How to protect Unity games from copying/abuse

I was wondering if there is any protection feature in Unity, like a license key or something like a procedure to activate a licensed copy online (in case teh game is in a browser)

Otherwise, someone has any clue about how to use an external program that does the protection and then call the Unity game?

I see a lot of people here making amazing stuff and i wonder if i am the only one that had a thought about protection, copyrights and stuff like that (unless everyone is so nice to spend months and money to release free games :P)

Thanks!

I have raised this question before, you need your own 3rd party tools.

do you have a link to the topic? i can’t find it on this forum

BTW i have 0 experience in protection systems on Mac, since i work on Win apps…on web apps maybe is possible to get an ajax page that authenticate the user and then let them use the web player to play, but i see no escape on a mac…

http://forum.unity3d.com/viewtopic.php?t=11652&start=0&postdays=0&postorder=asc&highlight=molebox

Security is the bane and blessing of every computer application. Not to discourage you, at all, but temper your investment verses loss. Much has been said in the above linked discussion, and I personally agree that some basic security/obfuscation would be very nice out of the box.

Custom security solutions are time consuming, but have the advantage of being unknown - you have to want to crack my game to get it. Boxed protection has the disadvantage that someone may have cracked it long before your game came along. In either case, it really comes down to who is trying to get at your assets, and how much time do they have. For example, someone had enough time on their hands to figure out how to defeat pointsec harddrive encryption protection by freezing the physical RAM to retain the decryption code(s) long enough to access them.

Think about that. My philosophy on computer security is: if someone can see it, someone can steal it. Melting down the machine is the only security measure that should work (that said, I have seen some security counter measures that would scare the wits out of you!)

I understand the concern, but EULA and legal approaches are your best recourse against someone stealing your hard earned efforts to make money. Now if your doing any kind of transaction system (particularly credit card based), or housing sensitive user identity information as part of your game… investment in a complex security system is justified (due diligence).

Hope this helps,

Galen

Thanks guys

Galen:
I am aware of protection issues and other stuff like that I work with Windows development since 1999, and i’ve seen protection systems come and go, but on mac i have never done anything at all related to security, so i am kinda frustrated that i can’t launch VS and write a DLL that integrate security >_<

My concern is that whatever is man made, can be cracked by a man…there is no way to totally protect something, but the philosophy is “if i can’t stop you i will bore you so much that you will loose interest in cracking my stuff”, and this is what i did for the past 30ish commercial application that i wrote or collaborated on.

Then if we consider that who get a copied software do not go around asking for money, but simply put it on torrents and your work of months and months is gone…and EULa and other stuff like that are no help at all

Reading the article that zumwait linked here, seems that the only way to do something like a 3rd party dll is to get Unity pro; while i have the indie license; and even in this case, the DLL would be exposed, so any cracker can do the job and reverse engineer the dll getting the concept of how i protect the app; while would be smarter to get an integrated protection system directly in Unity, like a protection module that would work like all the other features in Unity (gui manager and similar); so once that the game is compiled, the entire circus that run behind the scene is protecting the app from illegal distribution (unless you make a mmorpg you WILL face this issue for sure )

Relating to this discussion, this might int rest some: Reasons why people pirate games (via Positech Games):

I could agree with the article, since DRM are illegitimate way to keep stuff under control…and cause more issue than the problem that it resolve

Let’s face it; videogames and software in general cannot be compared to this; because if Mr 50cent get a bunch of guys that copy his albums, he will not have problems to go around with his cadillac or think about how to feed himself; while if 2-3 developers invest money and spend their free time to make something nice, i think that a pirate copy would damage them much more than the damage that any big singer/songwriter would get.

A game sold at 10 bucks for each copy worth the effort to copy it? some does, because they are rotten inside, down to the soul; others does it because they think that they are smarter than stupid people that buy original software; and others simply because they are too lazy to realize that this is the work done by few people that put their best effort to make that game/software.

If i buy Unity pro i have to get back what i paid, plus gotta make a lil bit of income from what i sell…if is 199 i can’t care less, but for 1500 dollars i can’t let anyone to get my stuff without paying ; free software is one thing, commercial software is another I made stuff for free and for the fun of doing it, but i used free IDE and public domain libraries, so i would not feel like i wanna make money; but again, when you spend 1500 dollars you think that is still ok if you make stuff to sell it and others copy it and get it for free?

Sadly these things are hard to grasp for who is younger than 30 and do not have to worry about paying bills, taking care of children and wife and all the rest…i was a spoiled kid, but then i grew up and learned what does it means to pay for something that you want, instead of getting it fro free from internet.

Going OT…is a bad habit that i have

Anyway…seems that the most feasible solution to the problem is to not make any mac app, buy pro and sell it on windows, so at least i am able to use all the stuff that i have with the EXE created by Unity

Unless someone else pull something from the cylinder

Since it takes nearly zero effort to make a Mac build, that doesn’t make a whole lot of sense. It’s not like you have a laborious porting process that needs to be paid for. Even if 99/100 Mac people pirated the thing, you’d still come out ahead. Except Mac people are somewhat more likely to spend money on software judging from some sales data I’ve seen, so the premise seems flawed to begin with.

