Search Unity

  1. Improved Prefab workflow (includes Nested Prefabs!), 2D isometric Tilemap and more! Get the 2018.3 Beta now.
    Dismiss Notice
  2. The Unity Pro & Visual Studio Professional Bundle gives you the tools you need to develop faster & collaborate more efficiently. Learn more.
    Dismiss Notice
  3. Let us know a bit about your interests, and if you'd like to become more directly involved. Take our survey!
    Dismiss Notice
  4. Don't miss out on the Unite LA Keynote for the latest information from Unity! Set a reminder!
    Dismiss Notice
  5. Improve your Unity skills with a certified instructor in a private, interactive classroom. Watch the overview now.
    Dismiss Notice
  6. Want to see the most recent patch releases? Take a peek at the patch release page.
    Dismiss Notice

What is the most secure way to store persistent player data?

Discussion in 'Scripting' started by SkillBased, Sep 23, 2014.

  1. SkillBased

    SkillBased

    Joined:
    Aug 11, 2014
    Posts:
    122
    I have several RPG-like states in my game which include inventory, upgrades, level completion, etc. All of this has to be stored between game sessions obviously. I keep hearing about using playerprefs but I also read that playerprefs are terribly insecure and can be edited like a .txt file. Which is bad. Is there any way to secure these stored data tables?
     
  2. _Daniel_

    _Daniel_

    Joined:
    Feb 28, 2007
    Posts:
    2,608
    If you're looking for the most secure way then it's definitely going to involve a server. The data would need to be retrieved/sent to your server, and not saved locally at all.
     
  3. Zaladur

    Zaladur

    Joined:
    Oct 20, 2012
    Posts:
    389
    I definitely would not use PlayerPrefs if you are getting into the kind of saveData needed for an RPG - even ignoring the security aspect.

    http://gamedevelopment.tutsplus.com...oad-your-players-progress-in-unity--cms-20934 is a solution I've been working with right now. Create serializable data classes and save load through them.

    There are other approaches as well, such as using xml. Keep in mind that security and convenience have an inverse ratio - If you want to maximize security, you are going to need a server, which means that the user will need to connect to play. If your game is single player, I put in just enough effort to keep out the average joe, acknowledging that a determined player with the right skillset will be able to alter some parameters.

    Data validation is a simple way to limit what hacking can do.
     
    ResoDev likes this.
  4. Suddoha

    Suddoha

    Joined:
    Nov 9, 2013
    Posts:
    2,080
    Yep, playerprefs are totally insecure. They're rather used to quickly store data such as the users personal settings.

    I'm a total newbie in saving persistent data in a secure way. However, in the project that I'm currently working on, I used binary serialization first. Not secure either, but normal people won't try to do anything since the file will most likely break from any changes.
    Additionally i thought about encrypting the data, which i've already implemented by now with DES, AES didn't want to work (it's probably a kind of senseless attempt of overkill, but i'm just too lazy to parse everything later on, that's why i keep serializing stuff and encrypt it afterwards in addition).
    Don't ask me if that does make any sense at all, but data stored on client side will always have the risk of being manipulated since people can always reverse engineer all that stuff and make it public for everyone.

    The only thing you may have luck with (client side) is saving data in a way that hacking is not worth the time effort.
     
  5. JoeStrout

    JoeStrout

    Joined:
    Jan 14, 2011
    Posts:
    7,295
    Out of curiosity, why are people worried about players hacking the data?

    If I've paid for your game, and my enjoyment is increased by giving my character a +99 Sword of Decapitation, what's the harm? (Assuming this is a single-player game, of course.)

    Please note, I'm not just just being contrary — I'm currently planning to store my game data as plain text, and in fact I'm designing a particularly user-friendly format for that text. So if there are any good reasons not to do that, I'd love to hear them!
     
    Belcherman, Ryiah and Lethn like this.
  6. SkillBased

    SkillBased

    Joined:
    Aug 11, 2014
    Posts:
    122
    Thanks for all of your replies. It helps guide me further. Having a server authenticate is not really an option for me. That's overkill and not at all convenient for the user. I won't have multiplayer so this won't break any online play or anything.

