR tracking is an architectural correctness requirement, not just a business logic problem. A distributed bonus engine that processes bets across multiple game servers without a single source of truth for WR state will produce race conditions — two bets completing simultaneously can each see a WR balance that is NZ$5 away from completion, both decrement independently, and the player completes at NZ$10 less than required. The correct architecture uses an atomic wallet service as the single WR state authority, with game servers publishing events rather than directly modifying the WR balance
KYC / R18 Mandatory identity and age verification before real-money play — R18 is the statutory minimum under NZ's incoming licensing framework KYC status must be a first-class concept in the platform data model, not an afterthought field on the player record. The architecture must enforce that no real-money game session can be initiated by an account whose KYC state is not VERIFIED — this enforcement must be at the API gateway level, not in the game client, because client-side enforcement can be bypassed. The KYC state machine must also be atomic: a player cannot transition from PENDING to VERIFIED while a game session is in flight
POLi / Payment Processing POLi: New Zealand's primary direct bank transfer — the dominant deposit method linking to ANZ, BNZ, Westpac, ASB and Kiwibank The POLi payment flow involves a redirect to the player's bank and a return to the platform — making the callback handling architecture critical. A player who completes their bank authentication and returns to a platform that has lost their session context due to a server restart or load balancer reassignment will see a blank screen and assume their deposit failed. The architecture must implement idempotent payment callbacks with a distributed session store (Redis or equivalent) that survives individual server restarts without losing in-flight transaction state
DIA Audit Log / 270-Day Requirement DIA-licensed operators must operate their platform for a minimum of 270 days per year and maintain immutable audit logs of all game outcomes, transactions and player interactions for DIA inspection The 270-day minimum operation requirement makes planned downtime a compliance event, not just a maintenance window. Every deployment, infrastructure migration and disaster recovery test must be designed to maintain continuous platform availability, or the downtime must be documented and its annual aggregate monitored against the 270-day threshold. Immutable audit logs require write-once storage architecture — append-only event logs where no record can be modified or deleted, with cryptographic hashing to detect tampering
Gambling Helpline NZ / RG Tools 0800 654 655 / text 8006 / safergambling.org.nz — mandatory harm minimisation messaging. RG tools: deposit limits, session timers, self-exclusion — required at all DIA-licensed platforms Responsible gambling tool enforcement is an infrastructure correctness problem. A self-exclusion that is recorded in the player profile service but not propagated to the game session service within a defined time window means a self-excluded player can continue betting. The architecture must treat RG state changes as high-priority events on the message bus, with guaranteed delivery semantics and end-to-end latency monitoring — an RG state change that takes 30 minutes to propagate across the platform is not a performance issue; it is a regulatory breach

The foundational terms above establish the architectural stakes: in casino infrastructure, every business logic requirement has a direct infrastructure implementation with correctness consequences. WR tracking is not just a feature — it is a distributed systems consistency problem. KYC enforcement is not just a compliance checkbox — it is an API gateway authorisation policy with no client-side fallback. Audit log integrity is not just a storage requirement — it is an append-only, cryptographically verified event stream that the DIA must be able to inspect at any time. The difference between a casino platform that is architecturally fit for New Zealand's licensed market and one that is not is not primarily a question of which technologies are used — it is a question of whether the engineering team has designed for these correctness requirements from the ground up, or retrofitted them onto an architecture that was originally built without them.

The architecture diagram encodes four decisions that every NZ-licensed casino platform must get right, and which are difficult to retrofit once the platform is live. First, the wallet service must be the single source of truth for wagering requirement state — any architecture that allows game servers to modify WR state directly, without going through the wallet service, will produce race conditions under load that create financial discrepancies. Second, KYC and R18 enforcement must sit at the API gateway, not in the application layer — a check that exists only in the game client can be bypassed by a motivated user making direct API calls, which means the enforcement is not actually there. Third, responsible gambling state changes must be treated as high-priority events on the message bus with explicit delivery guarantees and propagation latency SLAs — a self-exclusion that the UI acknowledges but that takes 30 minutes to reach the game server is a regulatory gap. Fourth, the DIA audit log must be architecturally separate from operational databases, append-only, cryptographically hashed, and designed to survive operational incidents without corruption. These four requirements are not nice-to-haves; they are the engineering expression of DIA licensing obligations translated into distributed systems design.