–Eric

Eric, what is the point to use the zero effort choice, building in mac, while i have zero protection against illegal copy?

You say that mac users spend money for the products, and i would agree since i see the sales of Apple products, but at the same time if you give out a product that has basically no protection, don’t you think that someone would be tempted to pass it to a friend? even if is only 9 bucks?

buy a car and leave it open without alarm outside your house…if you live in beverly hills maybe you will find it there the morning after…would you bet to do something like this? I am sure that you would not do so, and the same goes for software

Because you’re not losing anything? Even if you had no possibility of any DRM at all (which is certainly not true, you can implement your own registration code system or whatever, if nothing else), it’s not like 100% of the customer base is going to pirate it. Apple sells all of their OS X upgrades without any copy protection but they still sell loads of copies. I think you’d be far better off concentrating on making something good instead of expecting all your customers to rip you off.

–Eric

I think that analogy is flawed, if they steal your car you actually loose a physical entity aka. you have nothing to drive in. If they pirate your software you still retain access to it.

MAybe you are right; but when you say “you are not losing anything” is not true

Unity pro + models= 3K
Selling price $9.99
10%of the people buy it, the rest copy it
total gain: maybe you are still 2K under

This is not loosing anything? while with teh indie license maybe you can get back the money that you invested, with the Pro license the chances are good that you will not get back your money (unless you go pro using some big company).

Apple sell unprotected software that runs on specific machines that cost 30% more than a same configured pc; now with leopard the things starts to get different, anyway, have you ever noticed that PC are 70% of the market, compared to 11% of macs? if Apple sell a macbook and you get a copied OS they can;t care less, since you already paid more than what expected; while a pc cost 200 dollars, and M$ get revenue from hardware sold too, so for them the fact that they get pirate copy of Windows counts not too much, due the high volume of HW sale and companies that MUST buy it original, and almost every company uses PC, so you can do the math

Another example with the PSX: Sony was selling the console, then they realized that 10% on the software as royalties was not too much, so they released undercover, the schemes to make the modchip, they lost 10% for each game that was pirated, but they got 100% of the gain from the sale of each console, and the number of console grew so much that it became the main console that everyone had or must have

Now long story short: these are corporations, the example is totally out of any resemblance with many of us, that make games by themselves or with friends in their spare time outside work (some maybe still study); so anything that is not coming back from the initial investment is a loss; unless you are so careless to buy 3K in software and material to not do anything commercial…in this case is a choice, and i can’t really say anything

If they steal the car maybe you have insurance; but is still a loss, and you an get the bus in the worst case…so you wanna protect your car with an alarm, closing it in a garage and maybe locking it

If they pirate your software you have a loss, since the money invested are not coming back, aka the company close or the person, if the company is made by a single individual, simply stops to develop.
So unless you make stuff for free because this is what you decided in the beginning, (and you don’t mind to spend money for something that will not get you back anything); the first thing that you wanna do is to make a protection system that annoy the users so they will not even try to crack or copy it

If for you loosing 3K or more is nothing to loose…let me know if you can loose some more, i need a Pro license

Maybe for an artist the problem is not a big of a deal…in the worst case you can sell the models and artworks; but for a programmer, that has to buy models is kinda different (also the mentality of artists and programmers is different, when is a matter of spread their efforts ), since all that he can do is to sell the code (maybe?) to someone else and getting back some of the money invested.

You don’t need to agree with me…is clear that not everyone think in the same way; some spend money for nothing, some wanna make money…this is how it works

I’ll come back to, who are you protecting against? You are rightfully concerned about loosing your hard earned investment. In a recent game informer article I read comments from the CEO of a company that just published their first AAA game title this year (last year?) (I thought it was the people behind Sins of a Solar Empire, but I need to check again).

Their company hasn’t historically made games, this was their first pass, and it worked! Any way his comments when along the lines of: ‘the game industry treats everybody like a criminal first’ the meaning was the assumption that everyone was guilty, so mass efforts were put into preventing that. He advocated little effort around copy protection, and instead, only providing support/patches/etc… to registered owners. In fact they’re in the process of setting up a game distribution portal with just that approach - which was getting support from the big game makers.

The assertion that any thief is acceptable, or trivial based on financial impact to the victim is just wrong! Yes, $1500 and time would seem to mean more to most of us when someone pirates a $10 copy of our game, but EA would argue that their $50 title cost them $10-50 million dollars, and they get pirated on a massive scale. People loose their jobs there too when profits don’t materialize to support their wages. Think that’s far fetched? EA needs to re-coup that $50,000,000 spent in development mostly within 12-24 months of release. Same goes for all the game makers big and small. As you know, the game market is fickle, most of the sales/attention is on the latest/greatest game(s). Sorry, but I take offense to rationalizing arguments.

All that said, again, who are you defending against? Simple registration for activation/support is a proven deterrent to “casual” piracy (it’s even pretty good for all types of piracy). Those with the skill and incentive to analyze DLL libraries, will be able to quickly over come obfuscation, encryption, whatever.

