Greetings, glorious adventurers! If you're joining in our Alpha One spot testing, please follow the steps here to see all the latest test info on our forums and Discord!

My opinion: A big problem that could compromise the stability of the game. (Cheaters)

In recent years it has been nearly impossible for companies to fight against cheats or bots and the most nerve-wracking thing for them was the re-creation of new accounts by these individuals.
To avoid creating new accounts by individuals who have used third party programs or received a suspended account, one thing that is used in Korea could be done.(KSSN)
The use of the Italian tax code, EORI (Economic Operator Registration and Identification) code, the id that is release by your country could in my opinion fight against these things.
To also improve access and have more security, you could create a phone application that allows you to connect the id and verify the authenticity of the person through facial identification, then use the appropriate phone camera to recognize the face front and side.

You may not agree with me, but this could block access to anyone who has been banned from using cheats or bots because their ID is no longer usable.

Comments

  • CawwCaww Member
    no please...
  • kyrigakyriga Member
    can I ask the reason for this no? can you argue?
  • SongRuneSongRune Member, Alpha One, Adventurer
    edited June 2022
    This doesn't work in the USA.

    The government does not provide any form of national ID card or number. (There's a lot of politics there.) The closest equivalent, Social Security Numbers, are not available to all residents. Even then, the government will only verify a person's SSN if you register them as an employee and report wages for them, so there's nothing to stop a botter from randomly entering MY SSN instead of their own. There are some background check agencies and the like, of course, but such verifications quickly become expensive.

    At the same time, there is no single government ID card you can expect any US resident to have. If you want me to upload a scan of my Drivers License, what if I don't drive? My passport? What if I've never needed to travel internationally and haven't applied for one? We have a lot of different types of ID, but none are remotely universal.

    And all of this avoids the fact that most americans will find these measures extremely heavy-handed, and be averse to them. We're not conditioned the same way that certain other populations are, relative to providing government identification for random online services, and we're actively conditioned to consider our SSN to be 'identity theft' level information (because it is). Nobody but banks, creditors and your employer should ever get that number.

    The best you get is phone numbers, with text message verification, such as twitch and twitter use. This would offend far less people, and that... honestly is almost practical, but for various reasons, it's not exactly a silver bullet either.

    EDIT: I realized that I haven't covered facial recognition. There are serious problems with this use of facial recognition related to racial biases in the technology's training sets and designs that meaningfully affect even the police ID databases. Facial recognition is meaningfully less accurate for subjects of certain non-white races. Aside from being invasive and off-putting, you don't want the reputation (or support load) you'd start to get if this sort of thing went wrong. Even without that factor, the support load required to make this technology work in the 10% case won't be cheap, nor will getting a version of it that's hard to game.
  • I think the main issue with this is that you need a universal system that work across all countries, not just for example the US.

    And I mean I can think of a good reason to support this, being to help tackle issues with botting and multiple accounts, but then we know Steven is not preventing Multi Boxing (i.e. owning multiple accounts) so long as you don't use botting programs to automate anything not sure to what extent he wants to limit it.

    So we can't use ID and unique accounts aren't going to be possible because of the multiboxing.

    We have to hope that with a subscription fee, active GM's. If they can put some effort into innovating in the reporting/monitoring of activity against the ToC's - then it can hopefully minimise the amount of work. I wonder how far they could automate some of this at least to help identify suspect activity i.e. if a character has been online for x amount of time and meets y criteria it gets flagged. Human checks and can confirm if the character is legit. If it's clear it's a real person, whitelist so it doesn't flag again to separate no lifers from bots lol.

    Bots are always getting more sophisticated and I would be interested to see if there is a smarter way to tackle these proactively.
  • SongRuneSongRune Member, Alpha One, Adventurer
    To add to all this, there are some existing discussions of this topic that have more complete discussions about how anti-botting can or should work. They go into identity verification, automated detection, GM presence, user reports, and other related concepts. Here's one.
  • This has a sub fee botting will be way less of a problem and money incentive to ban them if they keep making more accounts.
  • NorkoreNorkore Member
    edited June 2022
    absolutely not. I get where you are coming from, but do you really think a random ass company should store people's sensitive data? what if they get hacked? you could argue the gov already stores the data, but the point is the more places store my data the higher the chance someone gets it (and identity theft is a real and dangerous thing, you might want to look up all the things people can do by impersonating you). Do you really want to trust gaming companies with sensitive data?
    At the end of the day it's just a video game, yes bots are annoying, yes cheaters are annoying, but it's not even nearly in the same tier of annoying as someone using your identity to apply for credit, file taxes, or get medical services.