    In my case, I want the game to have longevity by having an online leaderboard. If users can give themselves ridiculous powerups at will, or even directly screw with their score, it would render the leaderboard pointless. Beyond that, I think its bad form to have variables exposed in such a way and having to validate for that after the fact is a huge pain - probably not even feasible at all. It would be so much better to just encrypt it and forget about it. I'm quite surprised there isn't anything in place already within the Unity framework to make this straightforward. I thought the worst case senario would be I could run a local SQL db and just use the strongest encryption available for that.
     
  7. Garth-Smith

    Garth-Smith

    Joined:
    Apr 26, 2012
    Posts:
    1,230
    If there is any kind of multiplayer component, leaderboards included, it will probably be hacked.

    2 ways I can see hacking a leaderboard. (Maybe 3 ways, see my post below.)
    • Like you said, the save game data can get edited giving a player an unfair advantage
    • Someone figures out what the data going to the leaderboards server is, then instead of sending data from the app they can create their own packets of data to send to the leaderboard server showing they had a super high score.
    Unity might not have "Unity" encryption in it, but that's because .NET has the System.Security.Cryptography namespace available. It would be hard to simplify security more than using that namespace while still being secure.

    My preferred method:
    What I do is save all my data out to JSON text, then I use the System.Security.Cryptography namespace to AES encrypt the JSON file to disk.

    This is not 100% fool proof, someone who is really good at disassembling code can probably find where you're storing the encryption key. Same thing for sending data to the server, if you encrypt it first it will be harder to send malformed data packets. Again, not impossible if they can find the encryption key but much much harder.
     
    Last edited: Sep 23, 2014
  8. SkillBased

    SkillBased

    Joined:
    Aug 11, 2014
    Posts:
    122
    Hi Garth,

    Thanks for your input. I didn't even know about the Cryptography class available in C#. It sounds great. But isn't the JSON file completely exposed even for a brief moment? Is the code just decrypting the file when it needs to access it, write to it in JSON, and then encrypting it again? Could this work much the same with an XML file instead?

    Thanks again.
    PS> cool looking game on kickstarter. Will follow.
     
  9. Garth-Smith

    Garth-Smith

    Joined:
    Apr 26, 2012
    Posts:
    1,230
    Encrypting Save File:
    When I first create the JSON, it is in a string stored in memory not on disk, so the only way someone can see it is if they are good enough to view what's in RAM directly. I encrypt before it goes to disk, so there is never a file on the hard drive that anyone can read and edit.

    You can do the exact same thing with XML, or any string for that matter.

    Hard Mode Cheat Method:
    Now, this made me think of another way to cheat. Say I have 100 gold. Someone can find all the places in RAM that represent the integer 100. Say I gain 5 gold, and now have 105. Someone can now check all the places that were previously 100 but are now 105. Eventually, through process of elimination, a cheater can find the exact memory address that stores the "Amount of Gold" integer and change it directly while the game is running. This is another reason why a lot of multiplayer games run a server. They do most all calculations on the server, then the executable is almost a glorified display client with no way to cheat.

    Actually, last time I attempted that was back in the DOS days. Do modern OSes even allow this anymore? I assume there's a way to see what's in another program's heap...

    P.S. Thanks for checking out our game! I dare you to hack the saved game file. =p
     
    Last edited: Sep 23, 2014
  10. Suddoha

    Suddoha

    Joined:
    Nov 9, 2013
    Posts:
    2,080
    Ohh, i kinda handle it pretty much the same way, using the Cryptography which comes with C#. Unfortunately, i couldn't get the AESCryptoServiceProvider to work, I always get an error that i miss a using directive etc. The DES works though - maybe you've got any idea why, both comes with the same namespace...

    Anyway, so I serialze it into the memory, turn that into a string and encrypt it, then finally save it. The other way around, decrypting the file, string back into binary and deserialized.


    Thus, just like you said people would have to use the filtering method which is, btw, very common with tools such as CheatEngine or some other methods like memory dumps etc. And people don't hesitate to do it. The world is evil.

