Saving Data Securely

So right now in my Android game, I’m using PlayerPrefs to save some data, like settings in the options and such. And I’ve heard that PlayerPrefs isn’t secure and can be edited.

Now I want to start saving the unlock status of some things that are unlocked by either in-app purchases or through an internal mechanic in the game, which I also want to save a neumeric value for.

What would be the best way to save those values to keep them secure?

Often simply serialising a bunch of data to binary will obscure the details. Then just dump the whole resulting string in your save file.

Doesn’t work if your player opens you scripts and figures out the exact serialisation technique, but it does stop casual tampering.

…So uhh…how do you do that?

I’m not exactly the worlds best programmer

If you cannot do something advanced like that, you can always do something very simple.
If they see health = 100, they can do memory scans for “100” and change the value of health when they want.
So to protect this, you can do something like adding an constant offset to protect values. (Isn’t the most secure of course but will trick a lot of baby hackers)
So for example instead of having health = a value.
Do health = 100 + 32; //32 being my offset.
Then just whenever you deal with health make sure to minus the offset by 32 (to keep it the real health value).

Good explanation of serialisation to binary here.

https://unity3d.com/learn/tutorials/modules/beginner/live-training-archive/persistence-data-saving-loading

1 Like

OK, I haven’t forgotten about this, I just need to get access to the code which is on my friend’s computer.

I just needed to find the thread again because right now I have time to watch this tutorial

OK, we tried to do this, and now we are having a problem.

We followed that tutorial and after doing what he said, we got this error

SerializationException: serializationStream supports seeking, but its length is 0

What did we do wrong?