Wiskirchen: Interesting. We have a couple of audience polling questions, and now is a good time to go to the first one. Do you think gaming companies are more likely concerned with PC or mobile fraud? Go into your iPads to answer that question. While the audience is answering that question, I think I’ll ask you that same question, Dean. What type of gaming fraud do you think gaming companies are most concerned with — mobile or PC fraud?
Takahashi: I think we’ve seen headlines on both sides. Most recently, I did an interview with one of the anti-fraud experts at Adjust, the mobile ad measurement company. And they had so many concerns about it that they formed a coalition against mobile ad fraud. A consortium of companies is getting together to deal with the what they glean as the what they blame as the multi-billion dollar problem. Mobile gaming is a $70 billion mobile game business. It’s pretty significant.
Wiskirchen: So, it looks like the audience — 74 percent believes that game companies are more concerned with mobile over PCs; 26 percent for PCs. So, interesting results. Scott, let’s ask you a question here — how much are game companies concerned with authenticating the user than protecting individual accounts from your experience?
Adams: What I’d like to see is a whole lot more concern with it. Really, those gaming companies aren’t as concerned as I think they ought to be with authentication. But the problem is how do you authenticate someone if they’re underaged? It’s not hard authenticating an adult. Technically, we have IDs. We have bank accounts. We have credit cards. But, our data is out there, and when you talk about kids, the problem is if you want to take a stance and hard on authentication, that’s great, but how do you identify kids? Most of the time, I’d say half the time, I’m not dealing with the cardholder, I’m dealing with the player. And if the player is not the cardholder, it’s harder to get through authentication. Is email really gonna get it? I think it’s really difficult. And the direct answer is that the game companies aren’t nearly as concerned with it, partially because they can’t.
Wiskirchen: What about you Dean, what are your views on that? Are gaming companies concerned enough with authenticating the user and protecting individual accounts from your perspective? Or, do you hear a lot about that?
Takahashi: I just remember the Sony PlayStation Network hack. They lost how many accounts? They lost tens of millions of accounts. I think Facebook, also a big game company, got 30-50 million accounts hacked? I think it’s still a huge problem, and I don’t know whether or not they’re doing enough about it or not. It seems like a cat-and-mouse game that keeps on escalating, and you fix one thing, and people attack another. But I have not seen stats on this subject that would clarify that.
Wiskirchen: Nina, how’s Linden Labs handling [authentication]?
Diatchenko: I think with that, we have multiple layers that we approach fraud. We try to recognize it on all the levels. By the time it comes to my desk, it gets picked up, and it’s my job to take a deeper dive and look into what’s going on. How far does this one particular incident go? It really depends on how much damage they’re doing. Like, the way you’re going to react to it depends on how bad is the instigator. Like, is it someone brute forcing, or is it account sharing? One of the things I deal with is cleaning up the messes for people sharing accounts. And that’s not necessarily a hacker. That’s like two people fighting over an account that they both put time and effort and money into together, so who’s the owner of that account when it’s shared? It’s not something that you can predict.
Adams: Right. Culturally too — here, it’s not prevalent to share accounts. In Latin America, Eastern bloc countries, it’s completely normal. So, they don’t say it’s fraud.
Takahashi: Yeah, I remember in Game of War, the largest factions in that game that spent the most money were the whales — 2 percent of the users account for a huge percent of the revenues coming in. The top plans in that game — they shared accounts across the globe so that they could keep the account defending against attacks 24 hours a day, seven days a week. And they could not have handled the demands that kind of play without having a whole team sharing that single account. I think their number one guy was in Dubai, and he was like financing a bunch of other players through his one account, so that was interesting.
Wiskirchen: Dean, are there emerging areas of gaming that you think are going to be particularly vulnerable targets in the near future, from what you’re seeing and hearing?
Takahashi: Well, I think the launch of Fortnite is very instructive. It’s 125 million users that’s become a cultural phenomenon. Football players are doing the Fortnite dance when they get a touchdown, and they recently launched on Android.
They got like 15 million players right off the bat, but they did so in a way that reflected the values of the CEO, Tim Sweeney — who’s a big believer in open source, open systems. And he felt like the app stores weren’t doing their job earning the 30 percent take that they take from in-app purchases. So, they launched on Android without going through the Google Play store. They did a side-loading of the game through the Epic Games site — and they’re big enough to do that.
But then, they introduced the challenge of security problems. A bunch of fake Fortnite games surfaced, and they tried to take advantage of this. They said, “Oh no, you can sideload through us instead of Epic Games.” They were just side-loading viruses. Epic, no surprise — they’ve made a billion dollars out of this. One of the first acquisitions out of this they did was Kamu, a security and anti-cheat, anti-fraud company. Scott, I think knows a lot about that.
Wiskirchen: Scott, you consult with the biggest of the big when it comes to games. How about you?
Adams: Not really, I think it’s going to be the same that we’ve been seeing for quite a while. We’ve already talked about account security, and I think that’s going to become more and more important, especially as we have more cross-console games coming out, which is what Epic’s doing, and that’s what other game companies are trying to do.
We just have to as an industry work together and remember that we’re not competitors, right. We’re not competitors. Epic and Riot aren’t competitors. Even if you’ve got a game or if you’re not a game company, if you have competing products, fraud people are not competitors. We can share a friendship. I’m not going to tell a competitor in the game what the next game is or what the next item or whatever it’s gonna be, but I can say, “Hey, I just saw this happening in fraud.” I don’t think there’s going to be a lot of “new” that’s to come, but I do think we can combat it a lot better if we can find a way to work together.