Is it possible to create a serial number to protect game sales?

Hi all,
is it possible in C++ and Unreal Engine 4 to protect a game with a serial number?
I might need it to sell my indie games made with UE4 and avoiding piracy.
Thank you :slight_smile:

Short answer: yes.
Long answer: It will get broken in less than a day of it being out and you’ll just make it more annoying for people who legitimately purchase the game. Companies have spent millions trying to develop secure systems and all of them have been broken. Your best bet is to just make a good experience. The only thing you can really protect via serial is the online experience.

You have three basic parties: (Prepare for gross oversimplification!)

  • The sender: Yourself. You are giving the player the game, and you want to make sure to only allow paid players to access the game.
  • The receiver: The player. They want to play the game, and so have to be able to unlock the content you give them.
  • The hacker: Also the player. They want to unlock the game so they can play it for free.

In a single player or lan game, you’re giving players the game, in a locked state, and the key, in order to get in. If your users have to struggle to get the key, you lose business. If it’s trivial to get the key without paying, you lose business. But both legitimate players and hackers get the same package. The only way you can inconvenience hackers is to inconvenience players, and don’t forget once the hackers bypass your security, they stop being inconvenienced. Meaning the pirates get a better experience playing your game than the legitimate customers.

If your game (ACTUALLY) requires online connectivity to be valuable, such as EVE or WoW, then you’ve got a headstart. But there are even hacked WoW servers that don’t require authentication. So that’s not even entirely a solution, just a significant roadblock.

If you can solve this problem you’ll make billions selling it to every software house on the planet.

Note I’m using the universally understood term “hacker” rather than one of the more correct terms. I find it easier when discussing security topics with people without a significant background in security.