Using Http Cap software can easily capture playfab get data,or even modify them.
Is there any way to encrypt data? Inside API , settings or services?
Using Http Cap software can easily capture playfab get data,or even modify them.
Is there any way to encrypt data? Inside API , settings or services?
Hi Zack,
Could you clarify your concerns? Are you concerned that someone may be able you to capture PlayFab data and modify them in the middle and send it to the client, or modify the data sent from the client? If that’s the case, you don’t have to worry about it. PlayFab requires SSL be used for all API calls to the service, especially to prevent man-in-the-middle attacks. However, a hacked client could be able to modify the data and even send whatever data it wants to PlayFab. In these cases, we recommend using server authoritative logic for anything that requires security. You could use Cloud Script https://docs.microsoft.com/en-us/gaming/playfab/features/automation/cloudscript/quickstart or custom servers. And PlayFab allows you to reinforce application security by protecting certain client API calls with a custom encryption, please check out: https://docs.microsoft.com/en-us/gaming/playfab/features/config/gamemanager/encrypted-logins
2 People are following this question.