With every instance of fraud, your game’s reputation takes a nose dive, driving away customers and directly impacting your bottom line. But fraud has always been notoriously difficult to combat — until now. To learn how machine learning and AI can keep your game and players safe from online criminals, don’t miss this VB Live event!
Something that’s unique to gaming is that sometimes, in the interests of advancing a character, like abilities and in-game currency, gamers will often go to less than reputable means, says Jeff Sakasegawa, trust and safety architect at Sift Science. They end up downloading scripts or visiting hacker websites in the interest of up-leveling their play.
“But what’s not seen until much later, until they have their aha moment, is that script they thought might get them some gold or give them a skin for free, is ultimately a mechanism that gets their account hacked, taken over, or locked out,” Sakasegawa says. “It’s when you take the legitimate interest of a gamer and use it against them, and thereby perpetrate some fraud.”
Fraudsters are especially interested in ways to take advantage of that gamer eagerness to level up, agrees Scott Adams, CEO at FraudPvP.com and former director of fraud and risk at Riot Games. Most of the time, in fraud, you look for the profit — and in most cases, you think in terms of money.
“But what makes it harder in gaming is that often it’s not money, it’s trying to get something within a game,” he says. “They’re generally pretty smart about it, too. They’ll create a site that looks like your site. They’ll target a region that’s having trouble anyway. That makes it really hard, because these gamers –all they want to do is play the game.”
You’re usually dealing with a good gamer, he adds. But you end up hurting them when you have to come in and sweep up the damage that’s been done — and the only thing to do in that case is get on top of your fraud issues, protect your IP, and prevent fraud from ever happening in the first place.
Account takeover is something they’ve been seeing a lot, and not just in the gaming industry. But it’s a particularly insidious way to exploit the passion of dedicated gamers.
“When you think about a gamer who’s invested a lot of time and resources, or has a sense of identity tied to their profile, you can see how restoring that identity and getting back to gaming, can be used eventually to ask for some kind of crypto payment,” Sakasegawa says. And account takeover can happen regardless of the initial fraud approach, and it’s the most common way to monetize that exploitation. And then there’s the fact that once a fraudster gains access to those accounts, they almost always have access to some form of payment.
Bots are another big avenue of fraud in games, taking advantage of the churning that most games include, in which a player has to mine for gold or log in lots of time to gain experience points, Sakasegawa adds. The fraudster will create a ton of fake accounts which use bots to level up in the game.
“If a bot can spend time in the game for you, the players don’t think anything of it — they’ll just buy one of these accounts so they don’t have to waste time,” he says.
And that style of fraud is particularly treacherous and difficult to detect, because one of the best indicators for fraud used to be how long an account has been active. But now, with bots being so much easier to create, and with things like virtual machines at Amazon and other web hosts, it’s easy to create a bot that plays for you. They don’t have to be good at it. They just have to interact, and they keep the game client active.
So how can the gaming industry secure gamer data and build trust, in a world where expecting online fraud is just part of navigating the internet?
“Ideally, as you’re building your game, thinking about fraud in the first place is huge,” Adams says. “Then you’re actually building in mechanisms right away, as you launch your company, as you add that new product, as you add that new game. If you’re thinking about it in the first place, it’s much easier to do.”
It’s the concept of security by design, Sakasegawa agrees. And partnering with a fraud prevention company is key, especially if they’re honest enough to talk to you about things like what kind of community you’re trying to build, and what kind of engagements you want to have on your platform.
You also need to get your program managers and other stakeholders in your company on board with that idea, and create a shared pool of interests that can really help expedite and further security conversations you might have later.
“Hopefully you can address this before you’re burned by some sort of fraud, and then your community base is up in arms, and you’re trying to deal with that, plus trying to remediate some issues,” he says. “That can be a tremendous way to help yourself out from the get-go.”
To learn more about creating trust with your game community, why machine learning solutions are key to detecting ever-evolving types of fraud, and how to use data and intelligence well to benefit your company and your game at scale, and more, catch up on this VB Live event!
In this webinar, you’ll learn:
- How the gaming industry can secure gamer data and build trust
- How account takeover, fake licensing, spam, and scams pose a particular challenge to gamers and gaming platforms
- What policies your company should have in place around data breach ransom
- How to combat trolling
- Jeff Sakasegawa, Trust and Safety Architect, Sift Science
- Dean Takahashi, Lead Writer, GamesBeat
- Scott Adams, CEO FraudPvP.com, Former Director of Fraud & Risk, Riot Games
- Rachael Brownell, Moderator, VentureBeat
Sponsored by Sift Science