Mobile Game Anti-Cheat System Development

TRUETECH is engaged in the development, support and maintenance of iOS, Android, PWA mobile applications. We have extensive experience and expertise in publishing mobile applications in popular markets like Google Play, App Store, Amazon, AppGallery and others.
8+Years of work900+Completed projects100+In house employees19+Partners
Development and support of all types of mobile applications:
Information and entertainment mobile applications
News apps, games, reference guides, online catalogs, weather apps, fitness and health apps, travel apps, educational apps, social networks and messengers, quizzes, blogs and podcasts, forums, aggregators
E-commerce mobile applications
Online stores, B2B apps, marketplaces, online exchanges, cashback services, exchanges, dropshipping platforms, loyalty programs, food and goods delivery, payment systems.
Business process management mobile applications
CRM systems, ERP systems, project management, sales team tools, financial management, production management, logistics and delivery management, HR management, data monitoring systems
Electronic services mobile applications
Classified ads platforms, online schools, online cinemas, electronic service platforms, cashback platforms, video hosting, thematic portals, online booking and scheduling platforms, online trading platforms

These are just some of the types of mobile applications we work with, and each of them may have its own specific features and functionality, tailored to the specific needs and goals of the client.

Offered services
Showing 1 of 1 servicesAll 1735 services
Mobile Game Anti-Cheat System Development
Complex
from 1 week to 3 months
FAQ
Our competencies:
Development stages
Latest works
  • image_mobile-applications_feedme_467_0.webp
    Development of a mobile application for FEEDME
    756
  • image_mobile-applications_xoomer_471_0.webp
    Development of a mobile application for XOOMER
    624
  • image_mobile-applications_rhl_428_0.webp
    Development of a mobile application for RHL
    1052
  • image_mobile-applications_zippy_411_0.webp
    Development of a mobile application for ZIPPY
    947
  • image_mobile-applications_affhome_429_0.webp
    Development of a mobile application for Affhome
    862
  • image_mobile-applications_flavors_409_0.webp
    Development of a mobile application for the FLAVORS company
    445
Show more works

Mobile Game Anti-Cheat System Development

Cheating in mobile games is not an abstract threat. GameGuardian on Android modifies memory values in real-time: unlimited gold, unlimited ammunition, zero ability cooldown. Lucky Patcher repackages APK and removes purchase checks. Cheat Engine through USB debugging modifies in-game variables. In PvP games or those monetized through in-game currency, this translates directly to losses — game balance breaks, legitimate players leave, conversion to purchases drops.

Analyzing Attack Vectors

Before implementing protection, understand the attack surface.

Process Memory. Most common: searching for a value in memory and modifying it. GameGuardian and similar tools work exactly this way — they scan process virtual memory, find a value (like 1000 gold), and modify it. Works on rooted devices and through debug interfaces.

Traffic. MITM attack on unprotected API: client sends {damage: 500, gold_earned: 100} — substitute with {damage: 50000, gold_earned: 99999}. If the server trusts client values, a cheater with Burp Suite can break game economy without any root access.

APK Repackaging. Decompilation → logic modification → re-signing. Cheaters remove purchase checks, modify game parameter constants, add auto-clickers.

Emulators and Farm Bots. Automated sessions on emulators (LDPlayer, BlueStacks) for resource farming, rating manipulation, accumulating in-game currency for resale.

Server Authority — the Core Principle

Everything of value is calculated on the server. The client provides only input data (player actions); the server calculates the result. This isn't a "security feature" — it's proper architecture.

Specifically: client shouldn't send {gold_earned: X}. Client sends {session_id, actions: [...], timestamp} — server calculates gold earned based on these actions. Client values are ignored or used only for validation (discrepancy > N% indicates suspicion of cheating).

For weakly-connected games (idle games, offline progression), this requires architectural refactoring — serious but worthwhile effort.

Memory Protection: Encrypting Game Variables

To prevent GameGuardian from finding value 1000 in memory, don't store it as plain int 1000. Wrap with XOR encryption:

public class SecureInt {
    private int encryptedValue;
    private int key;

    public SecureInt(int value) {
        this.key = new Random().nextInt();
        this.encryptedValue = value ^ key;
    }

    public int get() {
        return encryptedValue ^ key;
    }

    public void set(int value) {
        this.key = new Random().nextInt(); // change key on each set
        this.encryptedValue = value ^ key;
    }
}

Memory stores encryptedValue, which changes with each assignment. GameGuardian scans for specific values — doesn't find it. For Unity: ready-made solutions like ObscuredInt from Pixfort Anti-Cheat Toolkit (PACT) do exactly this.

Additionally: maintain a control copy elsewhere in memory with a different XOR key. Compare periodically: if values diverge, external memory modification detected.

Detecting Cheating Tools

GameGuardian. Check for package catch_.me_.if_.you_.can_, service presence via ActivityManager.getRunningServices(), processes via /proc/ filesystem. GameGuardian often requires root — root detection as additional layer.

Debugger Detection. android.os.Debug.isDebuggerConnected() — standard method. TracerPid in /proc/self/status != 0. For native code — ptrace(PTRACE_TRACEME) trick. Debugger enables step-by-step variable modification and logic understanding.

Input Speed. Click farm: intervals between taps too uniform, lacking human input variability. Server statistics: median and standard deviation of time between actions. Abnormal uniformity indicates bot suspicion.

Emulator Detection. BlueStacks, LDPlayer, NoxPlayer — each has artifacts: specific BuildProp values (ro.product.model, ro.hardware), specific filesystem paths, GPU characteristics (via OpenGL renderer string). Build.FINGERPRINT in emulators contains generic or unknown.

Server-Side Validation

Server collects telemetry: action timestamps, event sequences, economic transactions. Anomalies: damage exceeding maximum possible, resources accumulated faster than game pace allows, map teleportation (position changed impossibly).

Simple rules: if damage_dealt per session > max_damage_per_second * session_duration * 1.1 — flag. More complex: ML model based on normal player session history detecting anomalous patterns.

Response: Ban vs Shadow Ban

Immediate ban is visible — cheater creates new account. Shadow ban: cheater continues playing but sees only other cheaters or receives subtly degraded experience. Doesn't know they're banned. More effective for maintaining clean environment for legitimate players.

Technically: flag is_suspected_cheater on account, special matchmaking pool, slowed resource drops. Full ban after accumulating sufficient evidence.

Stack and Integration

Unity: PACT (Pixfort Anti-Cheat Toolkit), GameShield. Native Android/Kotlin — custom implementation with native code via NDK for critical checks. Server side (Node.js, Go, Python) — rule system + event queue (Kafka or RabbitMQ) for analyzing action stream.

For small games, basic protection suffices: root/jailbreak detection + variable encryption + server authority for economy. For competitive games with real monetization — complete system with ML detection and shadow ban. Timeline: 1–2 weeks (basic protection) to 2–3 months (complete system with server analytics). Cost calculated after game architecture and monetization model analysis.