    <<<Personal Experience - skip when not interested>>>
    I was playing an older MMORPG for quite a while and even though it was a MMORPG, the users tried everything, literaly everything, from package sniffing to client side file editing, memory dumps and once they read the memory with said tool, those guys ended up having things like attack speed 'hacks' because at this time a few of the players attributes were running completely on client side - don't ask me why, the game had a hard time until the developers finally fixed it.
    <<< End of personal experience >>>

    Well, in order to prevent people from readin the memory, i personally tend to use other values internally which works pretty well. My original values cannot be found without knowing the formula or the way I store it, the only thing which sometimes can be found are copies for the GUI and manipulating them won't take any effect on the originals.

    Other things you could experience with are checksums/hash-methods which are not too obvious, so in case anyone succeeded in reading the memory or your saved data, you could still be running checksum tests against loaded data or even at runtime and if those do not match, just reset everything to zero (enough punishment haha) or restore the data via a copie which you've made before.

    In theory (okay, referring to my own theory, as i said i'm not really familiar with security) you would have saved your data pretty well against the most common attempts to cheat.

    Reverse Engineering ... pretty hard to prevent someone from doing that. I personally won't ever give it a try for any of my small projects since its simply too complex. Anyone who got that skill may have the godmode in my games. :p
     
    Sugavanas likes this.
  11. LadyAth

    LadyAth

    Joined:
    Jan 17, 2014
    Posts:
    147
    There are some pretty interesting ideas in this thread and handing player persistent data is something I have also been wondering about. If you create something that is easily hacked/client manipulated, then your credibility as a developer might be compromised, particularly in this age where Google and YouTube can give you tools/scripts/knowledge to hack or reverse engineer just about anything. I've seen a few assets on the Unity Asset Store that offers some protection mechanisms, but not found much information on practical implementation. I'd be very interested to understand more about using JSON or XML and using an encryption class on it. Is anyone willing to share some examples or could point to useful tutorials on practical application? So far (being a newbie) I've been using playerprefs, but not the route I want to keep using.
     
  12. JoeStrout

    JoeStrout

    Joined:
    Jan 14, 2011
    Posts:
    7,295
    I can't agree with that, at least in general. If you are trying to be secure, but doing a poor job of it, then maybe. But in my game, I'm going to be trying to make the files easily editable, so my credibility won't be hurt unless I do a poor job of that.

    Of course I do recognize that there are cases where you want to protect against cheating, like when it's a multiplayer game. (In my case that doesn't apply, so I see no reason not to encourage modding.) And in that case, simply encrypting your data seems like the best approach to me — it will at least be enough to deter casual hackers.
     
    Ryiah likes this.
  13. cmcpasserby

    cmcpasserby

    Joined:
    Jul 18, 2014
    Posts:
    315
    i would only care if it is multiplayer, or if its is variables that are important to say a IAP purchase.

    such as if it is possible to get gold via playing the game or just buying it.

    to be secure on both you would need a server, the problem with say gold in a game with IAP is even if the server defines how much gold you got, they might be able to figure out what packet you send to the server to add to gold and artificially send that. In which case best you could do is damage control by figuring out how much gold is possible to obtain in game in a set amount of time.
     
  14. KelsoMRK

    KelsoMRK

    Joined:
    Jul 18, 2010
    Posts:
    5,446
    Ultimately, in regards to small teams, it comes down to cost-effectiveness and what makes the most sense given your goals. If you have an online leaderboard then there is absolutely no reason to save data locally. You also have to ask yourself how important it is at the end of the day. Could you be spending the hours making your game better instead of looking into and implementing crypto solutions to save your data.

    I agree with @JoeStrout that @LadyAth's post is a gross over-generalization of the issue and is also misguided. Making a crap game will ruin your "credibility" a lot faster. No one is going to bother hacking your lousy game that has no players in the first place.
     
  15. Suddoha

    Suddoha

    Joined:
    Nov 9, 2013
    Posts:
    2,080
    @LadyAth Well, ofc there are people who will claim that developers are not very creditable if they do not save data in a secure way. But these people are pretty much trashtalking then (talking about simple games here), i agree with JoeStrout.

