What Is RNG?
RNG stands for Random Number Generator. In online casinos, this is typically a software algorithm (pseudorandom number generator, or PRNG) that produces sequences of numbers that are statistically indistinguishable from true randomness. The most common implementations use algorithms like Mersenne Twister or Fortuna, seeded with hardware entropy sources. The output determines game results — card draws, slot reel positions, roulette numbers. RNG is the standard approach used by the vast majority of online casinos, including all major operators like DraftKings, BetMGM, Chumba Casino, WOW Vegas, and others. The RNG runs on the casino's servers, and players never see the seed, the algorithm, or the raw output.
What Is Provably Fair?
Provably fair is a verification layer built on top of random number generation. It doesn't replace randomness — it makes it auditable. The system works through cryptographic commitment: before you bet, the server generates a seed and publishes a SHA-256 hash of it. You also provide your own seed. The game result is computed as HMAC-SHA256(server_seed, client_seed:nonce), which produces a deterministic output from those inputs. After the round, the server reveals the original seed — you can hash it yourself to confirm it matches the pre-committed hash, then replay the HMAC to confirm the result. The key insight is that the hash commitment prevents the server from changing the seed after seeing your bet, and your client seed prevents the server from pre-selecting outcomes. Together, they make manipulation cryptographically impossible.
The Core Difference: Verification
RNG and provably fair both generate random outcomes. The difference is who can verify them. With traditional RNG, only the casino and its auditors can verify fairness — and the auditor checks a sample of outcomes during periodic reviews, not every individual bet. With provably fair, every player can verify every bet, immediately, using public math. This is the difference between a bank that says "trust us, your balance is correct" and a bank that lets you audit every transaction yourself. The underlying accounting might be identical, but the transparency is fundamentally different. When the 2023 Bloomberg investigation found statistical anomalies at a major casino, it took forensic analysis of thousands of publicly streamed results. In a provably fair system, any player could have detected such anomalies using the built-in verification tools.
Why RNG Certification Has Blind Spots
Third-party RNG audits test that a random number generator produces fair distributions over large samples. This is legitimate statistical analysis, and it does catch major flaws. But it has structural blind spots. First, the audit covers a point-in-time snapshot — it cannot guarantee the production environment matches the audited environment indefinitely. Second, audits test aggregate distribution, not individual outcomes — a system could produce fair overall distributions while still allowing selective manipulation of high-value bets. Third, most audit certifications are confidential — you see a badge, not the methodology or the results. Fourth, audit frequency varies widely by jurisdiction and is often annual, leaving long periods between checks.
The Technical Mechanism: HMAC-SHA256
Most provably fair systems, including Rookie's, use HMAC-SHA256 (Hash-based Message Authentication Code with SHA-256). Here's the step-by-step process. The server generates a random server seed and computes its SHA-256 hash. The hash is shared with the player before betting. The player has a client seed (set by them or auto-generated). When a bet is placed, the result is computed: HMAC-SHA256(server_seed, client_seed + ":" + nonce). The HMAC output is converted to game-specific values (floats between 0 and 1, card positions, crash multipliers, etc.). After the bet, the server seed is available for verification. The player can independently compute SHA-256(server_seed) to verify it matches the pre-committed hash, then compute the HMAC to verify the game result. This entire process is deterministic and reproducible — anyone with the inputs can compute the output.
Which Casinos Use Which System?
Traditional RNG is used by virtually all regulated casino operators: DraftKings, FanDuel, BetMGM, Caesars, Chumba Casino, LuckyLand Slots, WOW Vegas, Pulsz, and most others. Provably fair is primarily found in crypto-native casinos (Stake, Roobet, Rollbit) and a small number of social/sweepstakes casinos. However, not all provably fair implementations are equal — some casinos claim provably fair but don't publish their algorithms, or use proprietary verification tools that players can't independently audit. Rookie uses provably fair with fully published algorithms and open verification, meaning anyone can build their own verification tool from the documented math.
Why Rookie Chose Provably Fair
We chose provably fair because it eliminates the trust gap entirely. Traditional RNG requires players to trust the casino, the software provider, and the auditing firm — three layers of intermediaries between you and the truth. Provably fair requires zero trust. The math is the proof. At Rookie, every game — from Crash and Plinko to Blackjack and all 14 slot titles — uses HMAC-SHA256 provably fair verification. The algorithms are documented on our Fairness page. You can verify any bet from your history. And you can set your own client seed to have direct input into the randomness. It's not just better marketing — it's a fundamentally stronger guarantee.