(Not a programmer, just some thoughts and questions, feel free to add anything.)
Open discussion, keep it professional.
I always read that making money from HTML5 based games are hard or impossible, that everything that has to do with a transaction is a "security nightmare", etc.
But It got me thinking, other games use transactions. Websites use transactions. What is different with HTML5 and why is it different? Maybe(!?) making in-game transactions using HTML5 technologies are a bad idea, I really don't know, but, if it is the web, why would it be? I already buy things from Amazon, Kick Starter and many other sites. They all use current web technologies, which HTML5 is/will be.
And then, how about buying things like items and stuff for your user account, like every other online purchase in existence and then calling them from within game?
Like you have this "AwesomeGames" site which you create an "AwesomeAccount" in, like most MMO's. Then this site has its own "AwesomeStore" which you can buy stuff in, for your own "AwesomeAccount" which you use to play the "AwesomeGame" with.
The server running the game would be checking that you are actually you, like all other MMOs, and allow you to use your premium items. Where is the problem?
Isn't this the method Amazon, MMO's and other sites use? And if not, why not use that method with HTML5 games?
In my "logical" sense, whether its right or wrong, the issue seems to have been resolved for many years already. Which brought me here, to ask the pro's!
Good day!
Making money with HTML5 games, thoughts?
There is nothing that makes HTML5 inherently worse than anything else, anything that deals with real money is a security nightmare though, primarily because the consequences of a securityflaw becomes much greater.
My recommendation would be to not write your own system for payment processing, instead you should probably use a third party that has a good reputation and that will take responsibility if anything goes wrong,
My recommendation would be to not write your own system for payment processing, instead you should probably use a third party that has a good reputation and that will take responsibility if anything goes wrong,
I think a large part of the problem is that Javascript is the only language you can use to hit all the browsers supporting HTML5, and it is plain-text and cannot be pre-compiled. Although tools exist to minify and obfuscate your Javascript there are many tools to do the reverse.
I don't think transactions are the big problem, they can occur securely, but actually restricting the benefit. Imagine you download all the HTML, Images, Sounds, Javascript with your browser, re-host them, and removed the Javascript saying if (purchased == true)... Well, now users have no reason to complete a purchase. Of course with an MMO you can validate server-side so other clients won't see you in all your epic gear, and you can't spend your fake gold where you edited variable x, but you get the point.
I don't think transactions are the big problem, they can occur securely, but actually restricting the benefit. Imagine you download all the HTML, Images, Sounds, Javascript with your browser, re-host them, and removed the Javascript saying if (purchased == true)... Well, now users have no reason to complete a purchase. Of course with an MMO you can validate server-side so other clients won't see you in all your epic gear, and you can't spend your fake gold where you edited variable x, but you get the point.
I think GnollAF brings a good point, the open sourceness of HTML5 platform makes all sorts of hacking much easier than other closed-sourced games. Purchasing aside, this could make it easier for people to hack the game as well giving themselves an unfair advantage - not a good thing when you have paying customers!
Of course, it's not like other platforms/languages don't have that problem, it's just that with JS being all open and client-side, it's a bit easier to pull it off than, say, decompiling binaries and messing with assembly.
Of course, it's not like other platforms/languages don't have that problem, it's just that with JS being all open and client-side, it's a bit easier to pull it off than, say, decompiling binaries and messing with assembly.
I think GnollAF brings a good point, the open sourceness of HTML5 platform makes all sorts of hacking much easier than other closed-sourced games. Purchasing aside, this could make it easier for people to hack the game as well giving themselves an unfair advantage - not a good thing when you have paying customers!
Of course, it's not like other platforms/languages don't have that problem, it's just that with JS being all open and client-side, it's a bit easier to pull it off than, say, decompiling binaries and messing with assembly.
It should also be fairly irrelevant, if you design your game correctly it shouldn't matter if the hacker has access to the sourcecode or not.
so what you are saying is that pretty much every single online game in existence has not been designed correctly?
so what you are saying is that pretty much every single online game in existence has not been designed correctly?
