Unite 2016 - Best Practices in Persisting Player Data on Mobile

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

yeah that's good all right guys we're gonna go ahead and get started I'm Kevin and I'm Chris and we are five amp we're an indie small indie mobile game studio and we make mobile games today we're going to be talking about best practices and persisting player data on mobile so this is going to be saving loading and the cloud so what exactly is in this talk we're going to talk about saving and loading like exactly what it is then we're going to talk about local saves how do you get your game data into a physical file on the disk and what are the best ways to do it in the caveats now we're going to talk about data integrity let's say your your saved data is now as a file like how do you protect this file we're also going to go over redundancy then we're going to talk about cloud saving have a slide for additional section for additional tips and then we're gonna have time for questions all right so what is saving and loading this has been around since probably the beginning of games for the most part but you need a way to persist data between sessions right so as old as something like Super Nintendo or NES where you got your multiple save States on your Zelda game or something creative like Mega Man where it's actually not persisting data but they'd give a user a password and every time you came back to the app you to enter that in and that would be your game state so something that we're gonna talk about is what you need to consider and what is necessary for your game so this is gonna change from game to game do you need safe points something like Resident Evil with a typewriter and the users go and they start and initiate a safe from there or are you going to have checkpoints in your game are you gonna implement an autosave feature in which the game is going to save itself at a certain point of time or just periodically throughout the game are you going to allow the player to have multiple save States similar to Zelda here where you could you could have different sessions that you that you play through and is it going to be online only or are you also going to allow for offline saves this is all something you need to consider when you're crafting out your safe strategy so we'll talk through a few examples first of which is probably as basic as we can get is something like flappy bird right so the only thing they need to persist is is a top score how far did you get one two three I got to twelve and then when you relaunch the game you'll see that same same safe again and something Kevin mentioned it on the agenda slide we're going to talk a little bit about date of integrity remember this is a beginner talk so we're not going to get too in-depth into this stuff but we're gonna go surface level on a few of these things so something like flappy bird there's there's next to no safe protection it's just a plain text file on the device and somebody could open it up edit that score from 12 to 20 next time they launch the game they'll see there's top tors 20 then go Brad you there mom but it's not it's not that important to the game right it doesn't change the game they didn't get any unlockables next level of complexity you might go to is something like a fallout shelter cool kind of simulation game from Bethesda these ones implement local save as well but they also added cloud save which has allowed them to have their save synced across multiple devices let's say you have a tablet and you have a phone you could play on both devices and keep that same progress going along this one we mark it as moderate safe protection there's a there's a kind of a key theme we're gonna we're going to illustrate through the course of this talk is that you can never trust the client and if you haven't heard that yet I'm glad to share that with you now is that if you're putting protected data or data that you care about its integrity on a client you can never trust that it's going to be safe so this one even though they implemented some level of encryption and hashing in their safe files you can still as you have access to the binary you can reverse engineer that D compile it and figure out how to hack those saves and then at the top level something like another mobile game cross-platform game hearthstone where it's online only there is no concept of local safe you can't even play the game unless you're connected to the Internet and this one's goes to the full degree where they have a first-party account system in which you need to create an account and that's how you access your data and all the data is protected on blizzards private servers so we'd mark this one as high safe protection because the only way to really hack your data is to hack Blizzard servers themselves which is a whole different degree of difficulty there and so and so in talking to these three points you got to kind of figure out where in your game fits in these in these things how important is it to you for protection and all of these things and so again that we built we'll talk about a little bit we launched this a few years ago it's called pit crafter it's kind of an idol if you're familiar with cookie clicker it's an idol cookie clicker with a minecraft theme in it and we went local safe it was really important to us that our players were allowed to play the game while it was offline so if they were on an airplane or if they just didn't have access to an internet connection they could still play the game and it's full full glory and then we we also decided to put in cloud save because we needed some redundancy as well as we would want our players to be able to play across devices and then we did put in a little bit of encryption as well on our save files but again you really can't you can't fully solve this one if you're going to support local saves so now you have your game data how are you going to get it to a physical file we have an example here let's say this is your save data this is Bob save save file or save data he has a player name he has a virgin string he's on 2.14 he has some gold he has a high score he also has unlocked the first two characters out of three so we're going to go ahead and reuse this throughout the presentation so that you guys can see the different utility so one way that you could start saving data is use player perhaps who here has heard a player press or used player press right so yeah everybody so player press is built into unity it is not secure so we don't recommend storing any important data in player press because the player can just easily edit it but pretty much you know use it to store player preferences so in this example here we have a music volume you know if somebody edits this or let's say it gets erased you don't really care that the music volume was changed how does this look for Bob save save game so we have this class at the top and we essentially what you could do is that pipe ref support setting and strings and float - it's a key value store so for each variable that we have here we're saving it has a separate line for each variable as you can see that the more variables you add to your save file this can actually get more and more complex and then if you look at the boolean array at the very end