Developer's Diary: Anticheat

With the 1.0 release we decided to slightly change our approach on how we communicate our efforts taken towards combating the cheater situation in Escape from Tarkov as well as the way we report the amount of users banned.

What will change? We will step away from posting the lists of the cheaters banned and instead will try answering most hot topics surrounding cheater combating as well as provide more in depth statistics regarding the amount of bans issued within a certain time frame.

• Ban waves are not frequent: Since we started posting the lists of the users banned there was an ongoing myth that those users are only getting banned prior to the list being posted. This also was the case where a lot of users claimed that there had been no ban waves issued for a certain amount of time. For both claims we can certainly say it’s not true as bans are happening on a daily basis and the best you can do is to report a cheater through the in-game system. 

• Security of your account is as important: We are pretty sure you faced a blatant cheater with the achievements, a big number of hours played and questioned yourself how the cheater got so far without getting banned? While some are pretty good at avoiding being detected, the majority of the cases where such accounts are getting banned are compromised accounts. Sadly in the current world we still have to remind ourselves and our players the importance of enabling 2FA verification as well as making sure the password does not match your birth date. Yes with the release of the game in November we have seen the rise of the accounts being compromised and as a result getting banned. As a reminder we also would like to point out that the only way to claim any in-game promocode is through the official website or BSG launcher.

• I got falsely banned and ignored: While rare occurrence of false bans is possible with any type of anti-cheat, the likelihood of that stuff happening has gone down within the last year as we took proactive measures to ensure the fairness of our detection system. We have seen more scenarios where accounts banned have used a spoofer, shared an account with an active cheater without knowing (which is clearly against ToS by itself), they used cheating software for another game or installed malware which emulates cheating behavior. And while similar to the point above we try to secure accounts compromised as fast as we can. Sometimes we are just not fast enough to figure out whether the cheater is a true owner of the account or a borrower.

• BSG does nothing to sue the developers: You probably have seen the majority of discord servers and websites freely advertising cheating software for any type of the game. And while we are more than happy to take legal action against a cheater where it's possible, sometimes the happy outcome of the legal case can take a lot of time and will not justify the efforts. Right now our bigger priority is to make sure we take down ads across multiple platforms as well as videos demonstrating cheating software. Reporting it on users end also speeds up the process of taking down those resources.

• 3rd party solutions: There are a lot of companies entering the market claiming they are the solution to take down all the cheaters possible and create an even-level field in a competitive environment. Often those companies have aggressive marketing campaigns involving target content-creators. And while a cheater-free environment is great utopia, we are against our players sharing their personal data with any company as not only that creates very serious scenarios it also will not help the situation as soon as you can backdoor it by providing temporary email and fake ID.

• TPM 2.0 and Secure boot: You probably have seen a lot of gaming companies recently upping their requirements to launch the game only with both TPM 2.0 and Secure boot enabled. And while this faced a lot of backlash as not all computers support those requirements this is a needed measure in the current world to not fully prevent cheaters from entering the game but make some of the software conduct code re-writing and features cut.

• Potential implementation of VBS/IOMMU/HVCI to ensure competitive fairness: With an active rise of DMA-software and tools as a developer you eventually have to go further than that and look for other options available. While a lot of that information will make zero sense to majority of the player base it still is important for us a developers to further research it. Virtual Based Security (VBS) and Hypervisor-Protected Code Integrity (HVCI) are Windows security features that allow Windows to further secure the kernel from any type of exploitation which DMA essentially is. Input-Output Memory Management Unit (IOMMU) is also a technology that secures memory to prevent any 3rd party devices from infiltrating and manipulating. Microsoft has been developing these features to secure their operating system, and if they continue down this road, kernel level anti-cheats will no longer be necessary to secure your games.

• Introduction of various new detection and proactive automatic system: With the release of the game we have seen a spike in total # of bans issued and this is one of the biggest factors for us to look into what can be done next. And while you can never be satisfied with time to action taken, our preventive actions taken have helped us a lot in the first few weeks of the release. Fighting cheaters is still cat&mouse game and with time becomes even more complex but we are still keeping up with our commitment to have new detection systems implemented soon as well as reducing the amount of raids cheaters can play before getting banned.

• Better compensation for dying to a cheater: This is a hot topic since the release of the compensation. And while we understand that people would like to have their gear back instead of any type of money compensation like it is implemented in other games with the current system it sadly is not possible. We will steadily increase money compensation yet still ensuring people are not reporting every single person they meet and prevent the abuse of the in-game report system.

Anti-cheat is always an ongoing effort as with the development of the gaming industry more companies enter the market with a clear goal to make money from cheating. Our team will continue focusing on improvement of the system as well as validation of the accounts that breached ToS.

We are committed to improve the detection rate of our internal systems as well as continue working together with BattlEye to make sure the gameplay provided is not impacted by cheaters.