Thanks,

Galen

That was interesting Galent.

I start from the assumption that we are humans, and all humans have the same tendency to do the same things (otherwise we would not need jail or other deterrent for who commit a crime); so the principle is to prevent, and give little margin to think “well, i could get it for free if,”; because i know that you cannot stop everyone, and sooner or later the protection will be cracked.

People loose job everyday and in every place/profession; so you cannot use it as factor for your theory, since is a big variable (people get fired even if the game do not sell enough or get bad reviews, believe me…or better, he get a “suggestion” to change company and work somewhere else).

If we look at sales volumes:
I invest 10, get back 1= loss
average joe invest 100, get back 10=loss
EA invest 1000, get back 10= loss

Totally true, but EA makes money with many other stuff (merchandising, sponsorships, licenses, etc), and has a stable franchise that sell no matter what, even if people pirate some copies…and me and average joe do not have this luxury so as you can see, they do not loose too much, otherwise would be dumb to keep going a company that is in passive while for me the things are different, since i would not invest anymore and find someone else that want to take the risk to develop my projects (sometimes you make more money as game designer and get the check every month or work for commission)

I am too concerned, that’s true; seems that you got the point precisely but seems that everyone is paranoid about security of their products in the software field…so is really so wrong to try to protect your work?

The point is that you seemed to think the solution was to only publish Windows versions, and I pointed out that, as long as you’re using Unity anyway, not making the tiny effort to click on the “OS X Universal Binary Standalone” button is silly.

Again you miss the point–the point is that people don’t, by and large, get a copied OS. Apple sells many many copies, with no DRM.

–Eric

There’s a very significant difference between losing something and not gaining something. The point was about creating a Mac build (which comes “for free” once you have created your game, i.e. it does not generate any extra costs).

Now, you have two options:

a) You don’t click the “Mac build” button. Zero gain. Zero loss.
b) You click the “Mac build” button. Gain depends on how many people think your game is cool enough to be purchased. Zero loss.

If someone pirates your game - that’s unfortunate, but most people who do that would probably never purchase your game anyways. So it’s not really a loss. It’s just someone playing your game who wouldn’t have purchased it anyways. However, some people might like the game enough to say “cool, I want to support this developer” (yes, these people do exist).

And now comes the interesting part: Pretty much everyone hates copy protection. So when you are known to have this super-hi-tech DRM-system, quite a few people may not buy your game even if they like it, because - like myself - they simply don’t put their money into stuff they don’t like (e.g. people using ugly copy protection).

So, my opinion is that this idea of making more money through copy protection is pretty much an illusion. In most cases, it only harms honest people while pirates enjoy the challenge and then enjoy having hit you (who thought he could be smarter than they are). And the bizarre thing is that in quite a few cases, the “pirated product” is simply the better product, because it doesn’t get on people’s nerves with it’s “anti-piracy measures”. Because they were removed.

Thanks!

Absolutely not! Protecting your work makes good sense (both business and common ). All I’m suggesting is don’t let paranoia lead you down an endless road, investing far more than necessary verses actual potential losses. Registration is simple and cost effective. On the brighter side, given the cost of advertising/marketing, if someone does go and pirate your game, you will actually get better exposure than you might have achieved. Again, tying support to a valid per user code, will have those that have a pirated copy thinking hard about purchasing just to improve what they have.

Thanks,

Galen

EULA is the only measure of protection you have. Almost all software now requires upon initial use, an activation via the internet. I have been doing more research since that initial discussion I had. MoleBox Pro works just fine with Unity builds and I will stick with that. I would surmise that the majority of hackers are on Windows. Frankly have you seen the shelfs of games at the Mac stores? Rather empty.

The other problem is updating your programs.
I have no issues with this with regards to single click deployment in 2005/2008 however, Unity doesn’t have an ‘upgrade app’ path at the moment. The work around for that is strictly streaming assets.

Think about this angle for a minute, its the direction I have taken.
First they install my app, good, now lets just assume they hacked it, so…
I thought about that, well, they have to activate there games that I created through my activation server. To do this, they have to have an actual user account which has basic information about the computer they are using so I can easily identify them. This helps me to determine which games they have activated and what content they are privy too.

Twist is what comes next.
I have encrypted blocks of data in my content that identifies the user individually, this key in and of itself, hooks to the main program, so the main program has a unique key for the player, each piece of content has that same key, and that players installation of the game is identified back at the server.

If a person were to pass around that data, it simply wouldn’t work on another computer. Key mismatching occurs and the game will fail to operate.

Per purchased copy of the game, I allow up to 2 installations / activations of the game and content. The content ‘packs’ as it were, are encrypted. When it comes to updates, I can stream additional content they are privy to and merge it into there current content, thats tricky for me but works.

There probably is a way to hack that, but if someone takes the time to screw up the game on the client and tear it up for content, (IE, characters, materials, the like), there is not enough info without the key to get the data locally. Granted the key is only 96 characters in length 128 bit encrypted, but it would give them a headache for a few weeks at least.