above the save it gets a little messy too because now you got to convert this array into a string because player press doesn't support writing arrays and then whenever you load it gets even Messier because now you've got a part string so we're not we don't recommend this type of example so what's the next level of complexity you can get to and so what we're gonna cover what we call custom saves which is reading and writing those files yourselves to the disk player press what it does is just saves a plain text file on the user's device I think in the persistent data path and so you can do that yourself and you can you can create your own infrastructure for doing this and when you're doing this there's various formats you get to choose through we're going to go through a few of those as far as formats were thinking of serialization options and the nice thing is is most of this is built into unity and supported natively so you don't have to worry about using a plug-in or integrating a third-party library to accomplish this so where is this data going to go we mentioned application dot persistent data path this is a nice parameter that's built into unity that gives you the location of where you should store persistent data so when the application is closed and it's relaunched you're guaranteed that this this location won't be cleared out so you can put your your saves there we also want to mention a few locations specific to mobile if you're on iOS and you want a different location to put your data you could consider putting stuff in the application plist itself you could also mess with the iOS keychain you probably have to build a plugin to to interface with this in unity in Android there's also a construct called shared preferences which is very similar you could save data from there very trivially so let's let's talk to the simplest example of how we would save a custom file we would just need system i/o and then we take our high score from flappy bird and we put it into a string and we write that text to a file and then same way when we're loading it we're gonna take that read it from that same location and then parse it back into that integer so this is a very trivial example but it does kind of illustrate where you would go and how you get started so this is customizable you could do whatever you want we mentioned bit bashing because if you wanted to make the most proprietary smallest safe file possible you could be like you know putting all your bully ins into a bit ship that array and do it as complicated as you want but this is going to be extremely tedious in the same way and in player press if you're using that API and the way that we described it you'd have to be explicitly massaging every piece of your data into the save file so where do we go from there we talked through serialization so serialization is translating these data objects so we have our Bob save file which is a trivial example in this thing and in this example and we're going to serialize it into a string and then what this just means it's putting it into a format that we can save to the disk and then we're gonna deserialize it out so we can later reconstruct those files so using our same example code we have Bob save file and save data and now we're going to go ahead and we create the save state path with a persistent data path like Chris mentioned and we're going to save it as a JSON example JSON and it's pretty simple actually you have your game object and you just do unity has a JSON support built in with JSON utility so it's just JSON utility to JSON save data and you write this to the file the file looks like that JSON example JSON and this is pretty much to JSON so as you can see we have a high score we have a gold count and for those people that are wondering like wait a second that was a boolean array JSON utility optimizes and replaces the true/false this was ones and zeros so that's just something that we're going to cover in a few slides so that is one format that you can use you can use JSON it is readable it's flexible we're going to talk about flexibility with versioning later on down the line but essentially what this means is that whenever you version your save files because you're going to add more content or even remove variables JSON is flexible it doesn't break it fails gracefully in this situation and it has a small file size the next one that you could use is XML XML is readable but as you can see you have the double tags so it's it's similar to the JSON in terms of the format but it adds the double tax and as you can see with a large amount of data the file size is going to be way more bigger than JSON it's also flexible to the other serialize you could use is a binary format err essentially if you get your game object and you you serialize it as pretty much the raw object to a file it's not readable as you can tell and it's not flexible so you remove a variable and you tried to deserialize that to the same class that won't really work it does also have a small file size and as you can tell here you know Bob had like 50 gold or something like that you can't really tell and you can't really edit it so if you're doing something like debug test and you wanted to edit data on the fly it's not really doable with the binary format or you have to create tools yeah exactly so going over versioning you know XML JSON we're flexible and binary format or was not so this is just an example let's say you release version two of your app or game and you go ahead and remove a gold count you know you don't need to store gold count in your save data anymore so you would increment the version string to 2.15 but in this situation if you remove a variable and you're using binary format or you will run into an issue when trying to do serialize that class so just keep that in mind when when implementing your save file system so this is a table of just comparing all the format's that we talked about JSON utility was actually recently implemented 5.3 the others are built in and if you look at the size you can tell that the XML this is actually a pic crafter save file that we did this test on and with the size XML of 16.1 kilobytes and JSON was three point seven binary format it was six point seven so if you haven't heard of JSON yet we just want to try and clear up a little bit of that JSON is a data format you can think of it kind of more of a specification and so what this means is there's tons of different libraries and they implement that specification so taking a class or taking information and serializing that into that JSON format that data into that format and and so so unity has one that they built into 5.3 that's the JSON utility that we showed in a few earlier slides there's also really popular ones available for c-sharp like JSON net and one thing we want to mention is be careful if you're going to swap libraries they have different performance characteristics they might have different size and so you might want to switch at one point or another but in this case on the Left we have JSON net and if we had that characters unlocked array and let's say it was null in one of our save files and then if we did the same thing with JSON the one that's built in a unity it's actually going to show it as an empty array just open bracket close