The Science of Defrauding MMOs

Illustration for article titled The Science of Defrauding MMOs

I find security issues facing games pretty interesting; PlayNoEvil is one of my favorite spots for discussion about security related issues. Gamasutra sat down with Gene Hoffman, CEO of Vindicia, a billing and fraud management company, about the issues facing MMOs and ways to mitigate those issues. Of particular concern are the RMT resale markets (if it exists), and chargebacks. And what of the mingling of real and virtual economies? Hoffman has this to say:

These are real economies. In fact, they get much closer to the raw creation of economic growth than many national economies as these "virtual" economies prove quite convincingly that wealth isn't capital or labor but instead knowledge and creativity. Building a working infrastructure to support capital inflows and outflows in a trustworthy manner is very much a core problem we want to address. In many ways we're facing the merging of intellectual property and "cash" into one entangled entity. When someone steals a virtual thing they've stolen real value. Cash was created in many ways because barter was hard, and cash creates prices. However if prices are now known in some exchange rate, the virtual good that was stolen is a bill denominated in the exchange value of that good in the first place.

Advertisement

With credit card fraud, stolen card numbers, chargebacks, and other security breeches an increasing problem, we'll no doubt see more and more focus on what can be done to prevent fraud in its many forms (though Steve at PlayNoEvil seems to harbor doubts that companies really pay enough attention to security and fraud issues, especially when it comes to implementing successful and cost-effective solutions that don't cripple usability for the consumer). Vindicia's Hoffman On The Science Of MMO Fraud [Gamasutra]

Share This Story

Get our newsletter

DISCUSSION

sixtail
Foxstar loves Bashcraft

Well people using stolen cards and whatnot to pay for fees on MMO's is easier to track then it seems, provided the MMO developer puts in the proper tracking tools. I know FFXI can track what credit cards were used on a account and others can to. A simple verify program where you have to call up your bank or go to it and verify that you are such and such and yes, you are going to be playing (gamename) would handle the bulk of charges that way. Using stolen cards to pay for RMTed money is a whole other bucket of fish and more of a issue for the goldfarmers and their various 'front' store sides as when they get defrauded, no one will give a shit.

Stolen characters in MMO's are a 50-50 thing. On the users end, it's important to have a proper browser with the proper script and ad blockers, a up to date anti virus and just the basic human smarts to not be all over the net downloading shit that you shouldn't be and keep your eyes peeled if the MMO site your visiting makes your script blocker scream a red alert.

On the provider's end, taking the time to build a good back end system so stolen characters can be locked and unusable right away, not based on a 9-5 call center model and changing passwords and credit cards numbers linked with the passwords to be a harder task then it normally is. The factor is here money and time. As goldfarmers get more skilled in stealing accounts, current and future MMO providers will have to staff more people and hammer out more measures to deal with it, all of which costs money and if you add up monthly costs to staff a 24 call center for locking and returning characters along with a anti RMT task force for banning and unleashing various ligation against them, you start to see a dent in those profits, which most of them will never even think of doing, usually till their profits slide enough from loss of players and by then, it's too late.

Right now it's not easy, if even 40% of people understood the dangers of surfing the net with a browser with nothing to deal with all of the crap that's floating in frames and failing to have up to date versions of Flash, RealPlayer and the ilk, it would hit RMT's account stealing hard. And by the time enough folks catch on to this, RMT's will evolve and find a new way to steal accounts, all leading to the point where carefully english trained people are creating guilds to draw people in, then using the typical guild homepage and forums to harvest the accounts of dozens if not more people at a time, then vanishing.