    If you're not interested in profit or simply want the people to have fun in your game, either playing normally or cheating the way throught it, that's totally fine and whoever says you're not creditable, ignore that. :)

    However, some kinds of cheating can destroy a whole concept of a game, from leaderboards over tricky parts to story-related gamelogic that someone has created with much effort.

    I'm not that guy who plays alot of app-games, but i once started to play a Quizz app with friends and you could also play with random people. As soon as i noticed that some oppenents were cheating, i totally lost the fun and never touched it again. That's something i'd personally like to avoid.

    @cmcpasserby Sure that's one way to prevent people from cheating, but that can be extremely error-prone (i hope that's the correct word for it).

    *edit
    As for the problem that i mentioned in my previous post, i got it working with the AesManaged class.
     
    Last edited: Sep 25, 2014
  16. Limeoats

    Limeoats

    Joined:
    Aug 6, 2014
    Posts:
    104
    I personally think that encryption within PlayerPrefs is your best bet if you need to store your data locally. If the users do not know the decryption key, then they won't be able to alter the data because it will appear as a jumbled bunch of letters and numbers. Simply encrypt when saving, decrypt when loading and it will then be secure. The only risk is that if they change anything in there and mess it up, there's a chance your program won't be able to decrypt the data because it won't make any sense and it could break your program. You can code to handle this, though.
     
  17. LadyAth

    LadyAth

    Joined:
    Jan 17, 2014
    Posts:
    147
    JoeStrout, KelsoMRK, Suddoha: You don't have to agree with my views. This is the Internet. Why do /I/ think it is important? Because of pervasive poor security in development within businesses and the likelihood that the way a developer works today will influence how they will work in future. Perhaps it never goes anywhere and it stays with little games here and there, but perhaps you also work professionally. Perhaps poor security in your app store game feeds the malware industry. But hey, that is my opinion and I would think it worthwhile to invest a little more in security (while avoiding making crap games). Of course you need to be sensible - goes without saying. Path of least effort is not always the right path. But whatever.

    Limeoats: Thanks for that, will look into that too :)
     
  18. Suddoha

    Suddoha

    Joined:
    Nov 9, 2013
    Posts:
    2,080
    It wasn't meant to be offensive in any way. There are pros and contras, it's the way you want to design it. As i said, i personally prefer secure data as well just like you but there are cases in which developers may not want to make everything inaccessible.
     
  19. JoeStrout

    JoeStrout

    Joined:
    Jan 14, 2011
    Posts:
    7,295
    Yes, LadyAth, I meant no disrespect. You're certainly entitled to your views, as we are to ours — I wasn't upset, and I hope my words didn't cause you to be. You have some very good points.
     
  20. idurvesh

    idurvesh

    Joined:
    Jun 9, 2014
    Posts:
    473
    Its mainly important for F2P mobile games where we offer free IAP included games to our users so if your enjoyment is going to increase by having +99 swords then sure earn those with your skills or pay for it... :)
     
  21. bijukchheaashish92

    bijukchheaashish92

    Joined:
    Jan 10, 2017
    Posts:
    5
    Great knowledgeable chit chat above ! So here is a final question, i only expect secured and best !
    Which data server, file type , database language, encryption do i use for a slot app which pays out real cash since player has to IAP coins as you would do in real world !
    - many thanks in advance!
    Note- never done such thing ! Ready to learn every thing !
     
  22. KelsoMRK

    KelsoMRK

    Joined:
    Jul 18, 2010
    Posts:
    5,446
    Then don't start with a project that deals with customer's actual money as your first project. Seriously. If this is the type of app you want to make then hire someone with tons of experience in those subjects.
     
    Kiwasi and NA-RA-KU like this.
  23. Baste

    Baste

    Joined:
    Jan 24, 2013
    Posts:
    3,347
    Also if it's a slot app (ie. gambling), you'll have to get a special gambling license from Unity, as well as check on gambling laws in your country.
     
    Kiwasi and KelsoMRK like this.
  24. bijukchheaashish92

    bijukchheaashish92

    Joined:
    Jan 10, 2017
    Posts:
    5
    thanks @Baste - gambling License .... wow ... that;s new ! Thakyou @KelsoMRK - we definitely want an expert but we have limited resource for now ! And the prize are actually gift tokens(sample prize - may be a dozen beers) or discount coupons!
     