bracket so if you were to swap libraries you'd have to you might have an exception if you're a dear serializing or this wouldn't work so you need to be careful when you're switching libraries and just take that into consideration and then some other notable serialization options there's a ton of libraries out there that you can use so we have protocol buffers message packy ammo and like Chris Mitch and you have a lot of JSON libraries keep mind that all these have different trade-offs some one might be faster some might be more optimized it all depends lone wolf pack Interactive Studios created a blog post a few years ago they were using for their save data they're using XML and eventually they ran into a performance hit when they were trying to write the save file and they just couldn't deal with it so they switched to the binary format or the binary formatter was doing great but then it wasn't as flexible as they want it to be they ran to further issues so they ended up using protobuf for their serializers so that's just an example of like there's different libraries out there just you know keep that in mind yeah and one last point on this one it yeah it just really depends as Kevin mentioned like if you're if you're considering sending your save files over a network or you're sending this information over XML might not be the right format for you it's a little heavier you know or if you're just saving to the disk if that's all you need to do XML might be fine it's built right in the unity and you don't have to worry about anything else so now we're gonna talk a little bit about data integrity let's say the save didn't write correctly or let's say you had something that we're gonna call tamper proof in this case so if you're using player preps or if you were just saving an XML file just to disk like we demonstrated earlier you know your player could could jump in open their data directory open that file up edit their edit that edit that high score value and boom they just hacked your game you know you just lost all your purchases whatever it was so you might want to put what we're killing in this case is is just a first line of defense so as we said you can't trust the client so if you're saving files locally to the disk if somebody wants to hack it if they really want to hack it and they have the know-how they're gonna do it but you want to put something just as a first line of defense because it might you know it might I slide out a huge population that wanted hack your game but couldn't so we're briefly going to talk about just encryption and hashing of safe files disclaimer here we're not security experts but we're just going to briefly go over these and go through a basic example when you go and do it and actually implement this in your app we recommend you're doing ample research and figuring out exactly how you want to do this in your game so now we go back to Bob's save file let's say we want to make it a little bit more secure so we want to add in a hash so the first step is to create the variable and this variable will hold a hash for the contents of the safe file and what that means is that so we included some code here as you can tell the second line of code where it's a safe state string this is where we deserialize it where we serialize it with the JSON utility so we have a string of the save file so instead of writing the save file to a file what we do is that we go ahead and use the sha-256 manage included library and we generate a hash and essentially where that red rectangle is is that we get this hash and we store it in the saved agent now keep in mind we do recommend you know adding in some salt or pepper butt or whatever it is please do your research this is just the very familiar with crypto those are cryptography terms the salt in the hash and and this is where we recommend like digging in a little bit deeper and figuring out exactly what these terms are and where they're relevant to you it's easy as a library implementation but you want to go a little bit more involved especially if you're gonna be doing this yourself exactly so now we have this hash and we add it to the save file and we serialize this into a file and now we have this file so if somebody goes in here and they modify the high score and let's say that you do five thousand whenever we load we load and we go ahead and generate a hash for that save file and we compare it with the hash that's in the safe file and if they don't match then the player has modified his or her data so I don't know how many times I've said it so far but you can't trust the client so in fallout shelters it's just an example we'll come back to here they actually implemented an aes CBC encryption if you don't know what that means it doesn't matter but somebody did and they figured it out and they decrypted it put it on Reddit and then see what I want to go over here is it yeah I'd only been a small subset of users that were able to decompile a binary reverse-engineer how the hashing was done in the safe file and then edit that file but this was a popular enough game in which there was a demand for this and so they actually open sourced the utility put it on github and then actually made a web app for it so anybody could drag in their fallout save edit to their heart's content pop it back out and put it back into a safe directory so even if you put a complicated hashing algorithm into your game somebody might release a tool and it's still it's it's just you can't you can't fully protect yourself from local so why even hash at all well it's that first line of defense right it's pretty easy to implement you you could probably do it in a day or so and but it is also situational if you were building a game like flappy bird it's probably not worth your time because it's really not going to affect a player experience but if you're building a game like fallout shelter where it might actually affect you know your monetization and how your performance is doing it might be something you're willing to consider so we talked a little bit about hashing another thing that you want to do to build in your safe files is redundancy we've spoke to a lot of unity developers like ourselves and and sometimes things can just happen in which the safe file directory is blown out or if you had an error in which when you were trying to write that file if you're overriding the same file so in our examples we're saving to save dat or save txt and if you're just overwriting that same file every time what if the battery ran out on the phone however unlikely what could be or if you're writing a safe file that's twice as big and I actually ran out of space and you caused an exception either way you want to retain multiple backups saves and you know this one you can either go to the asset store and find something for this or create it yourself it's consider like slots let's say we have ten slots and we're just going to rotate after we save our tenth one now we're going to save over zero and also consider you're going to have to have a custom system on how to fall back on this if you if you you open a safe file and it's incomplete or you throw an exception now let's try the next one and so on and so forth something definitely consider when talking about saving to the disk how often are you