Downloadable Content (DLC) is becoming a golden goose for game developers. Along with microtransactions and subscriptions, DLC made up 60% of non-mobile video game content spending in the US in 2021. Players are drawn to these features and so are pirates! That is the reason why securing downloadable content is crucial today as they are becoming new criminal targets. How are DLCs exploited and how can developers prevent it from happening? Keep reading to find out!
What is a DLC Unlocker?
For those of you unfamiliar with the term: DLCs are additional features that expand the content of the already released base game, with new levels, in-game currency, extra items and unlockable skins/cosmetics – to name just a few. Typically, players have to pay extra to acquire these add-ons. For this reason, unfortunately, these features also become a target for hackers. Fraudsters can access DLCs without paying for them with the help of easily accessible tools, called DLC Unlockers. These are completely free, available online and can be installed instantly without the need to download any additional files.
Many DLC Unlockers have been created to serve this purpose on different game distribution platforms, such as SmokeAPI for Steam and ScreamAPI for Epic. Similar tools also exist for UPlay (Uplay R1 Unlocker and Uplay R2 Unlocker), Origin and the Microsoft Store.
How does a DLC unlocker work?
Basically, when accessing a DLC the game calls on a set of Application Programming Interfaces (APIs) provided by the game platform to verify DLC ownership for a player. DLC Unlockers fool this mechanism into believing all DLCs are available to a player. This process is known as “spoofing” and can be achieved by hooking into the API and returning false responses or replacing the API implementation entirely.
How do developers normally fight the DLC Unlocker usage?
DLC Unlockers deprive game developers of their well-deserved income. These tools also frustrate honest players, regardless of whether they were unable to purchase the DLCs or could afford it – they simply see others getting them easily for free. The economic and reputational losses brought by DLC Unlockers are therefore enormous.
To contain this risk extra steps should be put in place. To secure downloadable content, many game developers attempt to detect API hooking, look for code injected into the game process or resort to implementing checksum code and Dynamic Link Libraries (DLLs). All these countermeasures, however, are relatively easy to circumvent or have compatibility risks.
In addition to applying technical gaming protections, most game platforms also issue strict policies against unauthorized modification of DLCs to prevent players from using DLC Unlockers. By not complying with these policies, dishonest players run the risk of getting banned and losing all their game progress – that is if they are discovered using a DLC Unlocker. However, this approach is likewise ineffective. In fact, many gamers have successfully utilized DLC Unlockers to obtain desired DLCs without suffering any consequences.
Is there a better way to secure downloadable content?
The answer is yes! Denuvo SecureDLC takes a different approach to the aforementioned problem. Instead of relying on an insecure, client-side API platform to query which DLCs are available to a particular player, our SecureDLC revalidates on the server-side a gamer’s DLC entitlement and provides the API inside a secure virtual machine.
With a small and simple implementation, the SecureDLC API mechanism optimizes the DLC protection effectiveness by blocking unauthorized access on all fronts.
Let’s protect your DLCs properly!
Remember that by securing downloadable content from falling into hackers’ hands, you protect one of your main sources of income. Get in touch with us to find out more about the Denuvo SecureDLC integration options available or to get an update right on your roadmap.