Countering the ever-evolving scourge of cheating in games

FairFight anti cheat
6 February 2024

The anti-cheat landscape has a plethora of products and solutions without any clarity on the best course of action. Is finding the cheaters always easy, and if yes, does this simplify how to act against them? In this article, we first look into the prevalence of cheating and its persistence, despite the attempts of developers and studios to counter it. We will then demystify the anti-cheat landscape and provide a model to counter cheaters and their ever-evolving tactics.

Table of Contents

You are almost there! The day has comeafter months of hard work and incredible disappointment round after round. It’s just you and one other player vying for that coveted top spot. Your heart is pumping, nothing else matters and you are so focused that it hurts. You are on a losing streak but this could be your moment. The other player doesn’t even see you. You train your rifle scope and are excited that you will finally get the win, but right before you pull the trigger, you’re dead! They killed you with a knife from 250 meters away. The grief is overwhelming. You can’t believe it and promise yourself that you will never play this game again.

Cheating kills games and communities

The situation above is familiar, isn’t it? This scenario has no winners, not even the ones cheating. Players do not get to play their preferred game, publishers and developers are losing their base and of course, the cheaters themselves have fewer victims to harass. Cheating negatively impacts everyone involved, and that’s why it’s important to understand how to limit cheats and the number of cheaters in your game to protect players from an unfair competitive edge and keep the game title sustainable over time.

The gaming landscape with cheaters

A study conducted by Irdeto in 2018 found that 12% of online multiplayer gamers use cheats regularly, which not only impacts other players but also the developers and their revenue streams. Irdeto also pointed out that 60% of players have been negatively impacted by cheaters in the games they play, which ultimately led to 77% of the respondents being less likely to play the game as a result. Subsequently, 48% of gamers said they would buy less in-game content because of cheaters in the game. Because of this demand for cheats, you have a booming cheat development market.

Cheating is a business and business is good

Cheat development is a full-blown business. We will not mention the cheat websites, but it’s as easy as googling the location of a restaurant. If you enter GitHub, you can find over 540 different repositories for Fortnite cheats. With many cheats being behind paywalls, making them less visible to the current client-side anti-cheat solutions, it leaves anti-cheat methods constantly chasing continuously updated cheat scripts. And let’s be frank, cheating is not going anywhere; some players have always been, are and will continue cheating.

Cheating across genres

One may think cheating occurs only in first-person shooters (FPS), but this could not be further from the truth. Cheating is prevalent in every genre; from aimbots used in FPS to exploiting game’s bugs in multiplayer online battle arena (MOBA) maps, botting, wallhacking and everything in-between. Due to constant updates to cheat scripts, anti-cheat systems employed by games are struggling to catch up, therefore, the gaming community plays a huge role in this ever-lasting battle.

Client-side vs. server-side anti-cheat

To battle these exploits, anti-cheat software is often employed by game developers. Anti-cheats come in two formsclient-side and server-side.

Below you can see a breakdown of client-side and server-side anti-cheats innerworkings.

Feature
Client-side anti-cheat
Server-side anti-cheat
Primary function
Scans RAM for unauthorized software
Uses in-game data for statistical analysis
Detection method
Signature-based; identifies known cheat codes
Performance-based; monitors player stats and actions
Installation requirement
Requires installation on client’s machine
No client-side installation needed
Activation time
Instant, with no setup time required
Requires time for initial data collection
Update frequency
Requires regular updates to detect new cheats
Less frequent updates, focuses on data analysis
Effectiveness
Effective against known cheats, vulnerable to new or modified cheats
Effective in long term, low false-positive rate
Drawbacks
Easily bypassed by new or unknown cheats. More susceptible to workarounds than server-side anti-cheats.
Requires time to gather and analyze player data

Client-side anti-cheat solutions and compromises made

Due to the sheer ease of integration and often being free to use, client-side anti-cheats are so popular in defense against cheaters. There are a few notable anti-cheat solutions in the market, such as Valve Anti-Cheat (VAC), BattlEye, Easy Anti-Cheat (EAC). Even though they are highly available and widely adopted, they are not foolproof and are only effective until the bugs/exploits are patched up by the game developer. Also, not all game developers force updates on users, leaving the result of their experience up to players. Client-side anti-cheat might not be the most efficient protection, due to it being effective until the cheat scripts are not tampered with, but it is protection, nonetheless.

Server-side anti-cheats look for anomalies in the gameplay, flagging exceptionally well playing players for further inspection, without going through the players’ files.

Strategies to prevent cheating

Even though the market is full of anti-cheat solutions, some are more effective than others. Even the more popular ones in the market often only limit cheating, thus not really solving the inherent problem, only reducing the symptoms. There are several strategies game developers can adopt to limit cheating during game development phase.