going to make those those save operations reading and writing to the disk you know as opposed to editing a variable in memory is actually pretty expensive and it's completely dependent on the platform that you're using if it's on PC it's probably not that many of a deal but on mobile it might be a bigger hit so there's two monobehaviour functions that you can listen to on application pause on application quit pause when they background the app quit if they close the app out of their multitasking bar or whatever you can listen these two functions and then fire office save there and that's where I would start as addition if you want to implement some kind of auto saving or check pointing in your game consider when you want to do these saves if you just do it a timer based way and you're gonna save every five seconds is that really necessary let's say I was building a puzzle game and I only really need to save once they've made some kind of significant progress so consider doing checkpoint based in that way and also if you are considering doing some auto saving and keeping that without having to have a user interaction on a save file you're using a background thread so if you're using a background thread you can you can isolate that off and you won't have any frame hitch when you're doing those auto saves or do it in between scene loads or something like that in a loading bar I'm just so you don't have any degradation of performance so what are other catastrophic events that could happen so keep in mind whenever you're developing your save load infrastructure keep in mind that anything can happen and that's what we've experienced too is like the user can run out of space maybe there might be insufficient permissions the user can if they had a one of those phones with the SD card they could remove it or unmount it maybe they'd uninstall their app and reinstall it also maybe they just deleted all the files from the directory or they modified them we had a couple of people that are reached out to our customer service and said like oh my data is not there and after talking with them for a few hours they're like oh you know I uninstalled in the reinstall that's like oh well you know you deleted your data alright so in talking about that especially on the customer service side be prepared to handle these situations and ones that we haven't listed here ones that you'll run into and it's unlikely that you're actually gonna be able to reproduce these issues or during your beta cycle or whatever that you're gonna experience them but somebody will and when they do make sure that you have or you've at least thought about a strategy on how you're gonna help these people unless they spent twenty dollars in your game and they've been playing it for months and then all their data's gone what are you gonna do you need that you need to have some strategy in which to hopefully restore this data whether you have in in in-app codes you can give to them so they can restore their data whether you're gonna refund them or whether you can give them a custom save file or somehow manage their account it's something you definitely need to think through and think about because it inevitably will happen so now we're going to go ahead and talk about cloud saves cloud saves introduces a lot more features that would be beneficial a few of these is that allows the players to have a cross-platform so like let's say they have a save on their mobile device phone and then they got a tablet you know as long as the same platform they can actually like load this save on to their tablet it also can work as a backup to your game along with local saves yeah absolutely so the first one you might look at is something we're calling platform cloud save these are typically built into the operating system something like Google Play games if you're using it for achievements or leaderboards already they actually have a cloud segment for structure built in if you're on Apple if you're deploying iOS there's iCloud that's available to you if you're on Amazon there's game circle which is packaged in with their leaderboards and achievements and these are nice because you might already have the plug-in in or you're deploying to that device so you can you can easily implement these some additional stuff is that they're flexible in the way that when you start implementing cloud safe there's a bunch of new problems you have to solve so let's say I have an an iPhone and I have a tablet I have an iPad and I play on both devices and I was offline one of them comes online pushes to the cloud I play more offline on that one that one comes online and pushes to the cloud it's the same thing that you would encounter if you had a conflict when you're committing to your get repo how are you going to handle those conflicts so most of these platforms have a way that you can configure how you want to handle them whether you want to code exactly what's going to happen or if you just want the latest save or the highest save based on this parameter so you want to keep those in mind we're not going to go into so much depth as far as how to exactly implement these but just check out the documentation they're extremely thorough on how to implement these platform cloud saves and I know for unity there's a plug-in built in or there's a plugin offered by Google for Google Play that you can implement if you're doing achievements you can just implement cloud save similarly for game circle so what else could you do for cloud save well you can actually your own custom back in you can use AWS or Heroku and you know just have like a bunch of servers and have the game saved to these servers this would be more flexible than the platform cloud save but you're gonna need to know AWS AWS is there's a lot of a lot of components to AWS pretty much you might even need a dedicated web developer it all depends it's not trivial and it definitely takes a lot of time and work but of course it all depends on what type of game you're making if you're making flappy bird and you just want to implement cloud save you know maybe a platform cloud save is better maybe you probably don't even need a custom back-end so it all depends on what type of game that you're making and whenever I say AWS knowledge needed you know definitely need a lot of a knowledge of AWS because there's so many components out there yeah and think about scaling that surface too so the next thing that you could do is that you could implement a third party back in so there's a lot of services out there that operate back in as a service so for PIC crafter we chose play fab and it makes it pretty easy to develop they kind of do all the hard work in the in the back behind the scenes but it could be potentially a hard cost but essentially what these services do is that they implement they introduce so many features that you can take advantage of like you can manage all your players as player accounts you have leaderboards what else like inventory just felt verification inventory management account persistence is a big thing let's say you were building a custom back in how are you even going to identify these players is device ID enough do you need more of that some of these services give you abilities to identify players in which the you know it'd be