Mobile games are particularly attractive to hackers due to their large user base, revenue generation, and the personal and financial information they have access to. The methods used to bypass, cheat, or modify mobile games have also become increasingly sophisticated in recent years. How does the gaming i ndustry keep mobile gaming apps safe from hackers?
App shielding solutions like Promon SHIELD™ make it difficult for hackers to reverse engineer, tamper with, or exploit mobile gaming apps. These solutions apply a set of security measures to the app’s code and resources, such as:
- Code obfuscation
- Encryption
- Anti-tampering
- Repackaging prevention
- Runtime protection
Code obfuscation
Obfuscation is a common security technique in app shielding to make it more difficult for attackers to reverse engineer mobile games. The goal of the obfuscation is to make it harder to understand the source code, and more time-consuming and challenging to modify.
Obfuscation tactics include:
- Adding dummy code
- Renaming variables and functions (e.g., replacing «game score» with a meaningless variable name like «Oslo»)
- Replacing simple code structures with more complex ones
- Using code virtualisation to make it difficult to disassemble the code
Code obfuscation usually comprises several tactics that complement each other, creating a layered defence for an app’s source code.
Encryption
Another way app shielding protects mobile games is through encryption. This makes it tricky for hackers to access the app’s data by encoding it so only authorised parties can decrypt it. Even if hackers can reverse engineer or tamper with the app’s code, encryption hinders their ability to access or modify the app’s data.
Encryption is a widely used technique to address security issues, such as safeguarding user login credentials, game progress, and in-app purchases. Advanced app shielding solutions use encryption to secure these data on user devices or within the app itself. Game developers should not store the keys on the device or in the static code. Rather, the device should generate them dynamically, utilising a whitebox-backed solution for added security.
Anti-tampering
Anti-tampering detects any unauthorised code modifications using integrity checking, root detection, and emulator detection. Once it detects malicious activity, it activates a response, such as denying access or shutting down the app entirely.
Here are a few examples of how anti-tampering can protect mobile games:
- Anti-tampering can prevent cheating by detecting hackers trying to modify code to give themselves an unfair advantage in the game
- Anti-tampering protects in-app purchases by preventing hackers from bypassing the in-app purchase system
- Anti-tampering can protect user data like saved games and game progress by preventing hackers from accessing such data
Repackaging prevention
App repackaging or cloning is a major threat, as it allows hackers to add malicious functionality, extract sensitive data, disrupt the gaming experience, and steal app revenue. If a hacker successfully repackages your mobile app, it can have serious consequences for brand reputation and player privacy.
App shielding makes it harder for hackers to clone app code. It detects whether an app has been modified or repackaged, and once detected, the app can take appropriate action, such as shutting down or alerting the user. This may also prevent the distribution of the cloned app.
Runtime protection
Protection against static attacks alone is not enough to fully protect your gaming app. You need to combine code protection with runtime protection for real-time monitoring, automatic blocking of malicious requests, and app-specific protection.
With runtime protection, the app may monitor the device’s memory for known cheating tools or detect when a user is running a game in an emulator. It can also block malicious code and shut down the app to prevent vulnerabilities from being exploited. With an advanced app shielding solution, you can turn your gaming app into a self-protecting app without compromising the gaming experience.
To protect players, maintain a positive brand reputation, and avoid potential revenue loss, game developers and game publishers should address the increasing risks from attackers and cheaters. App shielding solutions like Promon SHIELD™ will keep your app and reputation safe.
Want to learn more about how we can protect your mobile game?
Learn more
The OWASP Top 10 Mobile Risks is a list that highlights security flaws & vulnerabilities developers need to protect their applications from.
We have created a checklist on how app shielding can secure your apps, based on the 10 most common threats to mobile applications listed by OWASP.