question

Oscar Clark avatar image
Oscar Clark asked

How can we store an inventory with a true anonymouse player ID

I need to complete a game design where we can show a completely anonymous playerID. This is for a concept aimed at 8year old or less players.

I can see how we can use LoginWithIOSDeviceID and LoginWithAndroidDeviceID to connect the player device. I also can see how the playfab session ID allows us to get unattributed player data (allowing us to manage the game without any attribution). However, how do I manage the player inventory without creating identifiable information i.e. could someone work out the player from their inventory availability with the SessionID?

How can we be 100% sure that the game doesn't need to hold player inventory data; and that we can't retrospectively attribute back to a specific player?

10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

2 Answers

·
Ivan Cai avatar image
Ivan Cai answered

Though it is an anonymous login without creating identifiable infomation, but playfab will provide a specfic playerid(PlayfabID) for each player and you can manage inventory by calling Server API related to item. However, I don’t know what you said "retrospectively attribute back to a specific player " means and if SessionId is related to Multiplayer Server?

10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Oscar Clark avatar image
Oscar Clark answered

Sorry @Ivan Cai I should have followed up on this question sooner. With the AADC (UK Children's Code) we need to be absolutely certain that it's not possible to reverse engineer a PlayerID back to an individual. Otherwise, this will be considered personal information.

When I say "retrospectively attribute back to a specific player " I mean that it must not be possible to track that ID to any personal information based on the player behaviour or purchase choices.

By SessionID I'm not necessarily meaning a multiplayer session. We are preferring to log game event data against a unique Anonymous User ID unique to each session - which means that there is no potential for a player to be tracked back at all.

This matters as if everything is tracked to 'playerID(PlayfabID)' and a player asks for all personally identifiable information to be removed (as is their right) we understand we have to delete everything including the operational data. Whereas if telemetry was absolutely not identifiable that would not be the case

Does that make sense?

2 comments
10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Seth Du avatar image Seth Du ♦ commented ·

To be clear, PlayFab inventory item has a unique instance ID, which is generated randomly. Items, purchase history is not accessible by other players. Clients API can only see self's inventory items. While for purchase history, there is only PlayStream Event generated in the backend, meanwhile all of this data is only available to developers/administrator of your game. I am not sure how identifiable you need it to be, but for all events, there is a retention of 30 days, which mean all the logs will be cleaned after 30 days.

0 Likes 0 ·
Oscar Clark avatar image Oscar Clark Seth Du ♦ commented ·

The issue is that if the developer can map back this then there is a possibility that this may not be in compliance with the new AADC i.e. Children's code (we are working with the UK's ICO on this to help advise game developers) would love to talk to someone about that I'm oscar@fundamentally.games

0 Likes 0 ·

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.