difficult to build it in your own in your own way and also be mindful of mobile device constraints so people have data planes some people might not have a limited data and if you're like every second sending like a 1 megabyte save file to play fab or whatever I mean that's going to use up a lot of their data so just be mindful of these constraints and we just put together very very basic lots of example pretty much you have your game data code you serialize it instead of going to the local disk you make a call a API call to your custom back-end or play fab or third party back in solution yeah and real quick just to bounce back on these so these are you can think of them as plugins if you're not familiar with like what these what these solutions are how they would work from a development perspective you would just include in the case of play fab and how we did on pic crafter you would just include a c-sharp plug-in and then within unity you can just make API calls like I want to publish to player data or I need to get a token for this user I need to log him in and they'll give you a persistence token so you you know who that player is and then you can go and fetch and and pull from there so it's it it basically you don't need a server engineer if you're using these and you get to do everything client-side so now we're going to go over additional tips we just have a few slides where it could be helpful so one thing we did for pick crafter is that we implemented kind of all three we had local saves platform cloud save and we use play fab so here's a scenario so let's say someone's playing pick crafter and they like spent a lot of hours in this game and then all of a sudden they uninstalled the game right but during their playthrough we were able to manage to save to play fab to their player data but they uninstalled the game all their data is wiped but they decide to reinstall it so what the game does now is that on fresh launch it's all like hey let's see if we have any local local save files oh no we don't is this a new player or is this a returning player we don't know let's go ahead and contact Google Play hey Google Play you know do they have anything there in their cloud save oh no they denied Google Play they're not even logged in so now let's fall back to play fab a play fab you know do you have anything for this device ID and play Vosges says hey yeah I do here you go it's like cool so now the player doesn't have to deal with you know recovery is data or saving the or restoring the data it's just works seamless all right and if you were building an online game for instance and you only cared about online persistence you might not need as complicated of a scenario path like let's say it was online only like hearthstone and you wanted to build a basic CCG you could you could only talk to play fab because you know there already be online you know who this person's gonna be it just really depends on the game that you're building yeah go through a few reminders start early on your process don't wait until you're all the way done with your app to like okay now I need to put in some data persistence and I want to save this players data it's important that as you build your game you're going to encounter some of these issues and and and work around them and add redundancy and an add cloud save as things go on so it's important to get started on this early especially if you're deploying multi-platform there's very platform-specific nuances in our case we we actually at last unite we ported pic crafter over to Windows Phone and we had a nightmare with file i/o and so we had to completely refactor all of our file i/o because it wasn't supported on Windows Mobile at that time the file i/o that we used I think it was net 2 or something like that and so it wasn't supported so it's definitely important to start early as well as test on all your devices your save infrastructure because there's platform specific nuances that you might have to deal with to reiterate again that read and writes are expensive and you need to consider when you're going to be doing these saves and how often network usage if you are gonna be saving to play fab or saving to another back-end infrastructure or sending or making your own API calls to AWS consider what serialization you're going to be using because that actually might be a lot more important if you're sending data over the wire as opposed to just to the disk and something we actually saw if you if you just google online and looking up like people first starting out and figuring out how they're gonna persist data you have people writing code where they're saving every update frame don't do that don't do it or if you're if you're sending it over a network don't save every second we heard from our buddies over at some of the backend that we've talked to you that you know they'll have to contact their developers on there because hey man you're saving every second this is really heavy yeah so another thing for Android Android device Android phones have internal storage and external storage so these are two different paths where you can save or you could save data to internal storage is like a private area an external storage is a public and what I mean by that is that if you want to do open up a file browser and access this data from a computer or what you need to the phone needs to be rooted to access this whereas external you can hook up your phone and you can grab any files that you want from there so let's say you have your app and in the manifest you prefer saving on the external right now with Android 6.0 they introduce these permissions where they ask you you know would you allow this game to write to the external storage and let's say the player hits deny then it will automatically fall back to the internal storage so now which place do you check external or internal for the save data so that's kind of like something that we've experienced that we just pretty much check both there's a code online that allows you to get the internal data path so you can actually check both locations yeah so this is like a little bit of a step beyond persistent data path right because as Kevin mentioned depending on what these scenarios are that application dot persistent data path can actually change after an installation yeah in your getting or in the case that you described let's say they install and they deny that permission they deny that permission it's gonna go internal they launch the game later it asks for that permission again they're like alright I like this app I'm gonna allow it now that routes to a different location yeah and so your data is on internal and you're checking external and then they're safe progress got wiped so yeah there's there's code for this and you actually don't need to create a custom plug in there c-sharp code you can just like it'll do the Java classes or whatnot and call and give you that path and you can check both and another thing we wanted to share with you guys is that by doing like having a redundant system where you could use local files or cloud save or third-party back in or have different safe slots it allows you know there's less less players losing their data and you know which means more happy players so when we release pick crafter in October 2014 our