Why Apple’s GameCenter has so many cheaters

We’re all human, and psychologically we all have a drive for competition… I mean who doesn’t want to get first place in something!?

9,223,372,036,854,775,807. This is the score you’re trying to beat in any game via the Apple GameCenter leaderboards, my advice is to stop trying to tap faster or play longer, you’re going to break your fingers off!

So why the value 9,223,372…? It’s actually the max possible integer in the 64-bit world.  Anytime someone “hacks” the score, they’ll send something like 99999999… to the Apple’s servers, which technically reduces down to the 9,223 value.

Basically, someone does a Man in the middle attack (MITM) on the packets of data transmitted (i.e. your last achieved score) to Apple. The hack is actually quite simple with basic networking knowledge.  And even with SSL encryption, a self-signed SSL cert can expose the transmission.  Check out this tutorial by MITMproxy.org to see how it works!

If you’re a mobile game developer looking for a fix, apple hasn’t released any updates yet for this.  I’m not sure why, I can think of a couple way to patch it.  Games like Spire Squire by Ressom Studios take a different route, instead of sending the scores to GameCenter, it sends to it’s own personalized leaderboard.

So what’s the advantage of your own leaderboard? Full control, multiple options of encryption, extended features, and so on.  The disadvantage? One of GameCenter’s main purposes is to encourage your contacts via iOS.  It’s kind-of like a mini social network by itself.. Poke, Share, etc.

If you want my recommendation on encrypting your mobile app’s server communication, contact me at michael@mkn.us.

Comments are closed.