Server authority

A common cheat-prevention strategy relies on putting more authority on your game servers, where all or a majority of player inputs are handled solely on the game server. This means that the cheater cannot tamper with inputs on the client-side due to centralized control and validation of game events and states. Server authority reduces the effectiveness of client-side manipulations. 

For example, if a player attempts to move faster than the game’s parameters allow, the server can detect and reject this action, preventing common cheats like speed hacks. 

The authoritative server also maintains a consistent game state across all players, ensuring a fair and cheat-free gaming experience. If there’s a mismatch between the game sessions, the client session is restarted, which effectively deters cheating. However, this strategy entails sending more data between the client and the server, increasing bandwidth costs and exposing the data for manipulation and interception.

Encryption and virtualization

Game developers can also use encryption and virtualization of their software to prevent cheating. Encrypted code does not allow cheaters to tamper (intercept, modify, or manipulate game data) with the game code directly, introducing several layers of security. However, this adds considerable computational burden on the CPU, potentially reducing the game’s frame rate. 

Virtualization, whether it is a container running a game or a virtual server, allows for higher control and visibility when it comes to system interactions. It is used to protect the critical components of the code by preventing player interactions with the system at a lower level, such as memory tampering or unauthorized code injection, where the encrypted code is running on a virtual CPU with commands differing for each protected file. Together, encryption and virtualization provide a strong defense, enhancing the security and fairness of online gaming experiences.

Community

The gaming community plays a huge role in this fight against cheating. Gamers are the first line of defense when it comes to facing cheaters and providing developers with on-ground insights into potential vulnerabilities and the effectiveness of existing anti-cheat measures. It’s really the community that keeps anti-cheat developers on top of their game. By boycotting cheat providers and advocating for advanced security measures, players can directly influence the demand for cheats and support more secure gaming ecosystems. Ultimately, a positive gaming culture inherently discourages cheating while staying positive, inclusive, competitive and of course, fair.

How does i3D.net protect gaming communities?

While there are multiple anti-cheat solutions available, i3D.net’s proprietary anti-cheat software — FairFight delivers more than just fair gameplay. 

How does FairFight anti-cheat work?

At the core, it is a rule-based engine that collects a variety of datapoints from the player’s gameplay. It collects data from everyone and works its magic with two different statistical models that are cross-referenced to detect anomalies in gameplay. Once the number of “hackpoints” reaches a certain threshold set by the game developer, and the high hackpoint count has been strongly and positively correlated to cheating, game developers can use FairFight to punish cheating in ways only limited by their imagination. You could do virtually anything.  

For example, if you have a player using aimbot, you can make them reload after every bullet shot. Or you could annoy them by kicking them out of the server whenever they try to walk or move forward. And because FairFight evaluates gameplay anomalies, it is an effective tool to limit game exploits in every single game genre (e.g. aimbots in FPS or botting in MMORPGs) and on any platform (PC, console, and mobile) available.

What is more, FairFight has Unity and Unreal Engine plugins, that allow for seamless integration with your game, making sure you are protected from the get-go.

Although FairFight’s statistical analysis is top-notch and delivers 99.96% accuracy, it can always be combined with client-side anti-cheats. In fact, there’s an available API for that and it is advised to protect every front.

How it works
  1. Events are collected using the FairFight API and sent to the FairFight server

  2. Events are processed, filtered and stored on the FairFight backend

  3. Actions are sent back to the game

FairFight Backend
  • Statistic and HackPoint system
  • Condition and analysis engine (aim-bot, illegal speed, etc)
Fairfight anti-cheat

FairFight has been successfully protecting the frontlines of Electronic Arts (EA) Battlefield series games:

Over the past six months, we’ve steadily ramped up our anti-cheat efforts, working closely with the FairFight team to detect and remove more cheaters than ever before. In October alone, we sanctioned over 8,500 accounts. Since then, instances of cheating have declined.

20 years of expertise

After being in the anti-cheat market for over 20 years, FairFight has and continues to grow at an enormous pace. FairFight’s team of seasoned experts follows new cheat developments every day to adjust, fix and maintain the most granular gameplay fairness protection. With future developments in artificial intelligence and machine learning, including tailored protection profiles for each game and each genre, it is as customizable as ever. FairFight will cheat the cheaters out of your game.

Main Take-Aways

The article discusses the persistent issue of cheating in online gaming, exploring the prevalence of cheats and their impact on players, developers, and communities, while presenting a breakdown of client-side and server-side anti-cheat measures.

This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.