ratings kind of went down because our redundancy we didn't have all the redundancy there so it kept declined declining and we kept pushing out different updates and then finally we pushed this update in April 2015 the first exclamation mark where we implemented a little like we overhauled our redundancy system for our save files so less players reached out to us about their saved data going missing and then we kind of like did more research and we went the extra mile to do platformer cos save so once as you can see this you know we got less and less complaints and then we implemented the third-party back in for play fab so as you can see that it does help having these redundant systems will prevent more users from losing their data yeah so one thing we want to mention is the unity asset store I'm sure you guys are all very familiar with the asset store but a simple query on the on the page and I think we got over 1,700 results for saving so there's there's tons of people this is it this is not a problem that that that's unique everybody runs into it and so a bunch of people there's there's some high rated reviews on some assets out there so I recommend checking them out and seeing if they're gonna do enough for the system that you're trying to build if you were just building south of flappy bird I imagine there's probably a free one on there for you but depending on as the complexity gets on you might want to do things your custom Lior or extend their services or and you know implement cloud as well but definitely check out the assets store and seeing what you can get from it that you don't have to build yourself because a key thing we want to talk through is is to use your time effectively maybe you could make the most complicated custom hashing algorithm to try and protect your local saves as it with your time probably not maybe you could try and create your own serialization methods so that you know it's as small as possible or you're gonna create your own format so you can send it over the wire is it necessary still probably not you want to sit and spend your time on what game makes your game unique this is really important you know save files are not something super sexy the only time a users really going to see them is when they go wrong so make sure to spend your time on on what what makes your game fun what makes it unique I think we have quite a bit of time for questions yeah we did it in a little bit early so if you guys have any questions I think we might have a microphone around the room and fire away so with the redundancy you were talking about can you talk a little bit about how you did rectify the savefile so if somebody did play on one device offline and then came back online and had more progress on another device or whatever so like yes we knows can you talk a little bit about that yeah absolutely so there's a lot of this is account based so if you let me repeat the question just to make sure that I got it so it's a redundancy but specifically when we're talking about cloud and multiple devices okay so so one thing is you need to know a context of who this player is and this is really important there's tons of services out there to figure this out because if a player comes in on a tablet you have no idea that's the same player so there's you know you could implement something like facebook login into your app and so that'll identify them and then once they log into your game you know who this player is and then you can go and try on you like which save file to give them back to that user if you're using something like the platform cloud saves that that makes this really easy because if it's in Google Play that account is already linked up so maybe a walkthrough would be like kind of similar to that graph that we had yeah we don't need to bring it back up but a player comes in actually yeah maybe it would be good so let's say a player comes in they're a new player and this is on their tablet it would hit the disk they'd see nothing and so we check Google Play if they were logged in then we would ask Google Play for that save file they would give us that save and then we would associate it in if you were using something like a third-party back-end then you need some some construct of who this user is so if they logged in with play fab they would be a new user ID but if they were also signed in with Google you could associate that to that user and then you can you can bring back those constructs in it's a little complicated especially when you get to multiple devices and how do you know how many devices they have but if you're using platform cloud save a lot of these things are already built out for you same thing with I Drive it would be logged in with our Apple account you know who they are but this is something that you kind of got to figure out do you want to put this upfront in their face you know a lot of games you come and you you open the app and there's a login button and so that's where it's really important to that game that you need to be on the right account and then there's other games like our game where you just you get in you're right into the system and and we'll actually do background checks and if we discover that hey actually we do have data for this player will present it as a pop up like hey we recovered your progress do you want to restore so it's it's pretty custom in which the way you're going to implement it but there's a lot of services yeah and something to keep in mind is that whenever we do have data like let's say they were on another device and let's say this device had didn't have that much of progress right but let's say they got a rare item but the current device that are using let's say they're trying to gain the system so whenever this device loads from the cloud and pulls their save file we we check and pick crafter since it's an incrementer and you're always you know gaining getting points we check to make sure that the one that we're going to be loading is not behind in progress right we're like hey are you behind in progress actually you are so we're not going to load it let's say you have a Gacha system and they they they pay for a premium item they don't like what they got they restore from cloud save and then they just keep doing the cycles so yeah there's there's some things you need to consider for sure when you're building it out but definitely help things are your question ichael cool and feel free to come out to us after afterwards as well I should be available yeah use sort of answer did it a bit my question would be about you mentioned encryption and hashing is the first line of defense what other measures are you doing the best thing you can do if you really care about the security in your application is to not store it client-side and make sure that it has to be on a protected server because honestly there's tons of things you could do locally but if somebody wants to hack your game they're going to hack your game and they're gonna figure it out they can decompile the binary if they're smart enough or they can figure it out so I would recommend if you want to go to that next degree you just really need to decide is this necessary for my game and how is it really going to affect the performance one example I can give actually is super popular game