Fake scores in Google Play Game Services

android google-play-games
Smotko picture Smotko · Aug 20, 2013 · Viewed 7.9k times · Source

Some of the scoreboards have been receiving fake score submissions. Here is an example:

Top three scores seem fake

The same thing happened to a game I've made. Is there a way to protect one self from fake submissions and is there a way of moderating the scoreboards?

Answer

sagis picture sagis · May 15, 2014

The most simple (and popular?) way users fake high scores is by using root access to edit saved data.

Few simple steps you can take in order to make it harder:

  1. Don't hold the score as is in the memory or on saved state. For example multiple/divide by a factor & add a constant. Even better option is to implement an encrypted shared preference.
  2. Add a check-sum to the structure holding the score (CRC32, MD5).
  3. Validate the score to check no one played with it when loading from saved state or reading/writing in the memory.
  4. Use ProGaurd to obfuscate your code. If you're making money use DexGuard which is much stronger and will also make software piracy harder.

Related questions

Google Play Game Services - unable to sign in

Right after yesterday's Google I/O keynote I've updated my Android SDK to integrate the game services into one of my apps. Things I've done so far: added and linked my app in the Dev Console (game services) included the …

Read More
Android games not working on Bluestacks

I am trying to play android games on pc using Bluestacks latest offline version. Some games like temple run are working fine in Bluestacks. But some more games like Candy Crush Saga, Dot,etc.. are not working and cannot be …

Read More
The minSdk version should not be declared in the android manifest file

Gradle Sync Errors are coming up on my build.gradle file for a module I imported called BaseGameUtils saying The minSdk version should not be declared in the android manifest file. I don't call this at all from what I …

Read More