koobas.hobune.stream
Keep and secure user data for a multiplayer game.
Hello. I'm trying to figure out the best and most secure way to keep user data (accounts, money, items) for a multiplayer game on mobile. Here some ways i thought:
Remote Database: Seems the safest to me, the only way to change the data (if there are strong security checks before doing anything) is to breach into the database and modify it. On the other way users must registrate first and even if it is about 20 seconds i saw that the majority of the games doesn't have a login/registration screen, so i guess it is not a good idea for the mobile market.
BinaryFormatter: Having a file encrypted on the local storage, maybe on persistentDataPath containing all the user data. I don't know how much safe is it.
BinaryFormatter + Checksum: Here is one way i like, basically when the file is modified trough the game (when the game saves current data) I generate an unique key (SHA256) and save it on a database. On the startup and sometimes at runtime I check if the local file SHA256 value is the same as the one in the database, if it is, nothing was changed, if it is not I throw a data corruption error.
Am I on the right way? Which should best fit a mobile game? Thanks!
Find a way out thanks to palex-nx on the Unity Forum.
Saving a file on local with credentials should do the job while all the data is stored on a database. On startup the user will be automatically logged in or registrated if he hasn't the file on storage.
