My friend and I were discussing the queue’s that have magically appeared on Enviska since launch… and they suggested a way to combat bots while also providing extra security to accounts.
MFA - Multi Factor Authentication
I understand this might also become an issue for people who do not have mobile phones, but an authenticator with a verified phone number would slow bots considerably if done right.
I would also suggest, possibly in the form of a mobile app to also complicate virtual phone number usage.
Mobile app that can be automated with ease in emulated environment?
Phone number … you can have dozens of them for few $ ina many countries.
Etc. etc.
This is the wrong way. But seeing AGS rushing towards IP bans … no wonder people have strange ideas. ;o)
we need game masters, they are making the money to afford them, demand they hire them instead of expecting the consumers of the product to diminish their experience for a solution that puts a bucket under the drip instead of fixing the leak
The only semi effective way to combat bots that we as a human race have found out is captcha, sure there are cheap labour for captcha but we need to think of something with captcha to reduce bots efficiency. If people can’t live with captcha then there really isn’t any efficient way in my humble opinion.
Maybe the other way is heavily ban gold buyers from bots, there will be false negetive but…
Not really… Having an authenticator that produces a random number each time, that you have to put in what it says can’t fully be automated, additionally even if they can buy virtual phone numbers setting up each new account with a new number can still be made more complicated… IE… using the physical phones IMEI in the first time verification process. Virtual phones don’t have IMEI’s since it’s a hardware fingerprint.
I don’t think it’s a perfect solution and never claimed it to be… I also said this was for account security as well. Granted steam also has two-factor and an authenticator.
Unless these “random numbers” is good captcha, there always be a way to automate them. They can not verify phone IMEI, ask phone manfacturers? Emulators can fake/have IMEI, nothing prevent them to do so.
Some people value their privacy and personal information, they won’t give it up just for a game.
Two factor is security measure for authentication, never been designed to combat robots.
Sure, it can be pictures of digits so no copy/paste, not for me to figure out. Actually, there are plenty of databases available with free API’s that can verify if an IMEI/ESN is legit since, again, it’s a unique identifier. Sure it can be faked if you randomly guess a combination of manufacturer, model, sub-model, carrier etc…
I’ve seen very similar verification used in the past when creating accounts in SE Asian games over that past 10 years. IIRC I’ve even seen one where they used the equivalent of a state ID so that only people from that region could even register in the first place.
I hear what you’re saying… again, it’s just a suggestion. Whether or not it’s good/viable or an “invasion of privacy” (somehow? ) is meaningless to debate. It still functions as a means of thwarting bots, which is the point of this suggestion in the first place.
I know very well what the intended use of 2FA and MFA is for; I’m literally a certified cybersecurity expert, which is how this came up in conversation in a discord. While not it’s main purpose, it still has a secondary and unintended use case in this situation, that can be applied and potentially effective.
If you disagree or don’t like the idea, that’s fine.