Advertisement Jump to content
Idov

mobile game player id

Recommended Posts

Hi,
I'm developing a mobile game that allows a "free" login from the device.
I mean that the user does not have to supply a user name and a password in order to login.

I was thinking of generating a GUID which will be sent to my server and I'll be able to associate it with the player whenever he logs in with this GUID.
My concern is that if someone wants to attack my server, he will be able to just send my tons of "login" requests with different GUIDs and create fake users.

Does anybody know how it's normally done?

thanks :)

 

Share this post


Link to post
Share on other sites
Advertisement

Normally you'd associate either an online account (apple id or Google I'd) or an IMEI. The IMEI uniquely identifies the device and can't be changed by the user but then does not allow account portability, using a Google or Apple account id does not lock the account to a device when allows portability.

Which one you use is completely up to you, except only devices that have a sim card usually have an IMEI, not tablets or laptops etc.

Have fun!

Share this post


Link to post
Share on other sites

ok, but how do I know that the string sent to the server is a real IMEI one and not just a random string used to attack my server?

 

Share this post


Link to post
Share on other sites

They do contain a check digit, that is about all you can verify if you don't want to have the user log in. 

The most secure way is to tie the account to the Google or apple id which they are already logged in to anyway.

Share this post


Link to post
Share on other sites

  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

GameDev.net is your game development community. Create an account for your GameDev Portfolio and participate in the largest developer community in the games industry.

Sign me up!