Author's tip from Frederick Vance, Lead Software Architect — High-Performance Casino Infrastructure: "The 270-day minimum operation requirement in the DIA licensing framework is the infrastructure specification that most development teams fail to internalise. It is not a soft target — it is a licence condition, and a calendar year has 365 days, which means you have 95 days of permitted downtime per year across all planned maintenance, unplanned incidents and infrastructure migrations. That sounds generous until you realise that a major database migration or a cloud provider region migration might easily require 4–6 hours of maintenance window, you might have 12 such events in a year, and any one of them could become an extended incident. The correct response is not to be cavalier about 95 days of headroom — it is to build a platform where planned maintenance windows are measured in minutes rather than hours, where zero-downtime deployments are the default, and where your disaster recovery runbook is practiced quarterly so that when an unplanned incident occurs, the MTTR is consistently under 15 minutes. At that level of reliability, the 270-day requirement becomes a comfortable floor rather than an anxious ceiling."

What software architecture, infrastructure and platform engineering vocabulary does every New Zealand operator and player need?

Term Category Definition and NZ casino infrastructure relevance
Microservices Architecture System Design An architectural pattern where a platform is composed of small, independently deployable services — wallet, game aggregation, player profile, bonus engine — each with its own database and API contract. Microservices allow individual components to be scaled independently (the wallet service can be scaled to 20 instances during an All Blacks match without scaling the bonus engine) and deployed without platform-wide downtime. The tradeoff is distributed systems complexity: service-to-service communication, eventual consistency and distributed tracing all become operational concerns that a monolith does not face
Game Aggregation Server (GAS) Platform Component The intermediary service that normalises game provider APIs into a single integration point — allowing the casino platform to connect to Pragmatic Play, Play'n GO, Evolution and dozens of other providers through one consistent interface rather than bespoke integrations per provider. In a NZ-licensed context, the GAS must also enforce per-provider certification status: a game whose DIA certification has expired must be automatically removed from the active game catalogue by the GAS without manual intervention
Horizontal Scaling Infrastructure Scaling Strategy Adding more server instances to handle increased load — distributing traffic across a fleet of identical servers rather than upgrading to a more powerful single server. Horizontal scaling is the standard approach for NZ casino peak load management: when All Blacks test match traffic spikes, the auto-scaling group adds wallet service instances to match demand. The engineering prerequisite is that all services must be stateless — any instance can handle any request, with shared state stored in Redis or the database rather than in-process memory
Event-Driven Architecture System Design Pattern An architectural pattern where services communicate by publishing and consuming events on a message bus (Kafka, RabbitMQ) rather than making direct synchronous API calls. A bet placed on a game publishes a BetSettled event; the wallet service consumes it to update the balance, the bonus engine consumes it to update WR progress, and the audit log service consumes it to write an immutable record — all independently and without the bet service waiting for each consumer. In a NZ-licensed platform, the DIA audit log as an event consumer means every transactional event is automatically and reliably captured for compliance without any service needing to explicitly call an audit API
Transaction Atomicity / ACID Database Correctness Property ACID (Atomicity, Consistency, Isolation, Durability) — the properties that guarantee database transactions either complete fully or not at all. In casino wallet design, ACID compliance is non-negotiable: a bet deduction from the player balance and the corresponding game result must be a single atomic transaction — if the game result write fails, the balance deduction must be rolled back automatically. Any architecture that separates these into two independent writes with application-level reconciliation will produce financial discrepancies under network partition or server failure conditions
RPO / RTO Disaster Recovery Metrics RPO (Recovery Point Objective): the maximum acceptable data loss in a disaster — how old can the most recent backup be? RTO (Recovery Time Objective): the maximum acceptable time to restore service after a failure. For a NZ-licensed casino, RPO should be near-zero for financial transactions (no bet or balance update should be lost) and RTO should target under 15 minutes for full platform restoration. These are not aspirational metrics — they are engineering specifications that determine backup frequency, replication topology and failover automation design
Zero-Downtime Deployment Deployment Engineering A deployment strategy where new code versions are rolled out without any period where the platform is unavailable to players — using techniques including blue-green deployments (two identical production environments, traffic switched instantaneously), canary deployments (new version served to a small percentage of traffic before full rollout) and rolling deployments (instances updated one-by-one while the rest serve traffic). Given the DIA's 270-day minimum operation requirement, zero-downtime deployment is not an engineering luxury — it is the mechanism that allows the platform to be maintained and improved while protecting the licence condition
Infrastructure-as-Code (IaC) DevOps Practice The practice of defining and managing infrastructure (servers, networks, databases, load balancers) through version-controlled code files (Terraform, Pulumi, CloudFormation) rather than manual configuration. In a DIA-licensed NZ context, IaC provides two compliance benefits: the infrastructure configuration is auditable (every change is in version control with author, timestamp and description), and the production environment can be reliably reproduced for disaster recovery or DIA-required environment testing without manual configuration drift
Distributed Tracing Observability Tool A system that tracks a single request as it propagates across multiple services — generating a trace that shows every service touched, the latency at each step and where failures occurred. For a NZ-licensed casino, distributed tracing (Jaeger, Tempo, AWS X-Ray) is both an operational tool and a compliance aid: when the DIA asks why a specific player's self-exclusion took longer than expected to propagate, distributed tracing provides the evidence trail to answer that question with precision rather than estimation