  25. Lethn

    Lethn

    Joined:
    May 18, 2015
    Posts:
    824
    I want to understand this as well, there seems to be an absolute obsession on this forum with programmers who seem to be wasting their time trying to 'cheat proof' their singleplayer games. It really doesn't matter, unless you're planning on making some online leaderboard or you're making a purely mutliplayer game it really isn't your business what gamers do with their copy, if they wanted to cheat I wouldn't really care.

    Just seems like a ton of unnecessary work that people are going to be able to easily bypass using trainers and so on anyway.
     
    Kiwasi and KelsoMRK like this.
  26. KelsoMRK

    KelsoMRK

    Joined:
    Jul 18, 2010
    Posts:
    5,446
     

    Attached Files:

    Kiwasi likes this.
  27. passerbycmc

    passerbycmc

    Joined:
    Feb 12, 2015
    Posts:
    1,470
    Unless its a security thing that effect multiplayer or IAP i would just not bother. Or just do it via obscurity, and just write your stuff out as a binary blob of data. Can use the binary formatter to convert the data to a byte[] than write that to disk. Not secure to those who know what they are doing, but also people would need to know the format of it, and would need to put in more effort than opening it in notepad.
     
  28. bijukchheaashish92

    bijukchheaashish92

    Joined:
    Jan 10, 2017
    Posts:
    5
    Going for good and cheap .... will take time ... we search for better resources to learn. A great diagram - thx @Kelso !
     
  29. Vedrit

    Vedrit

    Joined:
    Feb 8, 2013
    Posts:
    492
    Some developers will have in-game purchases that they don't want players to be able to cheat in.
    Some developers want players to compete and actually earn their rewards or position.
    Some developers want their game to be played how it was intended, not how the player wants.
    Some developers want to control over -how- players 'cheat' (Cheat codes)
    Some developers don't want players to cheat at all on a matter of principle.
     
  30. Lethn

    Lethn

    Joined:
    May 18, 2015
    Posts:
    824
    So what you're saying then it's developers desperately trying to enforce their rules on players who don't want to go along with what's in their game? Sounds annoyingly authoritarian to me, as for 'in-game purchases' I believe you mean micro-transactions and I absolutely hate micro-transactions.
     
  31. Vedrit

    Vedrit

    Joined:
    Feb 8, 2013
    Posts:
    492
    If that's authoritarian, then so are authors, directors and musicians. I don't see you complaining that you can't edit the movie you saw at the theater, or the book you read at the library, or the song you heard on the radio.
    This is where DMC and other content-protection methods started. The argument is that you didn't buy the thing. You bought rights to use/listen to/watch the thing. Those rights do not include changing it. It is my game, and if you buy a copy, you are not buying the rights to change or modify it. You are buying the right to play it.
    I hate micro-transactions too, but it doesn't change that cheating in that which is supposed to be paid for amounts to theft or piracy. Which is wrong.
     
  32. Lethn

    Lethn

    Joined:
    May 18, 2015
    Posts:
    824
    In that case games developers and others who rescind the right to do that might as well be saying that their customers are only 'renting' their products rather than actually buying them. Because in reality when we buy games with DRM that's what's happening as developers could just take the products away from paying customers whenever they feel like it. I realise I'm arguing semantics at this point but I find the whole thing ridiculous, I come from the other side of things as a consumer and I've seen not only how futile it is to try and stop people using the products they buy as they wish.

    Not only that, think of some of the most popular titles out there within the games industry, what's the most common features they have? No annoying DRM, no ridiculous microtransactions and really good modding support where the developers let users pretty much go nuts and games in particular end up having a longer life because of this.

    As far as I'm concerned there is just no credible moral or business argument for this, the business argument in particular is that none of these methods even work. Mass Effect Andromeda is a classic example, this game was funded by a games publisher with millions at it's disposal, it had what was supposed to be the strongest copyright protection around and a bunch of hobbyists went and cracked the game within two weeks.

    Just don't bother with it guys, it seems like there are some who take it as some kind of personal vendetta they have to accomplish if somebody messes with their games when really they could be focusing on making even better games or adding content to entice more players to keep supporting them.
     
