4 Simple Tips for Combating App Piracy
Game piracy is a huge problem. All app developers suffer from it, but game developers are particularly vulnerable. One acclaimed indie developer suffered a 95% piracy rate for his PC title, and the problem has carried over to many developers on the mobile platforms, especially Android. After months of hard work, one Android developer found that over 40 piracy blogs had picked up his game within 24 hours of launch. Mad Finger Games recently did an interview where they said they saw a 60% piracy rate across iOS and Android.
For solo developers or small teams, the best way to combat piracy is to do their best to prevent piracy in the first place. Here’s some anti-piracy tips to make life harder for those swashbuckling app thieves.
Tip 1: Switch to Freemium
It’s sad but true: the majority of pirated games on Android are Paid titles, not free ones. By making your game free, you are removing a significant amount of the incentive for others to pirate your game. There are numerous other benefits to freemium, but piracy is especially important on Android (and may help you monetize better to boot). For a detailed walkthrough on how to switch your app to freemium, Rovio’s Michail Katkoff wrote a guest post for our blog on the topic.
But freemium is not a silver bullet: IAP piracy exists
Yet while switching to freemium definitely deters pirates, freemium piracy still exists. On Android, programs like “IAP Free” and “IAP Cracker” give pirates the ability to spoof transactions locally to fool your game, or send fraudulent transactions to your game server. The majority of these tools are most commonly used on Android, but jailbroken iPhones are likely culprits as well. Hackers have even figured out how to unlock “free” IAPs on Apple’s own App Store, though using it was considered universally to be a bad idea.
The good news is that you can fight in-app purchase (IAP) piracy too, with methods that aren’t obnoxiously difficult for players to wade through. After sifting through countless forum posts, articles, and email threads on mobile piracy, here’s a short list of the simplest and most effective methods for making a pirate’s life difficult.
Tip 2) Remote communication
The baseline for any anti-piracy efforts on mobile is to have the app communicate to your game server remotely. Even if it’s a single player game, recording player IDs and actions to your server is the only way to fight piracy. You need to be able to understand if piracy is occurring and hopefully take action. This can mean shutting down account creations from a particular country if the majority of purchases from that country are fraudulent, by removing the ill-gotten purchases from users accounts, or shutting the offending game account down entirely. This is especially effective when used in conjunction with our next tip: online registration.
Tip 3) Online registration
The most commonly cited elegant solution for preventing piracy was online registration with an email address. Whenever the user goes to play, they need to authenticate with their email address (automatic sign-in is fine after the first visit). Doing so creates a gate that you can use to prevent pirates from accessing your game. Then, when you catch a user pirating IAP your game, you can shut out that email address and the pirate will lose everything they gained illicitly with the loss of the account.
If you want to go the extra mile, you can ask for email verification from players as well. You should choose the right place to do this within your game, but it should always be before in-app purchases can be bought. This ensures that pirates can’t use a fake email, and makes the piracy process more difficult because you’re adding more work to each piracy cycle. Each time a pirate gets caught, they now have to create a new email address in addition to creating a new account in your game.
Tip 4) Encryption
Lastly, to make a pirate’s life much more difficult, use encryption for all communications related to in-app purchases, especially IAP purchase confirmations to your server. This adds an extra layer of protection between your purchases that will deter many hackers, even if it doesn’t prevent all of them. And if you want to take your app’s encryption to the next level, you can use a third-party encryption service like Molebox to make your app extra difficult to crack.
An ongoing battle
The sad truth is that no matter what platform you’re on or how well you build your system, you’re never completely piracy-proof. That said, you can make your game so difficult or time-consuming to pirate that the majority of would-be offenders will give up. No one should let their lives be consumed by fighting pirates, so hopefully you can “set it and forget it” with these tips and endure much lower piracy rates with minimal maintenance.
If you liked this post, check out our educational developer newsletter.
Discuss this post on Hacker News.