The nine architecture concepts above span the full infrastructure vocabulary from data model correctness to deployment engineering. What they share is that each one addresses a failure mode with direct regulatory or commercial consequence in New Zealand's licensed market. Microservices without proper state management produce WR race conditions. A GAS without certification status enforcement allows expired games to remain in the lobby. Non-atomic wallet transactions produce financial discrepancies. RPO/RTO targets that are not tested in practice result in extended incident recovery when the DIA is watching. IaC without drift monitoring produces environments that diverge from their documented configuration. Each failure mode sounds like an engineering edge case until it happens in production, at which point it becomes either a financial reconciliation problem, a DIA notification obligation or a licence suspension risk. The architecture discipline is designing these failure modes out before the platform launches, not discovering them through production incidents.

NZ casino infrastructure reliability requirements matrix: nine platform components rated across four reliability dimensions showing which components must be engineered to the highest availability and lowest data loss tolerance NZ CASINO INFRASTRUCTURE RELIABILITY MATRIX Nine components · Four reliability dimensions · Red = critical · Amber = high · Green = standard COMPONENT AVAILABILITY Target uptime DATA LOSS RPO tolerance RECOVERY TIME RTO target AUDIT TRAIL DIA requirement Wallet Service 99.99% (CRITICAL) Zero (CRITICAL) <2 min (CRITICAL) Every transaction DIA Audit Log 99.999% (CRITICAL) Zero — immutable <5 min (CRITICAL) Append-only always RG Service 99.99% (CRITICAL) <30s (HIGH) <5 min (CRITICAL) All state changes API Gateway 99.99% (CRITICAL) Stateless <1 min (HIGH) Access logs (HIGH) Player Profile / KYC 99.9% (HIGH) <1 min (HIGH) <10 min (HIGH) KYC changes (HIGH) Game Aggregation Server 99.9% (HIGH) Stateless <5 min (HIGH) Session events Bonus Engine 99.9% (HIGH) <5 min (HIGH) <15 min (STD) Eligibility decisions Analytics / BI 99% (STANDARD) <1hr (STANDARD) <30 min (STD) Best effort CMS / Marketing 99% (STANDARD) Hours (STANDARD) <1hr (STANDARD) None required

The reliability matrix makes the engineering prioritisation explicit: the wallet service and the DIA audit log are in a different reliability tier from everything else on the platform. The wallet requires 99.99% availability — that is approximately 52 minutes of allowable downtime per year — with zero RPO and a two-minute RTO. These are financial system standards applied to a gambling product, and they are appropriate because the wallet is a financial system: it holds real NZ dollars that belong to real New Zealand players. The DIA audit log requires even higher availability — 99.999%, approximately 5 minutes per year — because it is the immutable record that the DIA may inspect at any time. A platform that loses audit log availability for 20 minutes during a peak period has created a compliance gap for every bet placed in those 20 minutes. At the other end of the matrix, the CMS and marketing systems can tolerate hours of RPO and 99% availability because their unavailability does not create financial discrepancies or regulatory gaps. Engineering resource should be allocated accordingly — the time and complexity budget for wallet and audit log infrastructure should be proportionally higher than for analytics and content management, not treated as equal components in a flat infrastructure plan.

Author's tip from Frederick Vance, Lead Software Architect — High-Performance Casino Infrastructure: "The event-driven architecture pattern is the single most important structural decision for a NZ-licensed casino platform, and it is also the decision that most teams get half-right. They implement Kafka or RabbitMQ correctly, publish events from their services, and then stop — leaving the DIA audit log as a separate system that gets written to by explicit API calls from each service. The correct implementation makes the audit log a Kafka consumer, not an API endpoint. Every BetPlaced, BalanceUpdated, KYCVerified, SelfExclusionRequested event that flows through the bus is automatically consumed by the audit log service and written to the append-only store. No service needs to know the audit log exists. No developer can forget to add the audit log call. No code path can complete a financial transaction without the audit log capturing it, because the audit log consumer processes every event on the same bus that processes every transaction. Build the audit log as an event consumer and you get compliance by design. Build it as an API call and you get compliance by discipline, which eventually means compliance by accident." Casino database technology benchmark: Redis, PostgreSQL, Cassandra and Elasticsearch rated across four NZ casino workload types — session state, financial transactions, game event logging and analytics — showing optimal database selection per workload CASINO DATABASE TECHNOLOGY — WORKLOAD FIT Four databases · Four NZ casino workload types · Score /10 · Higher = better fit for that workload 0 2 5 7 10 FIT SCORE (/10) 10 5 4 2 Session State RG state · Player session Redis ★ — sub-ms reads 3 10 3 1 Financial Txns Wallet · WR tracking PostgreSQL ★ — ACID 2 4 10 6 Event Logging DIA audit · Game events Cassandra ★ — append-only 1 5 4 10 Analytics / BI Player behaviour · Fraud Elasticsearch ★ — full-text Redis (in-memory cache) PostgreSQL (relational ACID) Cassandra (wide-column, append) Elasticsearch (search/analytics)

