Presented by Akamai Technologies
Games have become a primary target for attackers because there’s real money to be stolen in the virtual world of gaming. How do you protect your game and users from the wide variety of threats today? Learn how to fight back in this VB Live event.
“You’re not just a game company anymore, says Jonathan Singer, Senior Manager, Global Games Industry, Akamai Technologies. “The game industry is one of the world’s largest completely unregulated financial markets.”
Companies are sitting on invaluable data like personally identifiable information (PII) and credit card information, and players tie up a ton of value in their accounts, and the world is increasingly aware of that. It’s a juicier and juicier target for anyone who’s interested in making money.
“I’ve heard so many times from game developers: ‘I won’t be defrauded, I’m a game company,’” says Scott Adams, Founder & CEO, FraudPVP. “But if you don’t have an expert at the table when you’re making the big decisions and planning out the game, you’re going to end up getting hurt. If you’re not used to thinking that way, you’re probably going to leave a lot of holes.”
Gamers are a niche demographic — they’re known for spending a lot of money, and their financial status has made them tempting targets. On top of that, the industry is increasingly moving from physical to digital, in the form of subscription-based services. You combine that with collecting a lot of PII and it’s just a really tempting target.
And gaming is seeking to become one of the primary forms of entertainment media consumption, and game companies are positioning themselves as a revenue force to be reckoned with, putting out press releases that crow about how much more their opening weekend earned than a recent movie, for example.
“As the industry seeks to go increasingly digital, to collect more information, to collect recurring payments and assured revenue, that makes it a really nice target for folks who want a slice of that, but don’t want to participate,” Singer says. “More and more credential stuffing attacks, more credential abuse, more things aimed at getting your data and getting your money out of the system.”
It’s your players who are your first line of defense, from their experience in the game to how they interact with you as a company.
“Players who are looking for an inspiring game to play are trusting the studios and developers that put games out,” says Lonnye Bower, COO, ProbablyMonsters. “You need to earn that trust by ensuring that all of the teams are thinking and talking about security, really from the initial stages. It needs to be a conversation you’re having on day one.”
It also means recruiting players into your security strategy.
“Hide as much as you can,” says Singer. “But you can’t offer the most secure experience without affecting the user experience. What you want to do is positively affect the user experience. You want a bit of security theater to it. It’s about giving them useful tools that secure the players that also make them feel secure and build trust.”
If you want users to enroll in multifactor authentication, they have to trust that when they give you their phone number, you’re not selling it. If you don’t earn the trust of your players, you’re not going to be able to give them a more secure experience. If they don’t already trust you as a publisher for other reasons, it makes partnering with your players on security more difficult, and they’re less likely to work with you.
“The entire experience of how they interact with you as a company affects your security posture,” he adds. “When you give them security solutions to use, when you’re collecting the information you need to further secure them, they need to believe that you have their best interests at heart.”
Part of fostering a culture of transparency and trust between the players and the studios is communication, Bowers says.
“If we are going to be adding anything that would impact the performance of the game, it’s critical that the studios or the developers have that communication open with the players, so that they’re aware of what’s happening and why it’s happening,” he explains. “That will build on the trust that we earn from them.”
We ensure users remain secure by keeping them informed, he adds. Making sure they’re aware that those are bad actors who will just go in and compromise their accounts is critical.
“If we continue the conversations and communicate with the players, they’re loyal to studios,” he explains. “They trust us. We owe them that much in terms of communicating everything to them.”
For example, you’ll see free virtual currency or unlocked and loaded accounts, and it’s so easy to get somebody to come in and take that bait, says Adams.
“A really good way to protect the players from that, beyond technology, is a lot of education, making sure players know that there’s only one place to buy currency for your game,” he says. “If gamers know that, that makes it easier, but it’s still going to be tempting. We have to make sure that we take responsibility and protect them, so you have to have technology to back it up as well.”
Game security has a lot of moving parts, but there are more ways than ever for the gaming community to huddle up and start fighting back. Access this webinar free, on demand, to learn more about herd immunity as a security strategy, plus how to adjust your models to address generational differences, leverage partnerships with other studios, and address specific threats from straight account takeovers to DDoS attacks and more.
- How to protect your game and players from a growing amount of online security threats
- The latest trends in credential abuse and account hacks in gaming
- How web attacks are evolving and where they are headed in the future
- How to integrate security best practices with the rest of the game for best performance
- Jonathan Singer, Sr. Manager, Global Games Industry, Akamai Technologies
- Scott Adams, Founder & CEO, FraudPVP
- Lonnye Bower, COO, ProbablyMonsters
- Steve Ragan, Sr. Technical Writer, Akamai Technologies
- Dean Takahashi, Lead Gaming Writer, VentureBeat