candy crush widely successful right no safe protection no data protection you can memory hack that game to your heart's content do they care no it doesn't really matter doesn't affect their performance their monetization they focus their energies on what makes their game unique and what makes their game attractive to casual players and so most people don't do it and the ones that do do it don't affect other people's experiences right if you have a heavily multiplayer game it's gonna be really important because if somebody hacks they're gonna make everybody else's experience terrible but in a game like candy crush or a casual game or a single-player game it's only really gonna affect their experience and in most cases they wouldn't have paid anyways so okay can't do much there I mean you encrypt it before you send it over the wire so it'd be if they opened up the payload they would see an encrypted bundle if you were using something like a handshake it gets more advanced as far as the like the algorithms you'd be using but if you're using a private server you'd have a key that that only your server knows about and you use something like I forget what that handshakes called but you can have encrypted traffic for sure it's the same as like something as advanced as an SSL a handshake down to just set a block yeah and I think a lot of these third-party backends they already implement encryption so whenever you you're transmitting to this server so essentially if somebody really wanted to hack it they would have to you know hack that part of it and then they see the hash of the save file and then they have to also hack that so yeah and one thing I'd mention on sending the data over if your API access is if yours is sending over the progress of that user they could hack the API figure out what call you're making and just make their own calls right like if you're saying set gold to a hundred from your client they could say the same thing set goal to 1,000 so if you're if you're really concerned with making your game secure it has to be server first and it has to be server authoritative in which nothing happens on the client it's basically a dumb API and the client just says hey I did this I click this button not that simple but hey I fought this monster and then the server tells the client okay this is what you get you got two gold you got five gold but if you if you're doing it on the client it's it's it's never never protected I have another question you mentioned that you were that you're able to restore the user progress from playful even when the user has denied Google Play games by a unique device ID yes so that one is really uniquely computed so it's more a question about playful probably because they do that that device ID this are you doing that yeah this one can get a little Airy they you have the option to create a custom idea if you want you could login with Android in which that would be the Android IMEI which is just a contract I think they use the they might use the advertising idea I'm not sure exactly what they do but users can reset this as well if they completely wipe their device they might come back with a new ID so that one you almost kind of have to fall back on customer service or if they link their profile to something that's more persistent like a Facebook profile then you're set to go but in this case I think it was it was a device ID so they uninstalled they still have the same device ID and then they reinstall they login with play fab it's the same person yeah and something that you could implement too is like facebook login onto your game so then that ID will always be you know unique you don't have to worry about if someone reformats their phone you know they still have the same Facebook right same thing for Google Play - you're right yep Google Account have you used flatbuffers before I'd say the serialization method or is it it's a Google flatbuffers serializing and deserializing it's a proto protocol buffers it's not protocol that's flatbuffers it's by Google that's really similar to okay I mean we don't have experience with it it's tons of options out there though I bet I know I think was the Pokemon girl uses I think flatbuffers or proto buffers one of those to Google it's just uh it's a bit different uh it's a lot faster than Jason because there's a little bit of overhead from Jason because you have to yes I realize it yeah and you're reading in but I was just curious if you had experiences with using it on mobile no no no but it sounds cool yeah with pic crafter we used XML because it's the easiest and kind of got the job done so we weren't really concerned with performance when we saved a cloud though we don't use X and we have to realize with with with JSON at that point yeah but now maybe take a look at flat buffs - yeah yeah oh we have a question oh yeah just a quick question when you're using a third party service like play fab what's the cost associated with that is it a per user cost or how does that affect your sort of bottom-line yeah they do have a free tier but I think recently they implemented it was like based on what features you were using and how like what was your map now yeah most of these services usually they're pretty flexible and play fab in this instance because in which they wanted to price it accordingly to your game but typically there's there's a pretty generous free tier so if you're building a new game definitely like is it's not going to cost anything until you reach some level of success but then beyond that it's it's it depends but typically it's mal based so monthly active users how many you have on the platform some of them could be usage based would be kind of like an AWS infrastructure which M how how much traffic are you are you actually using and then they charge you that way I noticed you had a version string how do you handle versioning especially if people are playing on multiple devices where they might have version X on one and version Y that introduce new keys or remove keys on a different device that's interesting so essentially the question is if you had different versions coming from like you had a 2.15 cloud save and then also from somewhere you had a 2.14 cloud save right that's interesting we do on ours it's in compatibility so if if we have save files that so if you increment adore your version of your app the save files might be totally compatible but if they're incompatible you could make sure that users update so if they're connected to the Internet and they're actually using cloud save in some in some manner you can force update those apps so if we have in compatibility with the cloud save or a safe format will force those users to update we'll just put in like an undisciplined to update your app in order to continue playing those that's a super useful thing at some points and something you can do is that you could always fall back saying like all right a if this person is on a 2.15 version and then here comes another 2.14 version you can also there's a lot of things you could do you can also look at their progress or you could just flat-out say like hey you know if this person has progress on 2.15 and here comes a 2.14 save you know there's a lot of things you could do you could just deny it or you can look at the data and compare