How Tencent Secures Mobile Games: Inside Their Anti‑Cheat Architecture

Background

Game security risks have always accompanied the gaming industry. Tencent's fourth Game Operations Technology Forum, co‑hosted by Tencent Zhiying and Tencent Cloud, featured a talk on "Game Operations and Security" that recorded the current state of game security.

Security Risks in Games

Game security risks can be divided into several categories:

Cheats (外挂)

Cheats break game limits, allowing actions such as instant kills, invincibility, speed hacks, wall‑through, and teleportation, which grant unfair rewards or experience.

1. Breaking Game Restrictions

Cheats enable players to bypass built‑in limits, gaining high rewards or experience.

2. Time/Space for Profit

Scripts can run 24/7, and reverse‑engineered client protocols allow multiple instances on a single machine, affecting financial systems.

3. Exploiting Vulnerabilities

Common attacks include room bombing, kicking players, logging into other accounts, and server attacks.

Trojan (木马)

Trojan threats include account theft via malicious clients that mimic the official login interface, and resource‑hijacking for DDoS attacks, software promotion, or illicit mining.

Information Security (Fraud, Adult/Gambling/Drug Content)

Games must guard against unsafe content such as fraud, pornographic or gambling material, and politically sensitive information.

Fraudulent information

Adult, gambling, or drug content

Political sensitive information

Value of a Game Security System

The primary value is risk prevention, which ensures game stability, revenue protection, a fair environment, player asset safety, and assists government regulation.

Fair Game Environment

Maintaining fairness prevents cheating and protects the ecosystem.

Protecting Player Assets

Security safeguards account credentials, virtual assets, personal data, location data, and payment information.

Assisting Government Regulation

Security helps filter illegal content such as adult, gambling, drug, and political material.

Cost of Game Security Systems

System Development Cost

Feature and architecture design

Platform, engine, language support

Massive device adaptation

Periodic new feature support

Development costs rise due to diverse OS platforms, multiple game engines, and the complexity of mobile device fragmentation.

Game Integration Cost

All premium games must pass a security review and integrate client/server SDKs, which can affect performance and compatibility.

Continuous Anti‑Cheat Cost

Long‑term costs include ongoing risk assessment, sample collection, analysis, solution design, and continuous manpower for updates and optimizations.

Operational Results of Tencent Game Security

In 2015, the PC anti‑cheat system protected 88 games, handling 1,554 cheat functions, penalizing 28.92 million cheating players, issuing 1.58 million mute actions, and blocking 389,237 trojan variants.

The mobile anti‑cheat system covered 127 games, serving hundreds of millions of users, with 421 cheat functions, 7.5 million penalized players, and ensured safe mobile game operations.

Architecture and Technical Features of Tencent Mobile Game Security

Security System Architecture and Operations

Typical C/S structure diagram (image omitted).

Sample collection and analysis are critical; samples are gathered from channels like forums and marketplaces, then tested before entering the anti‑cheat workflow.

Game logs and security‑collected data help reconstruct player behavior to detect abnormal actions.

Post‑launch, the team proactively discovers vulnerabilities, notifies project teams, and applies security measures to prevent exploitation.

Multiple parallel anti‑cheat lines handle different attack vectors, using backend data, client‑side signatures, and real‑time or offline judgments to enforce penalties.

Client‑side protection must balance security with stability; feature releases follow a staged rollout from 1 % gray release to full coverage, monitoring crash reports and user feedback.

Core Functional Modules

1. Client Protection System

Includes anti‑debugging, anti‑injection, client hardening, data and protocol encryption, resource protection, and compiler‑level obfuscation for iOS.

2. Data Collection System

Collects three data types: client environment data (privacy‑sensitive), app integrity data, and gameplay process data.

3. Strategy System

Back‑end strategy combines product strategy, backend strategy, and data‑mining to assess cheating likelihood and discover new cheat methods.

Tencent's strategy system comprises product, backend, and data‑mining components.

4. Penalty System

Implements flexible penalties ranging from account bans to PVP restrictions, illegal profit removal, and reward mechanisms for reporting.

Security Capabilities

Three core capabilities: perception, interception, and traceability. Perception detects cheating, interception blocks it, and traceability enables retrospective analysis.

Layered defense includes a base protection layer, sample‑based anti‑cheat, and data‑driven anti‑cheat that leverages logs and dynamic data.

Scalability

Architecture supports rapid updates; flexible modules can cover over 99 % of external changes without long delays.

External Game Security Services

To B (Business)

MTP is the first mobile‑focused security solution offered with free trials; it is lightweight and proven in Tencent games.

Visit: http://mtp.qq.com

Custom security services provide professional assessments, deep security cooperation, and training, available as paid services.

To C (Consumers)

GSLAB Game Security Lab is a technical exchange website sharing Tencent's ten‑year security knowledge.

Visit: http://gslab.qq.com

The official WeChat public account offers security queries, account checks, safe mode, report lookup, abnormal login alerts, credit scores, binding management, security codes, and online freeze/unfreeze services.

TPHelper (Game Security Center) provides client health checks, cleaning, and reporting functions.