Skip to content

Secure gaming for every user

November 21, 2023

After a long and hard day at work, like many others, I just want to relax and have a good time in a virtual battleground of my choosing. The issue arises when that rest and relaxation session turns into a perilous panic room due to cheaters and bad actors that flood public lobbies, exploit normal gameplay, and take advantage of the unsuspecting.  

To be honest, my skill level is nothing special, just above an average player at best—often it’s my guts splattered all over the field—yet I don’t see a reason to be forced to play ranked just to avoid cheaters.  

For those of you who may not be gamers, ranked play is where developers implement more rigorous verification methods to minimize the impact of cheating. Most games are monetized through in-game purchases (think weapons, skins, outfits) by players who play ranked matches. These same players may also participate in public lobbies (unranked) from time to time—and this is where fraud poses the greatest risk. 

The balance between friction and fraud 

The reality is that game developers are also running a business and need to strike a balance between increasing the player base and keeping fraudsters out. Currently this balance requires onboarding as many players as possible by keeping the registration process frictionless. While this is a fast way to increase their revenue, eventually, they may actually lose money when their legitimate player base leaves due to all those bad actors coming in and destroying the community.  

The balance needs to shift, right?

Is it possible to put an end to cheating in video games? 

No. There will always be users that cheat. In the innocent way of just enjoying the game, that is not a criminal offense, but when the game involves losing new or longtime users because of fraudulent experiences that negatively impact revenue and brand equity, preventative measures must be taken. We must apply all means necessary to minimize the risk of fraud, keeping in mind that it’s all about the community—and a community brimming with fraudsters ruins the experience for everyone. 

A gaming company strikes back

A recent case of a game publisher striking back at bad actors is Blizzard introducing mandatory SMS verification on its Overwatch 2 release. While SMS one-time passcode (OTP) verification is a well-established method of user authentication, in this case, it came with a catch: only players with a postpaid plan were able to register. This was met with a lot of resistance in the gaming community and caused a public backlash, as a significant player base using prepaid plans was no longer able join in on the fun. 

Even though the mainstream media was quick to judge Blizzard for this move, I applaud their effort to create a safe and toxic-free community of players. I know most of the community agrees with me here. We can put it this way, their heart was in the right place; however, their chosen method had flaws.   

How to fight bad actors in gaming

Fighting bad actors needs to go beyond introducing more friction and static attribute analysis of someone’s digital footprint. Machine learning pattern recognition and behavior analysis should be the preferred way to approach this fight, as the fraud battleground is a dynamic landscape. 

Here are some best practices: 

  • Make verification mandatory for all players. By mandating verification, you lower the risk of allowing bots or fraudsters into your lobby. SMS verification is a great place to start. It’s widely adopted, cost-effective, and ubiquitous almost everywhere on Earth. SMS verification has some benefits that other methods lack. First, phone numbers as an identity point usually come with an associated cost. You need to invest to procure a phone number, unlike email, which is almost completely free. Even though it means a few more seconds of friction, the legitimate player base will appreciate the additional layer of security and will have more trust in the brand that makes the effort to ensure a safe community. 
  • Apply a filtering system that will separate the good phone numbers from the bad ones. One way to go about this is to procure a machine learning system that can provide real-time and historical data on phone number usage and behavior in the online world. The solution should include an assessment of a number’s reputation and other valuable number data attributes—like the phone type and carrier information—to determine whether to block, challenge or allow account registration to proceed.   

Join me next time as we continue our mission to keep virtual battlegrounds fair and free of toxic behavior by exploring different types of bad actors, their motivations, and a holistic solution to outsmart them. 

To learn more about the above topics, talk to us today. Also check out our SE blog series for unique topics tackled by our Solutions Engineering Team. 

This site is registered on wpml.org as a development site.