  33. Vedrit

    Vedrit

    Joined:
    Feb 8, 2013
    Posts:
    492
    Anyone who thinks that they can make something that can NEVER be hacked is a fool.
    As far as "renting" goes, that's not a wrong way to look at it. Most EULA's reserve the right to deny service at any time for any or no reason.
    For most, it's not a question of "How can I make it impossible to hack?" but a question of "How can I make it so difficult to hack, 99% of my playerbase won't bother?"
    I won't deny that adding a DRM pretty much soils any game, as do microtransactions. But Modding? Modding is not even remotely close to hacking or cheating. Most of the time, mods are using elements intentionally exposed or made changeable, not unlike cheat codes.
    You say there's no credible moral or business argument? I say there are credible reasons about. The first and foremost: It's my (the developers) creation. I have the right to determine how it is used, I have the right to decide whether or not to allow others to modify it. Doesn't matter if you think that you should be able to or not, it's not YOUR choice. You paid for what -I- created.
     
  34. Lethn

    Lethn

    Joined:
    May 18, 2015
    Posts:
    824
    Of course it's your right to do this, but don't go blaming me if your sales drop dramatically as a result of you putting ridiculous protections on your game making it impossible for your paying customers to actually use it. Like I said, the only reason that games developers in particular seem to have for pursuing these heavy handed DRM measures seem to be purely for personal reasons and it's pointless.

    Mind you, the more stubborn developers get about this the easier it will be for more open minded developers to make money from gamers who hate DRM, so why am I even trying to convince you? I guess I just want more decent games to play myself in my free time that aren't filled with garbage because of some developer's personal war against internet pirates.

    You can claim copyright all you want and creative control, that's not how reality works and it seems that many in the industry are dead set on trying to go against reality and that never works.
     
  35. Vedrit

    Vedrit

    Joined:
    Feb 8, 2013
    Posts:
    492
    I never got the impression you were ever trying to convince anyone that implementing file security was futile. I, however, am trying to convince you that attempts to do so are completely reasonable, completely justifiable, and not inherently wrong as you have either implicitly or explicitly stated.
    And yes, DRM is heavy handed. What most people on the forums are trying to do is NOT DRM. DRM is not integrated into the program itself, it's usually applied 'on top' of it.
    Except that -is- how reality works.
    Let's put it this way. Your bank spends millions of dollars every year trying to keep your personal information secure. Sometimes those security measures annoying legitimate users, sometimes not. Despite their best attempts though, a determined attacker -will- gain access.
    Are they wasting their time and money? Do you think less of them for trying to maintain security?
    Don't like the bank analogy? Cool. How about this, then?
    Websites do the same shtick, trying to hide and protect the content of their web pages from manipulation, even if it only affects the end-user.
    Don't like that one either? How about this:
    Nearly every software you download and use, from Minesweeper to Unity, have Terms of Service usually an EULA. Note the L. It's a license. You are not buying the product itself. You are buying the rights to use it. You are renting the software, indefinitely. You are not buying the house, you are renting the house, and are expected to abide by the terms agreed to under penalty of law.

    You are free, by all means, to give users the right to change and modify your game. But don't think less of those who do not want to give out that right.
     
    KelsoMRK likes this.
  36. cyberwhip

    cyberwhip

    Joined:
    Jun 7, 2015
    Posts:
    6
    There are a couple of assets that encrypt the playerprefs. I've tried out one of them and it seems to work pretty good as far as encrypting and decrypting and checks for modification. I haven't checked on hackability but it seems like a reasonable 98% solution.
     
  37. lordofduct

    lordofduct

    Joined:
    Oct 3, 2011
    Posts:
    5,863
    What exactly is this argument.

    Cause this seems to be stemming from statements like this:

    So we're talking about singleplayer offline games...

    So:

    In-game purchases should have an online portion to the game. Security is maintained through the online portal, and not on the client machine.

    Client machine is ALWAYS considered insecure!

    This again implies online portion of the game. Like an online leader board or something.

