- Home /
Protecting Unity APK (why is unity apk so easily hacked, just unzip it, its hacked :O)
How can we protect our unity apk
using IL2CPP? how to protect my scripts and assets. Ok assets are a curveball. You cant protect them 100%. I get it. But scripts? how do we protect our scripts. Obfuscation? any tools? recommendations please?
To what level can we secure our apks?
level1: impatient players trying to get rewards.
level2 : lazy, unethical, corrupt developers who feed on success of other indie game and hackers-by-hobby
level3: casual hackers
level4: hackers who put out hack on internet and that is their source on income.
level5: professional hackers
Kindly respond.
Answer by Bunny83 · Jun 14, 2019 at 08:53 AM
You seem to have not much experience in development, am I right? There is no way to protect code or assets to 100% if you ship it to the user. If it executes on the user's machine it can be reverse engineered. Many people praise IL2CPP as some sort of protection though it's not really. Yes it adds a layer of obfuscation which makes it harder to decompile and to make sense of the code. However in the end the code has to run on a cpu core. If it can run, it can be decompiled / disassembled.
Your "levels" just don't make much sense and are of completely different categories. Cheaters are not hackers. 99% of casual users do not have the knowledge to manipulate the game. So your first category doesn't really exist. Your second category seems to target a completely different issue that someone actually steals your content (code / assets). Every category that follows just are not seperate categories at all.
Asking for recommendations is out of the scope of UnityAnswers as this would lead to an never ending stream of opinion and discussion which do not belong here.
In general if you find a common "general solution" to prevent cheating, it's actually easier for cheaters to break it since it's a known technique and more likely that there's already a general crack / cheat out there. For example many use something like the SafeFloat struct as mentioned here. If it's known that this is used it's just a little bit more work to manipulate the memory of your game. Since every SafeFloat has the same structure it becomes a common / known technique. Yes, it helps a little bit but as I said, there more people use this technique the more likely there's already a solution against it.
The only real solution to protect your code is to not ship it at all and run it on a server of yours. However that's impractical for most games (unnecessary internet requirement, latency, additional cost for traffic and hosting). Also designing secure / tampering proof API is quite challenging.
@Bunny83 WELL youre right. I dont have much experience. Started some time ago, in increments. Now i am at the last stage. Learning about protecting your content. Can we talk about level 2? How do i protect the apk from theft? Could you please be so kind to guide me? Like how does it happen? how can we prevent it? Prevent it Completely?
The main things in my game are Playfab backend for storing data. In-app purchases, ad mediation.
Your answer
![](https://koobas.hobune.stream/wayback/20220612203159im_/https://answers.unity.com/themes/thub/images/avi.jpg)
Follow this Question
Related Questions
Protecting your unity generated APK 0 Answers
Application not installed. Upgrade Unity3d and apk update trouble 0 Answers
Game won't start after building as an Android App Bundle instead of APK 0 Answers
Android APK Build Failing "Execution failed for task ':launcher:checkReleaseDuplicateClasses'." 5 Answers