question

manjurul avatar image
manjurul asked

Fishy Api Calls

I recently made a demo game in Unity with PlayFab + Unity Ads + IAP. This was mainly to check out how things went before commencing the actual gameplay. I have only 3 devices (2 android phones and my laptop). I built out my game to android and uploaded the apk to my phones. All went well (There were 3 logins from 3 devices,etc.)

The next day, I found 28 DAU in the playstream of Playfab. Also, my Unity Ads dashboard showed 10 users atleast. How on earth is this possible ?

FYI, I am currently in Australia but the Logins were from US and Uruguay.

@Brendan

apisandroidPlayStream
10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

·
brendan avatar image
brendan answered

There's no whitelist for hitting your title's endpoints. If someone wants to make calls against your game's Title ID, and you haven't specifically blocked those endpoint using our permissions system, then they can. Now, they do have to have a valid Session Ticket to make any Client API call, apart from login or password reset, so typically, this isn't an issue. If you are seeing someone making suspicious calls against your title, what are those calls specifically? What IP Addresses are they sourcing from, looking at their player accounts? Is there something you have available in your game that can be cheated (have you turned on the Client API calls for statistics or virtual currency, for example - those are off by default).

1 comment
10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

manjurul avatar image manjurul commented ·

Well, that might explain it. But I will continue to see what happens and let you know if this happens again after reviewing my security settings. For now, I have "segmented" these "suspicious" players using PlayFab's awesome game manager. PlayFab rocks!

@Brendan

Thanks!

0 Likes 0 ·

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.