    On top of the team's efforts in fighting bots and cheaters, the monthly sub and open world PvP should help mitigating the bot problem. I personally don't plan to PK people (unless it's absolutely worth the risk), but I will for sure kill bots who act suspicious. They are literal loot pinatas.

    https://ashesofcreation.wiki/Security_systems
  • kyrigakyriga Member
    I understand your point of view.
    In Italy we basically have a code that reveals only the:
    Name, surname, date of birth and place of birth and it can also be generated through external sites. It is enough to know this data to have this code and I found it brilliant to be able to associate the face with an application like that of the phone to make sure you are the right user and continue with the log-in.
  • NiKrNiKr Member
    I think smth like Nvidia's Shadowplay feature (but built into the game itself) getting triggered once a player hits "report" would streamline the process for GM and would also prevent false reports, like those that plagued NW. And you could then even penalize the false reporters.

    But all the face/identity tracking seems a bit too dystopian for me. I'd hope we can push that kind of stuff away for as long as possible. Especially considering that some places have already implemented that shit.
  • I am all up for anti bot measures thats amazing, but I dont think this game will have a bot problem because players hate bots and bots are easily identifiable.

    Players will kill any bot they see and take their loot, its free money.
    Also because there is no centralized auction house it will be harder for bots to make a profit.

    Open world pvp with the corruption system is the greatest anti bot measure ever created
  • George_BlackGeorge_Black Member, Intrepid Pack
    South korea takes their gaming seriously. I would like that but it's not going to happen in a western made game for legal reasons.
  • VaknarVaknar Moderator, Member, Staff
    While there are a number of reasons that make this option unlikely to happen, we hear your concern.

    We will have robust systems in place to combat cheating, so rest assured that this is a top priority for us!
    community_management.gif
  • Vaknar wrote: »
    While there are a number of reasons that make this option unlikely to happen, we hear your concern.

    We will have robust systems in place to combat cheating, so rest assured that this is a top priority for us!

    Thank you for the confirmation, and thank you guys for your hard work.
  • NoaaniNoaani Member, Intrepid Pack
    South korea takes their gaming seriously. I would like that but it's not going to happen in a western made game for legal reasons.

    It isnt just legal reasons, it is practical reasons as well.

    Korean games set up their system for Korea only. Intrepid would need to set it up for potentially 100 or more different countries.

    When you consider that amount of work involved, and how easy it still is to circumvent (I played Archeage on the Korean server cor a while, despite not being anywhere near Korea), it just isnt a practical idea.

    I can see it being an ok idea for localized servers - where they would only need to work out the details for one country (playing on the Brazil server, paying an appropriate amount for the Brazilian economy, its valid to require one to live in Brazil, as an example), but it is definitely not a catch all solution for all servers in all regions.
  • WomanslogicWomanslogic Member
    edited August 2022
    I believe that we need a two-factor authentication/verification process when users are registering new accounts. We asked devs and administration about that but the process is going very slowly. Well, maybe it is good that is going slow. Who wants to have an unstable tool, right?

    Users of the Adidas forum also asked the administration to turn on two-factor authentication via SMS or google codes. That was asked because a lot of hackers were stealing the data of those users. Hopefully, they did what their audience wanted and created a special adidas sms https://grizzlysms.com/adidas verification tool. However, it was so unstable that sometimes it sent codes and sometimes did not. Even me --> the person who lives in Spain --> had problems with that. Only online tool with a fake number allowed me to finally register an account.

    So, it might be a good idea to wait until the moment when our request will be accepted here in our favorite game.

    Regards,
    Womanslogic
  • GoalidGoalid Member, Alpha One, Adventurer
    Gamers: "Intrepid taking aggressive measures to prevent botting by forcing you to prove you're a real human being? That's a breach of privacy, I won't stand for this! And there's ways around it, so why even try!"

    Also gamers: "OMG, why are there so many bots on launch? There's a botting problem, it's killing the economy and making the game unplayable."
    "Just do anything you can to stop the bots, yes they'll eventually get around it but anything helps!"
    "Well of course I have games with anti-cheats, yes they are kernel level, what's the big deal?"

    There will be bots, it will be the main source of RMT if they've prevented duping, and there's nothing you can do about it right now.

    Everyone can complain all they want about Zuckerberg and Meta, but when VMMORPGs skyrocket in popularity as the technology improves, Meta's attempts to prevent botting by confirming hardware, using facial recognition technology, doing what they can to prove you're a real person, will be the best ways to prevent bots. Because at the end of the day, there are botting companies that make millions in profits from botting. That's who you're up against.
    bRVL6TR.png


  • akabearakabear Member, Braver of Worlds, Kickstarter, Alpha One
    Wouldn`t a sub-based game be less prone to these issues as there is a degree of identity required to pay to play in the first place?
  • People should have to pass a DNA background check to subscribe to AoC and use retinal scans each time they log in. /s
  • daveywaveydaveywavey Member
    edited August 2022
    Ransel wrote: »
    People should have to pass a DNA background check to subscribe to AoC and use retinal scans each time they log in. /s

    Hahaha, can you imagine?! "You'll get the results back in 2-4 weeks..." "But, I want to play now!"
    This link may help you: https://ashesofcreation.wiki/
Sign In or Register to comment.