- Dhiraj Gupta
ATO Risk in Gaming Industry is Rampant and Brazen
Children are put at risk of Account Takeovers losing their hard-earned game status as well as diamonds and other game currencies.
eSports is a serious online gaming type, and many children are building their competencies in this skill-based gaming genre. Most of them want to reach a level where they get recognized as professionals who could become eligible for titles and become part of teams where millions of dollars are earned through prize money and other sources. Just top 10 eSports titles had cumulative prize money of over $70 million in 2020.
While legally only 18 plus can play on these platforms, the reality is even children of 5 years and above are experiencing it. With covid-19 restrictions, the usage has increased. As per some industry estimates time spent on online gaming has doubled in some age categories. To verify this, one may not even need to go outside the home to do primary research.
Among the most popular eSports games is Free Fire by Garena. In February 2020, it crossed the 500 mn downloads milestone and since then continues to trend on several ranking charts in India as well as globally. While this was happening, it started to get attention from fraudsters as well. Today just a simple google search will lead you to so many ‘hacks’ to get diamonds free which are used by gamers to upgrade and get weaponry and ammunition. There are apps on the OS market places which ‘generate’ these free diamonds.
What’s the trick?
So, these fraud sites and apps ask for details like game ID from anyone looking for free diamonds for Free Fire. Once anyone gives these details the account is taken over by the fraudster or all the diamonds, etc. are flushed from the accounts. There are even instances where fraudsters put such high-performance accounts on sale after hacking them.
This is not an isolated issue with Free Fire alone. It is happening with all gaming apps, however rampant with popular games, and gamers of such apps will have high intent to look for such freebies.
What’s the big deal?
One might say, it's just a game. Why should anyone be bothered at all? Any gamer who falls into the trap can create a new account and gain all back, though after working hard again to reach the same level as before. Of course, this can be done.
But it's not the only implication.
Below are some of the serious repercussions of ATO fraud in the gaming industry: –
Losing real money: Gamers are spending real money on in-app purchases. A 2019 study by Deloitte estimates that in the UK alone, gamers spend over 43 pounds a year on in-app purchases. Similarly, relatively old statistics from Slice Technologies revealed that in the US, gamers would spend an average of $87 a year on “free to play games.” India is no different than these markets. Various studies have suggested that between 4-6 gamers do spend on in-app purchases. With the gaming population on the rise as more and more gaming smartphones are sold in the market, even if 4 of 10 gamers make an in-app purchase in India, it means several hundred million dollars a year being spent on games.
An account takeover fraud of a gaming ID means loss of real money for gamers who want to play a fair game.
1. Cyberbullying of children: The fraudster knows how to reach out to the children whose account is hacked. It can reach out to the child and harass digitally in various ways asking for a ransom against giving the account status back. This could be in the form of any kind of exploitation.
Another serious problem is that as many times children may not share or report the issue with their parents and could land in serious trouble. This could lead to emotional and mental distress.
2. Data and privacy breach: The fraudster could also get access to google or other OS account details and get access to the entire device including data and other applications on the smartphone. Children less than 14-15 years, would be using the phone of their parents to play games occasionally, leading to data breaches of parents which would have much more serious and confidential information including banking details, official documents, personal images, etc.
3. Ride on someone’s success: Someone would have worked hard and played a fair game to reach a certain level in the game to be considered as a professional. This could make the gamer eligible for awards and entry to tournaments. Though, the chances are rare as a gamer of this level would not ideally be looking for free diamonds to fall in the trap. But you never know about the possibility of anything like this happening.
How does it impact the game?
The impact is not just confined to the gamers. It also adversely impacts the game.
Firstly, there are issues related to brand safety. It directly impacts the reputation of the brand as well as results in infringement. There are so many websites and apps created using logos and other identities of such games. This is a brand infringement issue, and the website or app owner could run anything on their application that could severely harm the reputation. For instance, porn content.
The second issue is there would be so many dormant accounts. If a fraudster hooks a real account and flushes all the goodies out of it the account will no longer be in use but still be an active user. This will unnecessarily increase the user base without giving proportionate ARPU reducing the revenue potential and other key parameters judged by investors and the financing community. It could either impact the dreams of becoming a unicorn or take away the status sooner or later.
ATO or Account takeover is brazening and rampant in paid and subscription-based online services such as eCommerce, OTT, and now eSports. While eCommerce and OTT apps interface with adults who could still be difficult to break into, eSports gives fraudsters an easy playfield as it will mostly have children on the other side.
The gaming industry has to collaborate with ATO anti-fraud solution makers to mFilterIt to proactively stop this wildfire so that children of tender age could be saved from experiencing the dark side of digital at an early age where they cannot handle it.