Wait what ?
I can't think of a single online game where access to the client sourcecode has an impact on security.
Yes , there are some multiplayer games that you can cheat in by modifying the client (or inspecting/modifying) the datastream but this has very little to do with the security of the game itself and sourcecode access to the client doesn't change anything.
If your game security relies on the client not being modifiable then the hackers will win unless your game is played on a trusted platform.
Simon, you seem to be concentrating on multiplayer games only:
Even World of Warcraft has problems with people finding ways to modify the client. People cheating in PvP by removing walls \ doors from their local maps, making other characters heads much larger so they can be seen from a distance etcetera.
Yes this could be solved if they went ahead and did server-side collision checking, but apparently it's not worth the work and extra processing power required for that very large company. Imagine how much easier it would be to modify if they gave the whole client source to everyone? People already reverse-engineer 'private' servers for many of these pay-to-play games, but it does take months to years before they get released.
I see two issues.
- Modification and re-hosting (especially if they reverse engineer the server too), removing the need for users to spend money on the original game at all.
- Easier hacking & modification, now nothing can be calculated client-side. Your 'perfect solution' is at the level of rendering server-side and pushing through video, and just letting the client send input. (Not a solution that is going to work for Australian players)
You can say it is irrelevant and that the game has been designed incorrectly if something is dependent on client-side calculation, but I think it's just a reality in many games.
Even World of Warcraft has problems with people finding ways to modify the client. People cheating in PvP by removing walls \ doors from their local maps, making other characters heads much larger so they can be seen from a distance etcetera.
Yes this could be solved if they went ahead and did server-side collision checking, but apparently it's not worth the work and extra processing power required for that very large company. Imagine how much easier it would be to modify if they gave the whole client source to everyone? People already reverse-engineer 'private' servers for many of these pay-to-play games, but it does take months to years before they get released.
I see two issues.
- Modification and re-hosting (especially if they reverse engineer the server too), removing the need for users to spend money on the original game at all.
- Easier hacking & modification, now nothing can be calculated client-side. Your 'perfect solution' is at the level of rendering server-side and pushing through video, and just letting the client send input. (Not a solution that is going to work for Australian players)
You can say it is irrelevant and that the game has been designed incorrectly if something is dependent on client-side calculation, but I think it's just a reality in many games.
[quote name='Koobazaur' timestamp='1345951717' post='4973395']
so what you are saying is that pretty much every single online game in existence has not been designed correctly?
Wait what ?
I can't think of a single online game where access to the client sourcecode has an impact on security.
Yes , there are some multiplayer games that you can cheat in by modifying the client (or inspecting/modifying) the datastream but this has very little to do with the security of the game itself and sourcecode access to the client doesn't change anything.
If your game security relies on the client not being modifiable then the hackers will win unless your game is played on a trusted platform.
[/quote]
IT's not just about modifying the binary; seeing the whole source code also gives you a clearer idea how the game functions and, in turn, makes it easier to discover exploits or ways to hack it.
Sure the same is possible without source code, but having the code just makes the job easier.
"Making money from HTML5 games" it's so vague.
Who's paying? The players? Advertisers? The company who pays you to produce a branded version with their products placed in it?
It's such a 1-dimensional way of looking at it, thinking that you must sell the game to the PLAYERS.
To be honest, making money from the players of any kind of game nowadays is nearly impossible. Phone / ipad users expect high quality games for a few cents (maybe USD $2.99 if it's really good), which makes it difficult to break even, because you're almost definitely not going to shift enough units to pay your artists for their work on the title screen alone.
Who's paying? The players? Advertisers? The company who pays you to produce a branded version with their products placed in it?
It's such a 1-dimensional way of looking at it, thinking that you must sell the game to the PLAYERS.
To be honest, making money from the players of any kind of game nowadays is nearly impossible. Phone / ipad users expect high quality games for a few cents (maybe USD $2.99 if it's really good), which makes it difficult to break even, because you're almost definitely not going to shift enough units to pay your artists for their work on the title screen alone.
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement
