Chartboost University: Piracy and Security
October 25, 2013
Kenneth Ballenegger, Architect at Chartboost, has been building, breaking, and tinkering with mobile games for years. He discusses his view on piracy and shares basic advice for developers on how to improve security in their game.
The session begins with a few lessons Kenneth learned the hard way about piracy and security, followed by the four sections below. The timestamp is listed for each section if you want to jump straight to the section. Securing your native app (10:35) - discusses where to place sensitive information in your app and how to obfuscate information to make it more difficult for a pirate to crack. Securing your backend (14:23) - using SSL and cryptography libraries are simple things that can make a difference. Consider ?hellbanning? players who have cracked your game so you make decisions on your paying players. Cryptography overview (19:34) - this section provides a brief overview of cryptographic algorithms (hash functions, symmetric ciphers, asymmetric ciphers, diffie-hellman, NaCl) that can be used in either your backend or client to make it more secure. In-app commerce piracy (23:51) - the best thing you can do to limit pirates from faking IAPs is to verify receipts from the server.
Want to learn more? Lectures on Building a Sustainable Game (Chelsea Howe) and Perfecting the Pitch (Dan Hsu) have been posted, with more on the way? Mike