[xg15]

Sounds better but still defeatable. I could track individual players throughout the casino (which is already common practice, I think) and decide on payout depending on how much money I already made through them.

E.g., if someone already dumped a lot of money into other games, I can give them above-average odds of winning and be sure I still make a profit (and they make a loss), otherwise I'll give them below-average odds.

If I tune this right, the average outcome over all players will still look "fair".

Or I simply give the above-average play sessions to strawmen.

[jacquesm]

Except that that is not allowed. It's individual machines tested in isolation that should perform exactly as legally mandated. The only kind of remote interaction there is is logging to make sure they can prove that the machine performed as advertised and to know when to empty the coin box.

[fjsolwmv]

Modern slot machines don't use just local rngs, they essentially obtain lottery tickets from a central computer. That's how you get building-wide jackpots.

[xg15]

But that's the point. If the provision lets me withhold part of the source code from inspection, there is no way to actually verify that I don't do that.

I could hide the above manipulations in some component I don't have to expose and have the machine play nice under testing conditions. (See certain automakers for examples)