right now for pick crafter we just since we're just using like a one channel for third-party cloud save we just use it as like more of a backup just in case of their data wipes you know if it was like if it was an old client it talked to the cloud and got a new save we just compare the version strings and so I'd be like this client doesn't know how to handle the new client save and it wouldn't load it it would just keep on whatever it had any other questions yes quite a bit of question so for the graph you showed for why you ended up going with the redundancy so it I know it's that was that was yeah yeah so I see why you went with platform cloud saves like you started you know the writing started going up but it seems like for when you chose play fat like there was like it was already going up like things were good I'm curious what made you go with it and what like are there features that it had that the platform cloud states didn't like what were you looking for there yeah so when we when we shipped pick crafter we had Google Play for Android we had Google Play leaderboards and achievements we weren't using the cloud save at the same time for our game we don't have the pop up to login to Google we only do it we asked them in game saying like hey would you like to enable achievements so there could be a scenario where someone's all like now I don't want to enable achievements I don't want to login to Google so if they're not logged into Google then sorry oh snap we you know we pretty much have no cloud safe protection for that user whereas third party back and you know we get their device ID automatically and now we associate that to a play fab user right and then it gave us the addition of also being able to craft a more complicated system that allowed us to play ios and android at the same time when we didn't want to ask I Oh s users to log in with Google because it was unlikely we're gonna get a good threshold so we have like if they want to play a cross they can log in with Facebook and we know who they are and then play fab can orchestrate where the way they say file is and they can play on both and also a cool thing with the third party back in like for play fab since we're storing the users data in play fab you know it they offer a lot of features we started out with IP validation they do a really good job with that but then now since we have the user save data in play file we just log on to a control panel and let's say someone's all like hey my save data is busted or something we could generate a save and we could put it in the users save data like location there's more like customer service exactly yeah capabilities - yeah any other questions it's so the Google Play or the play files did they have an Administrative Tools for you to view or edit any users content so for Google Play you can't like you can't view a user's save files from an admin perspective for play fab though you can you can like look up as long as the player gives you some sort of information whether it's their play fab ID or a device ID then you can just search find their data and go from there but with Google Play can get a little bit I think you could delete I think that's about all you can do same thing with leaderboards like you can remove but you can't yeah you can't really change its it's kind of locked down so that's why we're talking about with the flexibility close with the third-party play file we can okay so like you can run any reports off of that to say your score of 1,000 is better than 80% of other players or in the example save data set that you had you had three unlockable characters yeah if you were to add a fourth you couldn't match those to add a fourth parameter on there false so like every user as you're rolling that out oh I see in that case what you would do would be if you were to add in a new like this way you're discussing like essentially like if you have a new version 2.15 in 2.14 had like three characters then you check to see what version they're coming from and they're like oh they're 2.14 we need to do this additional logic to you know compensate for them okay so that would be done on the client side you could need correct yeah because going through each like I don't think play Feb has the tools to modify all players data do you know yeah okay if you do a batch you can do cloud and you can execute on it oh yeah if you needed to do something like audit your entire it'd be expensive you might have to contact them to pay on how big your user base is but you could run javascript against your in everything you have full like authoritative server access and you could write some JavaScript to do whatever you want and if you were piping it out and run it off server on server yes yeah they have a feature called cloud script it allows you to write J JavaScript to execute on their system in a protected environment yeah okay thanks yeah hey hello I have a question so on how do you guys solve the problem for maybe two player and two device will operate the same user profile at the same time for example I have a I have a device and I son I have a play fab account and then I link my Facebook account to the play fab account and and then I use another device to run the game by using the Facebook why I using the old device connected to the Play v by using the IDE if we then there will be a conflict right yeah guys deal with it this is a pretty common question that play five developers have gotten right I know a lot of ways developers implement this is if you do it like let's say on a hearthstone it would say like your sessions being closed do you want to force close and you only you kind of have a semaphore or locking right and so like only one client can have it at a time if a new client comes in you say hey I'm gonna kick out your other client it's usually more popular for offline games in our game we wouldn't necessarily click or kick them off or say you couldn't play they would just be competing with each other to save and and every time there was a conflict they would have to man it's kind of similar to fallout shelter I think they did where they give the conflict management to the user and they say hey here's your two saves this one's on level 5 this one's on level 6 which one do you want to use so in our case they both would be saving but whenever there was a conflict it would ask the user to figure it out yeah because if you like just fall back on saying like hey let me just take the latest one and what if that one's a totally empty game you know so and so does that means I need a manager to manage manage the the conflicts correct either like by presenting it to the user or having another different system like manage to two files yeah I would say you'd have to have something checking in and saying like hey my sessions active or having something holding it and then when a new client comes in you say no I already have an active session and then you need to handle it from there say you're not gonna play or do you want to take over ok thank you [Applause]

Info

Channel: Unity

Views: 38,697

Rating: undefined out of 5

Keywords: Unite 2016 Los Angeles, Mobile Game Development, Game Development, Unity (Software)

Id: _hAzWgQupms

Channel Id: undefined

Length: 54min 30sec (3270 seconds)

Published: Thu Dec 01 2016