The Anti-Cheat Interfaces require using SDK 1.12 or higher. The Anti-Cheat Client interfaces supports Windows, Mac, and Linux platforms, and requires a 64-bit operating system installation.
You can use the Anti-Cheat interfaces (also known as Easy Anti-Cheat) to help reduce cheating in online multiplayer play. They provide tools to start your game client in an anti-cheat protected mode which can be validated by a game server or another game client. These interfaces are not digital rights management (DRM) or code obfuscation tools and are not useful for purely offline play.
The anti-cheat interfaces provide two kinds of protection:
Cheat prevention to passively prevent common cheating techniques such as reading and writing the game process memory using straightforward methods.
Cheat detection to identify accounts using more specialized methods to manipulate the game so that you can then apply sanctions to them.
To use the Anti-Cheat interface(s), you must:
Review and adhere to the Development Prerequisites.
(Windows Only) Configure the Windows Service Installer.
Integrate the Anti-Cheat interfaces with your game code:
Confirm the Anti-Cheat interfaces are working properly by going through the Integration Checklist.
For the anti-cheat services to be effective, they must go on top of a solid game foundation that follows security best practices and actively addresses game issues as they arise.
We highly recommend using dedicated game servers with authority over as much of the game state as possible.
For example, cheats allowing players to fly, teleport, or move extremely fast can usually be completely prevented at the game architecture level by giving game servers authority over player positions and movement.
Game logic errors, bugs, or edge cases are often discovered and exploited by players. However, anti-cheat understands the game code to be working as written and cannot solve these issues. As the game developer, you must fix these problems as you continue to develop and new exploits are discovered.
Game Level Anti-Cheat
Your own development team can prevent and detect cheating at the game level using their knowledge of game-specific details. Games targeted by cheat sellers see major benefit from having a small development team to address game issues, complementing the anti-cheat service.
It is critical to implement the Reports Interface to allow players to submit reports when they believe another player in the same game session is cheating. This provides valuable context and feedback on the effectiveness of the anti-cheat protection in each game.
Player Progression Management
The anti-cheat service cannot effectively protect offline or solo play scenarios where progress is later synced to the game's servers.
Game Network Architecture
The Anti-Cheat interfaces support different modes for a variety of game network architectures. While the Anti-Cheat Client interface supports each of these game networks, the Anti-Cheat Server interface works specifically for dedicated servers (client-server mode).
Dedicated Server (Client-Server Mode)
Use this mode with an authoritative game server, and implement both the Anti-Cheat Client and Server interfaces.
The operator of an individual game server can intentionally disable or disconnect the anti-cheat within their server by manipulating network connections or through other methods. This is an accepted risk for games that support community operated servers. To mitigate this risk, the user interface may differentiate between "official" and "unofficial" game servers.
You must match your client protected sessions with game server calls so that the client calls
EOS_AntiCheatClient_BeginSession just before joining a game and triggering the game server to call
Peer-to-Peer Mesh (Peer-to-Peer Mode)
Use this mode with a full-mesh layout where each game client exchanges network messages with every other game client, but none of them has full authority over the game session.
In this mode, the Anti-Cheat Server interface is not used. Instead, each player uses the Anti-Cheat Client interface to verify that the others have anti-cheat protection active.
EOS_AntiCheatClient_RegisterPeer function for each peer that participates in the same game session as the local user.
When a single player acts as an authoritative game host for a game session, you must use either Peer-to-Peer or Client-Server mode.
With Peer-to-Peer Mode:
The authoritative game host client should validate every player in the game session by registering each one as a peer and exchanging data as appropriate.
If a removal action required callback is triggered for a peer, the authoritative game host should kick that player from the game session.
Non-authoritative game clients should validate the game host client only by registering that specific client as a peer and exchanging data as appropriate.
If a removal action required callback is triggered for the game host, the non-authoritative client should disconnect and display an appropriate error message.
With Client-Server Mode:
A simpler approach, but the authoritative game host client has a more privileged role with potential for abuse.
Implementation is the same as for dedicated servers, except that the logged-in local player must be specified in the call to
Client Credentials and Policy Configuration
For the Anti-Cheat Client interface, you should use the predefined GameClient policy type. The User Required flag should always be enabled for game clients.
