Jul 14, 2022 IN Game Dev Talks
Securing players´ payments in the free-to-play market
Free-to-play games are getting more and more popular by the day. The concept describes a game or an application, which its players can download and enjoy without paying. The belief is that games should not be built to make the player pay to play, but rather to be able to succeed without any or minimal financial investment.
One of the companies developing such games is Pixel Federation. It is a Slovak game development company based in Bratislava, Slovakia. So far, their game portfolio contains over 15 titles (TrainStation2, Seaport, Port City, Puzzle Adventure, etc.), with more than 120 million players worldwide. Currently they focus on the production of mobile games. Pixel Federation focuses not only on bringing joy to players worldwide, but also on improving the environment itself by supporting a number of projects in the field of education and environment.
As a company that develops exclusively free-to-play titles, they handle several hundred thousand transactions from players every month. As their games are free for download and play, players can pay for in-game items to make their experience more enjoyable. However these are not necessary in order for the player to succeed. These transactions are processed through multiple payment providers like Apple, Android, PayPal, Facebook and Braintree. Lots of free-to-play game providers rely exclusively on processing the payments on players’ devices. This can very easily be misused, which can in part be responsible for inflation of game economics.
Pixel Federation has decided to take matter into their own hands and mitigate these problems by developing their own internal payment system. This system provides order validation, payment validation via multiple payment providers and accounting system for accounting purposes.
The complex process at hand is conducted in two main parts: Order Validation and Purchase Validation.
Secure Payment process in a nutshell
As soon as the development of secure payment started, it was clear that the process needed to be split into two main parts.
The first part of the payment process includes order validation of the item a player would like to buy in the game.
The game then creates an order containing information about the price and currency. The order is then sent directly to the game server. The server then subsequently processes it and sends it to the payment system.
Right after the payment system receives the order, the system validates the player´s ability to buy the given item, correct price of the item and corresponding currency. As the order is being validated, the system communicates with the game server to get additional information, after which it checks availability of the item on the game server. When the order validation is successful in the payment system, it sends information about the successful order creation to the game server, which then sends this information to the game itself. The player then may continue to the next step in the payment process.
However, when the developing company detects fraud, invalid order information, expired item or the player is not eligible to buy desired item, the order is canceled and the game server is notified. Afterwards the server sends this information to the player.
The second part of the payment process contains purchase validation.
This process differs a bit depending on whether the payment is made on a mobile device, Facebook or the portal page of the development company. However, we will focus mainly on payments done from mobile devices.
Right after the player´s order is validated, the game allows the player to make the payment. If the player is playing on an Android device, payment is processed via Google Play, on Apple devices, the payment is processed via App Store. However, the payment process is very similar in both cases.
After the corresponding store successfully processes the purchase and the money is charged from the player´s account, the game sends information about the successful payment to the game backend.
If something goes wrong during the purchase, it is not processed and thus not validated through the payment system. Game backend pairs this purchase with an order and sends the purchase information to the payment system. Right after the purchase is received by the payment system, the Google Play Store or Apple App Store is contacted by the company to get purchase information such as store transaction ID , purchase state and other variables for purchase validation.
If an issue, for example an invalid purchase state, is detected, the system sends, information to the backend and the backend forwards this information to the game.
As a result, the purchase does not go through and any funds subtracted from the players account are refunded. But when everything goes smoothly, the purchase is validated and the money is charged from the account of the player. Information about a valid purchase is then sent back to the backend and backend then sends this information to the game.
Game consumes (process of the game informing the store, that the item had been purchased and been given to the player) the order and the player can enjoy their desired items.
The key difference between Mobile games and Facebook or Portal games is that internal platform integration, like Google Play Store or Apple App Store are not used, but rather the payment system redirects the player to the payment gateways.
All payment gateways integrated in Pixel Federation´s games are PCI DSS and GDRP complaint. And they are also strongly enforcing the usage of 3D secure and CVV validation schemes.
Pixel Federation does not store any user sensitive data such as bank account information or private information. The only information being stored is that which is important for the purchase validation and accounting. Pixel Federation is also GDPR compliant.
All communication between the game, the game server, the payment system and the payment providers is sent using HTTPS. And all request between the game server and the payment system are cryptographically signed and this signature is validated during processing on both game server´s side and payment system´s side. That means no one can intercept requests and change data in the payment request.
Security and protection of players and their sensitive data and payment preferences are a number one priority for Pixel Federation. In process described in article Pixel Federation can mitigate almost 100% frauds, Pixel Federation also mitigates payments from cracked Android application because Payment System is company single source of truth for all payments and is almost impossible for attacker to forge payment and successfully proceed through process.
Creating a safe and enjoyable environment for its players has also benefits for players in working game economics and fair environment for everyone.
This blog was written in cooperation with ESET
Programmer and PPS Tech Lead
Proud Pixel since 2014 starting in the internal Tools department as a programmer, later tried the Data Engineer role in the Data department and currently the technical lead at the Payments department. Loves functional programming, solving challenging problems, and contributing to open-source. Non-programming joys in life include building Lego, Hiking, Bike and playing games.