KOLKATA: A few years ago, online gaming was regarded as a mere recreational activity in India. With the digital ecosystem reaching a new pinnacle, the gaming industry has observed rapid expansion in terms of users as well as investment. To keep users hooked and grow the existing base, the industry is shifting its focus to quality user experience. Alongside that, the stakeholders are increasing investment in security too.
In a panel discussion at GEMS 2020, ‘Building a robust backend and infrastructure network’, moderated by indiantelevision.com founder, CEO and editor-in-chief Anil Wanvari, industry experts weighed in on factors that should be considered for user engagement and platform security.
Name of the game is user experience
With India being one of the top five mobile gaming markets in the world, Indian players are acquainted with buttery-smooth gameplay and immersive user interface, courtesy global giants like Tencent, Activision etc. If an app is in any way inferior to this golden standard, the consumers would reject it, said GOQII founder and CEO Vishal Gondal. Loco VP engineering Viral Mehta added that keeping users engaged outside of the core game should be of top priority.
Tata Communications media and entertainment services sales BD head Anand Pimprikar underscored that equal importance be accorded to pre-game and end-game experience. To this end, the use of multi-CDN and the good peering relation of delivery networks can benefit gaming platforms. Moreover, since bandwidth issue has always been a stumbling block in the Indian market, platforms should actively monitor the network to track performance and direct traffic accordingly, he said.
“Serving things through CDN helps a lot and I think a major part is that you have to write some really good fall back mechanisms. Let’s say your user has a really good 4G network and he is travelling and keeps going from 2G to 3G to 4G, you need to have a really good fallback on your backend and client both. And you render less information on his screen when he is on a lower network to make sure the critical part is always there to give him the experience of playing, ” POCKET52 co-founder and chief technology officer Satyam Verma elaborated.
Enhancing security: A work in progress
When there are more fish in the sea, the sharks gather to feast. DDoS attacks are par for the course, but attackers are becoming more and more sophisticated, said Verma. According to him, they read patterns to discover vulnerabilities; in fact, attackers are able to identify and exploit threats even before platforms flag them.
Read more news on the Gaming industry
“Hence, you are the best judge for yourself to decide what is healthy traffic. You can identify these are my healthy URLs, healthy traffic, the patterns of traffic. If something is crossing that, it goes into the bad cluster, then we can put some restrictions,” Verma advised.
GAMES24X7 chief technology officer Sandeep Agarwal said there has been not a day without DDoS attack. Agarwal said that his team protects the platform at all levels using advanced software tools. Hosting an open source software on the cloud service provider has greatly helped the company. Overall, the security situation is steadily improving, Agarwal assured.
The strength of a program’s security depends on the ignorance of the user. But pirates are smart, enterprising and persistent. They cannot be eliminated, but that doesn’t mean developers are about to throw up their hands in despair.
“We keep analysing what sort of threat and attacks could come our way and the infrastructure we need to put in place in order to safeguard ourselves. We have third party services keeping those threats away. We have a team that keeps analysing those threats. It’s a continuous development,” Winzo lead backend developer Rahul Sharma said.
‘Social media and security risks go hand-in-hand’
The industry is more concerned about attackers resorting to social media networks to orchestrate security breach, GOQII’s Gondal said. Using social media, attackers can hack user credentials, compromise computers and smartphones with malware, and use phishing tactics to steal credit card, banking and other sensitive information.
Moreover, fake apps are mushrooming as well. Already, over 500 copycat Fauji apps have popped up on the Android and Apple app stores.
“We are massively struggling to get that down. These platforms don’t take any of these requests seriously. Also, there are several accounts on Instagram, Facebook, Twitter that sell you fake ids. At one end, while there is the whole server-side security, the bigger security risk is on the social network side where people are getting fooled. Frauds are happening in real money gaming also through passwords, OTPs,” he added.
The need for cybersecurity in gaming
Online gaming has a unique kind of duality when it comes to cybersecurity. A gamer is a software user just like any other; he or she is subject to the same security risks and threats as any other user. The same security principles are just as effective and important. However, each threat also involves a unique twist, adding a complication that isn’t seen in any other field.
As security threats pose a grave challenge for all parties involved, Supercric co-founder and CEO Arvind Sivdas finds that it is better to formulate a security plan while development is in the nascent stages.
Often, gaming companies tend to overlook security aspects at the initial juncture due to funding concerns, but following the Fortnite fiasco in 2018, they should know better. Even if they cannot fix the threats at that stage, conversations such as this panel at GEMS today may direct them in the proper direction.
“When you understand a pattern of threat, attackers will come up with a new pattern. You can’t overdesign security,” Pimprikar added.
Today, attackers have more options to compromise a player’s security at their disposal than ever before. By knowing which aspects of security are the same and which are different, game companies and their customers can protect themselves, and stay safe in a way of life that’s “just for fun” while avoiding potential for real loss.