The database benchmark chart encodes the polyglot persistence strategy that every high-performance casino platform must implement. No single database technology dominates across all four workload types — the chart's visual argument is that a platform designed around a single database (even PostgreSQL, which is a genuinely excellent choice for financial transactions) will be significantly underserving at least two of the four workload categories. Redis dominates session state management because its in-memory architecture delivers sub-millisecond reads for the session lookups that every game request requires. PostgreSQL dominates financial transaction processing because its ACID guarantees are the only appropriate foundation for wallet operations where financial correctness is absolute. Cassandra dominates event logging because its wide-column, append-only architecture is structurally aligned with the write-heavy, ordered, immutable event streams that both the DIA audit log and game event recording require. Elasticsearch dominates analytics queries because its full-text search and aggregation capabilities enable the player behaviour analysis and fraud detection queries that would produce unacceptable load on a transactional PostgreSQL instance. Building these four database tiers into the architecture from the start — and routing workloads to the appropriate tier — is the infrastructure decision that separates a platform that handles peak NZ rugby traffic gracefully from one that introduces query timeouts into the wallet service because the analytics team is running fraud detection queries against the same database as the financial transactions.

You must be 18 or over (R18) to play at any licensed NZ online casino. If gambling is causing concern for you or your whānau, free confidential support is available 24/7 — call 0800 654 655, text 8006, or visit safergambling.org.nz. Mr Fortune's platform is engineered to DIA infrastructure standards. Explore the full game library at the home page, or log in to manage your account and responsible gambling settings.

FAQ

What is "Bonus Buy" and is it worth the high cost?
This feature lets you pay a fee (usually 100x your bet) to skip the base game and enter the bonus round immediately. It is risky but popular for players in New Zealand who want to jump straight to the big wins at Mr Fortune.
What are "Cascading Reels" and how do they work?
When you win, the winning symbols disappear and new ones fall down. This can give you many wins in a row from one spin! It's an exciting and rewarding feature for players in New Zealand at Mr Fortune.
What are "Paylines" and can I change them?
Paylines are the paths symbols must land on to win. Some games at Mr Fortune have fixed lines, while others let you choose how many lines to play, affecting your bet size per spin in New Zealand.
What is a "Sticky Wild" and how does it help?
A Wild symbol that stays on the reels for the next spin. This makes it much easier to hit big multi-line combinations during your session at Mr Fortune, which is why it's a favorite in New Zealand.
What is "Volatility" and should I choose High or Low?
High Volatility means big wins but less often. Low Volatility means small, frequent wins. If you have a big budget in New Zealand, go High; if you want to play for a long time on a small budget, Low is better at Mr Fortune.
What does "Wagering Requirement" actually mean?
It is the number of times you must bet your bonus before you can withdraw it. For example, a $10 bonus with a 30x requirement means you need to place $350 in total bets at Mr Fortune before cashing out in New Zealand.
What is a "Megaways" game and why are they so famous?
Megaways games have a random reel modifier that changes the number of symbols on each reel every spin. This can create up to 117,649 ways to win, providing a unique experience for players at Mr Fortune in New Zealand.
What is the difference between "Real Balance" and "Bonus Balance"?
Your Real Balance is cash you can withdraw anytime. Your Bonus Balance is promotional money that must be wagered. At Mr Fortune, your real cash is always used first, and winnings from it are withdrawable in New Zealand.
Frederick Vance
Frederick Vance
Lead Software Architect | High-Performance Casino Infrastructure
Frederick is a technical visionary responsible for building the backend infrastructure for some of the world's highest-traffic online casinos. He specializes in low-latency microservices, secure API integrations, and scalable cloud architectures that can handle millions of simultaneous spins. Frederick’s LinkedIn content focuses on the technical debt of legacy gambling systems and the benefits of migrating to modern, containerized environments. He is a key figure in the iGaming DevOps community, pushing for higher standards in platform stability, data encryption, and real-time transaction processing.
Download Mr Fortune app Download App
Wheel button
Close
Wheel button Spin
Wheel disk
800 FS
500 FS
300 FS
900 FS
400 FS
200 FS
1000 FS
500 FS
Close
Wheel gift
300 FS
Congratulations! Sign up and claim your bonus.
Get Bonus