For the Anti-Cheat Server interface and a game using only trusted official servers, you should use the predefined TrustedServer policy type and keep the credential secret.
It may be necessary to use a different predefined policy type or custom policy, but this should be carefully considered.
The following policy actions are available:
authenticateForLocalUser Required Allows the client credential holder to authenticate itself with the anti-cheat backend using either the Client-Server or Peer-to-Peer anti-cheat client modes
authenticateForAnyUser Only use this policy action when the client hosts a listen server using the Client-Server mode. Allows the client credential holder to authenticate other users using the Anti-Cheat Server Interface
sendTrustedGamePlayDataForAnyUser Only use this policy action for a trusted, official dedicated server. Never use or publish for a game client or community hosted game server. Allows the client credential holder to submit anti-cheat gameplay data for any user, and should only be used with trusted official dedicated servers that you are confident cannot be tampered with.
Using the Anti-Cheat interfaces requires distributing some binaries to game clients, included in the EOS SDK package. In the EOS SDK zip file, browse to SDK > Tools > EOS_AntiCheatTools. Files in the dist subdirectory should only be distributed to players as part of the game client. The other files are for development use only, and should not be distributed.
The Anti-Cheat Client only supports 64-bit Windows versions. 32-bit games are supported as long as the operating system itself has been installed with 64-bit support.
(Required) Used to install, repair, or uninstall the Anti-Cheat Windows service
Prepares the anti-cheat and starts the game process with normal anti-cheat client protection available
A Windows service executable that allows the anti-cheat to initialize its other components
Windows 'dist' Subdirectory Structure
<GameRoot>\start_protected_game.exe <GameRoot>\EasyAntiCheat\EasyAntiCheat_EOS_Setup.exe <GameRoot>\EasyAntiCheat\Settings.json <GameRoot>\EasyAntiCheat\SplashScreen.png <GameRoot>\EasyAntiCheat\Localization
Windows Service Installer
For Windows, you must configure an anti-cheat system service to install and uninstall with your game. This requires the Windows user to have admin rights while installing the game, but does not require admin rights to start the game later. When an anti-cheat protected game starts, the anti-cheat bootstrapper automatically starts the Windows service. When the game exits, the Windows service automatically stops.
Obtain your ProductId from your Developer Portal.
Configure your installer to run the following commands:
EasyAntiCheat_EOS_Setup.exe install <Your ProductId>
EasyAntiCheat_EOS_Setup.exe uninstall <Your ProductId>
If successful, the process exit code of this command is 0. A non-zero process exit code indicates failure.
Epic Games Store
Refer to the Epic Games Store documentation provided to you.
Refer to the Steamworks Installscript documentation. Typically, you define a "Run Process" block to trigger the service install operation and a "Run Process On Uninstall" block to trigger the service uninstall operation.
Steam Installscript functionality may not be available on platforms other than Windows.
Linux Wine / Proton Support
It is possible to run many Windows games on Linux using the Wine or Proton compatibility layers and the anti-cheat client protection can support this configuration. To enable support for your game, you must be using SDK version 1.14 or greater and activate a client module for the Linux platform.
Players running the game using Wine or Proton will use the Linux client module, so you should test and activate client module updates for Linux regularly in addition to Windows.
Console platforms generally rely on hardware security features to prevent arbitrary code execution, which is a prerequisite for most types of cheats. Because these platform-specific security features cover most needs, anti-cheat client protection is not offered for consoles.
To support cross-platform play between PC and console users, you must determine whether a player is using a platform that does not require client protection when they join a protected game session. This check must not rely on the player's game client being untampered. Having the game client send a message indicating the platform it is using is not enough since a malicious user could manipulate the value to avoid anti-cheat enforcement.
Platforms vary, but you can do a robust check with a platform ticket or token that the game client generates and the game server or backend independently verifies. When these checks validate a user is on a console platform that does not require anti-cheat client protection, the client can be registered with anti-cheat using the
EOS_ACCCT_UnprotectedClient flag to exempt the client from anti-cheat client checks. This allows them to still be referenced in server-side anti-cheat gameplay data collection.