What would be the best approach to prevent hacking an item into a match?
I already have logic in a cloudscript to detect if players equipped items they shouldn't own, but how do I actually prevent them from instantiating different items than what's stored in their UserInternalData?
Since the instantiation happens on the client side, they can just ignore their data and spawn a different item right? And to my knowledge there is no way for a cloudscript to handle the instantiation.
So how would I do that?
Thanks.
Best Answer
There is no solid solution to completely avoid client cheating, but the data that sync and upload to the server can be verified. UserInternalData can only be updated via server API and cannot be changed by players.
Cloud Script cannot directly monitor the states of a client, but when a match ends, players need to upload the scores or result to your function. There can be few gaming statistics that can be tracked during the game, for example, if the time that the player costs is reasonable, or if the score is within a theoretical range. Besides of this, you may consult anti-cheating related community for dedicated support.
"but the data that sync and upload to the server can be verified"
Yeah but the main problem is that players can just ignore what's stored in their data and instantiate what they want, is there no solution to that?
I am not an expert on it but, usually, an online game requires integrity checking to prevent cheating, and there are many external anti-cheating service providers (for example, Easy Anti-Cheat), which requires extra efforts to implement. You may also do root check (on Android), processes check (malicious plugins on PC), etc.
It is more common in a real-time game and besides of client-side checking, because there is multiplayer servers, clients will need to communicate with server in time. It doesn't matter what spawns on the client because eventually only actions on server will be counted. Meanwhile, for a near-time game, only the data uploaded to the server matters. You can monitor each step of a player's action, but each data reads & writes will be metered for the cost. This is also determined by the genre of your game.
list of hacking techniques that you and your employees should know about and take every ecommrece platform possible step to avoid Phishing.
Bait and Switch Attack. Key Logger. Denial of Service (DoS\DDoS) Attacks. ClickJacking Attacks. Fake W.A.P. Cookie Theft. Viruses and Trojans
