Defend Your Game from Hackers
Whether it’s a MMORPG (massively multiplayer online role-playing game), handheld, console, casual or a graphically-rich desktop game, the world of gaming has arguably become the hottest battlefield against hackers!
Gaming software is extremely vulnerable to a number of software attacks. For example, code tampering to enable piracy or cheating, reverse-engineering to steal intellectual property (IP) or inject malware, or circumventing access controls of the game. These attacks on embedded, desktop or server software can result in substantial revenue loss to game piracy, illicit client usage, cloning of back-end servers and also quite significantly, dissatisfied players/customers due to the loss of game integrity.
The associated digital rights management (DRM) that may be required for game distribution is also subject to continuous circumvention and attack. This may occur during the game title’s initial debut, a new version release or during the game’s secondary release via broadband service providers (BSP).
To keep pace with the never-ending ‘next level’ of hacker threats, publishers, studios and distributors require resilient, yet light-weight game protection.
Arxan’s automated software security provides targeted, durable, and renewable protection against tampering and reverse-engineering on both gaming clients and servers. Guard the most critical code and business logic with security that is designed to be non-disruptive to your application or your development efforts. With Arxan you can plan your defense against the next hacker move with easy and fast renewability of the protections, so that you can continue to preserve your business model.
Secure your game’s integrity, fair play and maximize the value of each release window.
An In-depth Look at Gaming Attacks
Tampering to cheat - Cheating and the subsequent user impact on honest players is the biggest threat to the popularity and value of an online game. Tampering attacks are used to change client functionality to benefit the hacker. Examples include altering a gaming rendition to see more than allowed (e.g. through walls) or perform faster than humanly possible (e.g. use an automated program to calculate shooting parameters).
Controlling cheating is an ongoing arms race with the hackers. Arxan not only provides durable protection against tampering, but also provides point-click renewability of security for unparalleled resiliency.
Tampering for piracy - Piracy is the biggest threat to profitability of PC games today. Hacks are often released within hours of a new game release, decimating revenue in an already harsh economic climate. Hackers enable piracy by tampering with a PC game to de-activate, spoof or bypass license management, DRM and node locking techniques to enable piracy.
Arxan defends security logic, including DRM routines, against tampering by allowing for a network of protections without a single point of failure and signature.
Reverse-engineering the client - Desktop games and client portions of online games run entirely on the end user's machine, which can enable hackers to have complete control and scrutiny over game execution at run time and at rest to unravel internal logic. For example, hackers can easily find and exploit cheat codes unless they are properly concealed. Hackers can also determine how the client receives game data from the server, or issues commands to other clients, allowing the development of cheat tools.
Arxan protects against reverse engineering using a variety of techniques, including obfuscation, so client code can remain confidential. This way they cannot make unauthorized changes to program functionality to exploit performance parameters or even insert malware.
Reverse-engineering to Clone the Backend Server – Attackers can completely model the behavior of a back-end server by analyzing client communications with the server, as well as internal client operations. This then enables a "clone" of the back-end server to be created and run independently of the game operator, thereby stealing subscription revenues.
With a combination of Arxan’s code hardening and tamper detection technologies, as well as data traffic encryption cloning can be defeated.
Reverse engineering communication - If the client and server, or two peers, communicate in the clear, then hackers can inspect data traffic to reverse engineer protocols. Subsequently, simple tools can be created to block packets that may have a negative effect on a player, or to replay packets that produce desirable effects. Encryption is a first line of defense against such attacks, but is quickly defeated if keys can be found.
Arxan provides both code hardening and key hiding solutions. Our cryptographic key transformation solution prevents the discovery of public or private keys and can assist in securing communication channels.