I am concerned about the security issue with client api call from unity sdk.
I am login with LoginWithGameCenter from ios and updating UpdateAvatarUrl from inside.
And i have tried same thing with rest api from postman, i tried login with gamecenter id and get "SessionTicket" and then updated UpdateAvatarUrl right from postman.
So i am worried about if hackers/crackers crack game and know title id so he able to login with postman and directly modify any data using "SessionTicket".