Thoughts on making game anti-spoofing/cheating?

I’m making a single player game and I’m using save files to cache powerups and progress.

This leaves me with two questions:

A) Can save files be copied from one phone to another and still work?

B) If yes to A, is there a way to grab a unique identifier for the phone or google account on the phone so that I can make an auth hash?

Why to bother? Everything can be hacked, if somebody wants ruing his/her experience let them do so, esp in singleplayer game.
Instead of securing it focus on aspects that make game fun. I doubt anybody will bother copying savegames over to another phone.

Yes you can get hardware identifier (but i think you need C++ for it) and use it to encrypt savegames.

But if anything goes bad ppl will lose saves, and blame you. Because of that functionality you potentially lose customers, and gain nothing, nobody will buy your game just because it encrypts savegames.

I don’t really want to encrypt save games so much as I do want to include a hash variable that matches something unique to the account/device. Since there will be online purchases I want to make it a little more difficult to have unlimited lives for example.

A cheater here and there doesn’t bother me. Everyone having access to a cheat simply by copying and pasting a save file is another story.

Hi Distul,

You can use FString FPlatformMisc::GetUniqueDeviceId(). On Android this will return a hashed (MD5) version of the MAC address. The device id you see from adb devices is unfortunately not guaranteed to be unique (I’ve seen it hardcoded to single value for a phone model or returns “unknown”). The MAC address may not be available, though, as it requires Wi-Fi.

That will work. They can’t post to the leaderboard of achievements if they aren’t online. Thanks