Multiplayer trusting

Hello Community,

I started to develop a multiplayer third person shooter. I am currently planning some things out. So I have one question.
I dont know if I should use sessions (hosted by the users) or dedicated servers. Speed or anything else is not a problem.
My only problem is that I am not sure how to trust the user session, when it comes to updating stats for my backend server (using PlayFab).

Thanks for your answers!

Personally, I’d solve it by using Steam, or any other subsystem that can guarantee the integrity of your files, though I’m not sure this is the best approach, its by far the simplest.

Hmm, that might be a solution, but isn’t the user who created the session still be able to post fake stats to my backend server?

Encrypt them using a session, that is, when the server connects to your PHP script create a session hash and feed it to the server. All access requests will have to feed the hash. Fact is, the user can still intercept it. You can try to use an algorithm to generate access keys and double check them.

Also,make sure to check the basics, e.g. a player killed 16 players in 2seconds? Either he is hacking or the server is feeding wrong stats to you. Btw CoD games always have feeding problems in their servers lol

To be honest I wish steam would allow games to have their own dedicated DB and handle access through the online subsystem as well, but that would be risky and give them a lot of headaches…