    Ehhh... I guess you may want that. I might want someone to buy my album to listen to it and enjoy the smooth jazz... but someone might buy it and melt the vinyl to make a flower pot.... not really my say what they get to do with it.... unless they try to profit from it (like duplicate the material and resell it)... and copyright covers this.

    We're essentially talking about DRM now... and from the follow up comments, it appears we don't want to talk about DRM.

    Good luck with that one!

    It's a cheat... they're inherently going against the designers intentions. That's why it's a cheat!

    On a matter of principle... on a matter of principle people who want to cheat won't buy your game who don't let them cheat. And those who don't cheat aren't a concern. So all you're doing by blocking those out of "principle" is cutting out profits generated from people who like to cheat!

    Why do you care if they cheat!?

    As said... unless that cheating is in a multiplayer setting, or online leader boards... but as I was trying to clarify up front... this isn't what we're talking about, those settings utilize server side security to block cheaters and is a completely different topic! This is a single-player offline experience... so why do you care if they cheat!?



    ...

    In the end... if you want security, you create on your own hardware distinct from the client.

    You can't secure a client against the client's will. It's not possible without inserting something between the client and the software that the client can't access (like an online portal).

    But now we're getting into always online technologies... and people don't like that in their 'single player' experience. If it's single player, I should be able to play it whenever and wherever I want! This is the user expectation, and to stand in the users way loses you sales... think like the last Sim City which was single player yet always online... people hated it!

    So... IF we're still talking about SINGLE PLAYER GAMES, and you want something like 'ranked matches'... then you make your ranked match always online! You introduce your security through that.

    If someone plays an unranked game, they don't get to be on the leaderboards. But if you play a ranked game, they validate with a server, play their ranked game, and they show up there.

    Same goes for online purchases.

    ...

    Now if we want to get into the territory of accessing online purchased goods that are available offline, while also blocking people from bootlegging said online purchases.

    So that you can't say go an purchase it once, then copy the asset files to someone else.

    There is a way to do this....

    Use multi-key encryption!

    In this model basically every account has a key pair generated for it. One is kept secret to the server and is NEVER released. The other key is private to the customer... it's given to them when they login and stored on their local machine.

    When they make a purchase, you encrypt the purchased assets with the server side key.

    The client can then decrypt it with their key.

    The game logic REQUIRES decryption, it does not support loading raw assets... it only supports loading decrypted assets. (fairly simple, instead of loading an AssetBundle directly, you instead load the custom encrypted file into memory, decrypt into memory, and pass that decrypted byte data into AssetBundle.LoadFromMemory).

    Now... if the client were to ever try to give a friend a purchased asset file... that friend would need that other person's account key. Basically, they'd need that other person's account. So the only way to share assets is to share accounts.

    And you can't decrypt to raw assets, then rencrypt to the friend's key... because the client doesn't have the encryption key, they only have the decryption key!

    This is generally how offline accessible secure purchases work.

    Server does encryption, client only does decryption.

    Of course this is only if you want online purchases available offline... otherwise, like most mobile games and the sort, you have an online validation everytime the game boots to make the purchases available.
     
    Last edited: Apr 12, 2017
    TTTTTa, Ryiah and KelsoMRK like this.
  38. TTTTTa

    TTTTTa

    Joined:
    Mar 3, 2015
    Posts:
    1,576
    IF using binary serialization, one way is to calculate a hash value which is unique for the data being stored in the file.
    When reading back the file, calculate the hash again and check it against the expected hash. So if someone messes with your file, they would have to know the key which could take months to figure out.
    The hash value key would have to be calculated and the code to calculate it would need to be obfuscated, so someone couldn't analyze the .dll to determine how the key was determined.

    This is a very rough example:

    const key = 1,000,003 //some prime number

    data to serialize =
    {
    int a = 4;
    int b = 5;
    int c = 6;
    int expected_hash = key | a | b | c; //Calculate the hash of this data based on the secret key
    }

    deserialize
    {
    int a = read value a from file;
    int b = read value b from file;
    int c = read value c from file;
    int hash = key | a | b | c; //calculate the hash of the read data
    int expected_hash = read expected hash from file
    if (hash != expected_hash)
    {
    //Someone messed around with the a,b,c values in the file!
    }
    }

    So if someone goes into the file and changes the "a" value, the re-calculated hash would change, and would not equal the expected hash. So if someone wanted to change "a", they would have to also change the expected hahs, and for that they would need to know the key.
     
