- Home /
Is Playerprefs secure?
I want to store some sensitive data using playerprefs which is not supposed to be edited by player.
I have a feeling they just stores in plain text somewhere.
Is Playerprefs secure on iPhone? Is Playerprefs secure on jailbreaked iPhone?
If not secure, what is the way of doing it?
Update: I have been thinking, it should be secure on iPhone that is not jailbreaked cos player can't access to file system. On a jailbraked iPhone, it is not secured.
Since an unbroken iPhone can be later broken, this is like saying a pile of gold is safe inside an unbroken glass jar sitting on your front porch, but not safe inside a broken jar, because people can just reach out and grab it.
PlayerPrefs is utterly and totally 100% insecure.
It cannot be used for any real-world projects.
"Pref hackerz" are completely common. For any popular game, just google for videos showing you how to trivially adjust the score, etc, of your iPad game. A preference file is nothing more than "a text file" .... it is completely trivial to "hack" it. (If the word hacking can even be used here!)
So you have to encrypt your preferences.
Annoyingly (amazingly) there is no common library or code kicking around to do this.
Happily, I've just noticed a package in the asset store where someone bothered to do this and make it a package in the Asset Store ....
http://forum.unity3d.com/threads/157606-Secured-PlayerPrefs-Release
Otherwise you will have to write your own or wait until someone smart puts up an open source one, or other Asset Store products.
It's a really strange issue because un-encrypted preferences are a non-starter. 100. of real money-making games published with Unity will need encrypted prefs.
So it's weird that there isn't like dozens of paid solutions for this, open source packages everywhere, etc etc !!!
BTW @Eric5 .. note that the young man appeared to incorporate your essential "ArrayPrefs2" in to his package, heh! (note Baroni's comment on that forum page)
Answer by samljer · Mar 13, 2015 at 07:58 PM
Heres a solution that hasnt been put here, I wasnt going to post because old thread is old.... BUT people are still active on it, so here goes.
Just because playerprefs is insecure, doesnt mean you cant securely use it as it.
Remember unity is a C# machine, so go on the web and find C# code to encrypt data strings to text string turning say
username$myusername
into hJsl3zzS$nfhhass
then you can use playerprefs to store that!
encrypted information in a text file is just as secure as text in an encrypted file. and you can hide any keys etc into the code of the program/game your making. in fact with a bit of enginuity the first half of a key can be the IOS or android user account name, making it that much harder to figure out.
Further more, you could, if you so wish, use C# to then open the text file and you can ZIP it up, with a password, thats also hidden in your account. theres C# code for this freely available too. just remember zipping and unzipping a compressed keyed file every time you access something in it adds overhead to older devices you may not wish.
all of this is no harder then making a wrapper of your own to the playerprefs wrapper in unity.
Answer by Eric5h5 · Aug 15, 2011 at 02:00 AM
PlayerPrefs is a wrapper for NSUserDefaults, so it's no more secure than that.
Dear Eric, can you be more specified as I am quite new to unity3D. Also, could you help to take a look at my other question? $$anonymous$$aybe you are the one who could save me:http://answers.unity3d.com/questions/155575/why-no-sound-on-android.html
NSUserDefaults isn't a Unity thing, it's a iOS thing; they're .plist files. I don't have Unity Android.
So is it secure or not? On a normal iPhone and on a jailbreaked iPhone.
O$$anonymous$$. Then Encryption is needed. I found a encryption script written by other in C#. $$anonymous$$y codes are in UnityScript, can I just call and use C# function in UnityScript?
Answer by Waz · Aug 15, 2011 at 01:37 PM
All you can do is obscure the data and minimise the impact of someone breaking it. For example, don't store a user's password to your service, just store the MD5 of it (with salt), both on the device and on your service. That way, if their password is "I-use-this-password-everywhere", then someone who hacks the device (or your hosting service) only gets access to your service, not the user's other sites where they foolishly use the same password.
If it's something like how many credits they've got, make sure that if they fake it, all they can get from you is 1000 in-game hats and a bad conscience, not 1000 real-world hats. (storing it on the server doesn't make it unhackable, since they can fake the traffic from your app).
Answer by Statement · Aug 15, 2011 at 01:46 PM
I want to store some sensitive data using playerprefs which is not supposed to be edited by player.
It's (to my knowledge) impossible to make it 100% uneditable if the process of encryption happens on the device. What you can do to make it harder is to use a public decryption key (encrypting it with a private key you immediately throw away) that you store along side the data. The down side is that if the code that is encrypting is available on the device, it can be reverse engineered to make an encryption. At least it becomes a lot harder to crack open. This would prevent people from simply editing a file since the data has to be encrypted first. If they don't know how to encrypt the data properly they can't modify the contents.
A work around to this would be having an encryption server online, where your application send a request to encrypt a piece of information. It would generate the encrypted information and a decryption key that is sent back to the application. This way you need your server to deduce what are valid values and what are not. Obviously this has its disadvantages as well. The question is HOW sensitive your data is and what measures you're willing to put into protecting it.
Actually, this would be easily broken if a man in the middle accepts your server request and encrypts whatever value they want, sending back the public key. $$anonymous$$aybe you should just have a fixed public decryption key and keep the encryption key private on the server in that case.
Don't even bother with a $$anonymous$$IT$$anonymous$$, just Telnet to the server and act like the client. ($$anonymous$$IT$$anonymous$$ only applies when the evildoer is not one of the parties in the exchange, doesn't apply when user is the evildoer).
Right, if you're talking about theoretical ultimate security - online doesn't help at all.
Because - whatever token, password or whatever you have on the client, so as to access the server: we programmers just have to obscure that anyway. There's no other solution.
If someone figures THAT token ........ you're done for! Exactly the same as if someone figured just the "immediate" key for the encryption.
The security scheme used by the "Secured PlayerPrefs" guy (key {which you would obscure] + device id + salt) is as good as you can hope, unfortunately
Simply look at bitcoin .. there is "no local security" it's logically impossible.
Note that the ONLY way you can actually secure - say - something as commonplace as an inapp purchase ... is actually using a stateful server!! Sure you can "verify the receipt" but the server must be stateful and only ever once allow any given receipt number. Otherwise you can verify it until the cows come home but a hacker kid will - very simply - run the same one again. There is absolutely no way to locally ensure statefulness on a client (unless you're talking quantum or some science BS) you can only do it on a server, and fundamentally that is ONLY guaranteed by the physical security of the server. It's deep really!