  39. Suddoha

    Suddoha

    Joined:
    Nov 9, 2013
    Posts:
    2,080
    If it was that easy... Thought the same ~ 3 years ago.

    Somewhere you'd need to store the key. If you put it as a constant value, everyone will be able to just read it out without much effort.

    Or just manipulate the values in memory and save them.
    Or use dll injections.
    And so on...
     
    Last edited: Apr 12, 2017
  40. TTTTTa

    TTTTTa

    Joined:
    Mar 3, 2015
    Posts:
    1,576
    That's why I was trying to suggest to create a function to determine the key, then obfuscate the code used to determine the key. But even still, someone could just figure out how to run the function to determine the key. But at least now it's not as simple as just opening up the file and changing a value.
    Probably lordofconducts recommendations would need to be used, and everyone else here who mentioned using servers.
     
  41. lordofduct

    lordofduct

    Joined:
    Oct 3, 2011
    Posts:
    5,863
    'lordofdconduct'

    ...

    That is the first I've ever heard someone call me that in the 20 years I've used this avatar/username.

    I sort of like it.
     
    TTTTTa likes this.
  42. Kiwasi

    Kiwasi

    Joined:
    Dec 5, 2013
    Posts:
    15,668
    It's mostly to do with how a game is monetised. In a premium game it makes sense to have the data open. Modding increases a games replayability, longevity, and broadens its audience. It's not unusual for premium games to actively publish the file formats and instructions on how to change them.

    Free to play is an entirely different story. In F2P giving the players ability to manipulate their data is removing revenue directly from the developer. If you have too many security holes, you will go out of business.

    Mobile is almost completely dominated by the F2P business model. And Unity has a huge number of mobile developers. Which explains why this is a question that comes up frequently.
     
    Belcherman, Cyborg_Sam and lordofduct like this.
  43. Bhu1

    Bhu1

    Joined:
    Aug 14, 2017
    Posts:
    1
    after hacking the game and getting want we want in the game . the player just doesn't feel the magic that your game make and eventually he quits playing your game
     
  44. Kurt-Dekker

    Kurt-Dekker

    Joined:
    Mar 16, 2013
    Posts:
    2,779
    (apologies, couldn't resist this necro thread...)

    Considering that a few dozen (or even hundred) games are shipped worldwide EVERY SINGLE DAY, you'll be doing good just to get someone (anyone!) to play your game in the first place.

    Don't worry about them hacking your game. If they hack it, consider it an honor that they care enough about it in the first place and move onto your next game with a smile.
     
  45. lordofduct

    lordofduct

    Joined:
    Oct 3, 2011
    Posts:
    5,863
    They're going to get bored with the game sooner or later anyways.

    If they got bored because they cheated, that's their fault. You made a product that was worth them spending money on... your job is done.

    Focus your efforts on making a more enjoyable game.
     
    Kurt-Dekker, Ryiah and Suddoha like this.
  46. Ryiah

    Ryiah

    Joined:
    Oct 11, 2012
    Posts:
    12,313
    There is a flip side to this though. Some people gain more enjoyment when they have access to ways to bypass parts of the game. Some may simply have too many life commitments to play a game normally. Others may be unable to beat it in the way it was intended and have no alternative way to reduce the difficulty.

    Basically don't just write it off because you think it's a bad way to play. Your audience may disagree with you.
     
    Last edited: Aug 12, 2018
    Kiwasi, JoeStrout and lordofduct like this.
  47. Kiwasi

    Kiwasi

    Joined:
    Dec 5, 2013
    Posts:
    15,668
    Lets not forget that sometimes the hacking actually makes the game better. These days we call it 'modding'. But a mod is just a hack by another name.
     
    Ryiah likes this.
  48. Belcherman

    Belcherman

    Joined:
    Jun 7, 2017
    Posts:
    16
    I just stopped by to say to you all "Have a wonderful day".
     
    LaisyLofar and Kurt-Dekker like this.