Feedback Discussion about account trading/sharing

Discussion in 'General Archive' started by _Baragain_, Mar 6, 2018.

Dear forum reader,

if you’d like to actively participate on the forum by joining discussions or starting your own threads or topics, please log into the game first. If you do not have a game account, you will need to register for one. We look forward to your next visit! CLICK HERE
Thread Status:
Not open for further replies.
  1. _Baragain_

    _Baragain_ Living Forum Legend

    Agreed, but account sharing and trading is much harder to prove or detect. I have yet to hear someone describe a foolproof method for this, but if it could be done, I'd love to see these cheaters gone too.
  2. Demon

    Demon Forum Mogul

    Because they dont bound our accounts with our names, phone, or bank account.
    All this years they dont bring a way to have more secure accounts or to bind them to a person.
    In my opinion once you have made a payment with your visa or any type of transaction that can give them your real identity they should ask you if you want to bind the account on that name an if you want to offer them more details also if you pay premium time or or deluxe they should offer you a sms protection method.

    I have send a ticket with a player that recognise that has bought the account to our support and is not banned, that account is still online because they don't care about their own rules.

    About the fact that is hard to detect...hmm they can detect multiple accounts that post on forums and they cant detect when you sell your account? i don't think so.

    They can see that you change your mail use another ip and another mac address and they should lock the account until you use that sms protection method or a blank payment using a method that will reveal your identity or both.
    I bet they won't sell accounts anymore since you can recover them using your personal informations.
    Last edited: Mar 6, 2018
  3. TwiliShadow

    TwiliShadow Count Count

    Some of us travel for work and thus play in various hotels (etc). For us, while we are mobile, our "world" IP (the one seen by the game) is always changing. That is not a reason to lock out people. That would be a punishment for us "workers" that have mobile jobs.

    Feedback praise: Love the extended decimal places in the enchantment. :) :) :) Please expand that to the the base values and the character sheet. :)
    Dragonnns, _Baragain_ and Aslandroth like this.
  4. Demon

    Demon Forum Mogul

    You change only Ip not mac address and you don't put the account on another mail every time you travel.I should be more precise so they should check only when all this 3 things happen in 24 hours.

    About decimals - we need things like movement speed, mana cost reduction cooldown of skills on the C tab.

    About the bots - well i see that they have banned only players that used bots last month so not impressive because many players like them make pvp and leaderboard now.
    Last edited: Mar 7, 2018
  5. Aslandroth

    Aslandroth Regular

    This also is not true. I have multiple laptops that I play from. Sometimes I use different wireless cards, often I am outside of the country. Binding to IP and MAC address is the absolute worst of ideas. Also I do not want SMS messages from BP; they do not need my phone number. Binding to email is good enough in my opinion.
    Dragonnns, DocWhisky and Shansurri like this.
  6. Demon

    Demon Forum Mogul

    As i sed it should be optional that type of over protection just if you need those.
    I have another accounts on steam blizz and so on and they offer such type of protection and also in those games i have spend no more than 5% from what i have spend in dso.
  7. _Baragain_

    _Baragain_ Living Forum Legend

    Do you know anything about networking, or are you parroting something you think you know?

    All traffic on your home network connects to the internet via your modem/router. At your house you likely operate on a local private network managed by your router. The router can see your MAC address, but that is it. When your traffic is sent outside the local network (into the internet), all traffic from your home network will show the same IP address... the IP address assigned to your modem by your ISP. If my significant other and I are both playing at the same time, BP sees two connections coming from the same IP, but can't tell anything else... In fact, they can't even tell if it is the same computer running two instances of the game for XP blocking (back when that was a thing) or for PvP exploits (which is a totally separate class of problems).

    Second, you are not even right about the MAC address changing. Ever heard of MAC Address Spoofing? It has real and legitimate uses.

    How many times do I have to say it? If you don't know what you are talking about, it is better that you say nothing at all.

    I am in total agreement that the next big cheating issue that needs to be addressed is multi-player accounts/account selling, but this problem is way more complicated and has way more grey areas than botting/exploit use. Put simply, botting and exploits both have recognizable digital signatures that can be proved and banned. Multi-player accounts can look a lot like someone traveling or using a VPN and account selling can look a whole lot like someone moving to a new home. To prove these with enough certainty to justify and uphold a ban is a herculean task. The best we can hope for is account binding, but unless the method is one that can't be simply handed off to another person, it isn't that functional.
    Aslandroth likes this.
  8. Demon

    Demon Forum Mogul

    I use vpn at work i have router at home i have spofen many macs when i was student because we had limited bandwidth . I,m not that nob and you are not that smart as you think.
    When mail +ip+mac address is changing that is something that need to be researched.If one of this is not changing then there is no visible sign of trage/sell.
    I like to find solution to problems , if you want to share with us some opinions on this matter i would like to see some constructive ideas.
    Maybe my ideas are bad but (i try to do something) i wait for better ideas from you and not only.
    Is not the right post to discuss this but in short time we will have our banned players back and that because there is a big market with dso accounts all over the internet and no one cares an they dont see a solution because is too complicated for them to find one so that is why i have some good/bad suggestion for this problem.
    Last edited: Mar 8, 2018
  9. sebastian_fl

    sebastian_fl Count Count

    Why couldn't a player sell his acc together with his junk (secondary) email? If I were potential trader, I would make sure email used in the account is nothing important. Why would anyone use real primary email in a game to start with? Plus, you can change it through support months ahead of potential sell.
    _Baragain_ likes this.
  10. Demon

    Demon Forum Mogul

    Answer is simple because most of them are kids and they dont care about this stuff (about half market ).Bp wont make trade or selling impossible they just need to put some new safety measure and to bind the account to user.
    If they bind the account to user that user can recover that account when he need so that will make sale and trading not worth because you can end spending money on an account that can be recover anytime.
    Example. If i have a bind account (made that for security reason) no one will buy that for me because he should trust my promise that i will never claim that account.So no matter if i sell that with mail and all that stuff, i can give them an id card and bank transactions more than any buyer could.

    I think we should discuss this on creative corner to give them some ideas to shrink that market or to reduce that.
    maybe some god ideas could come from that.
  11. sebastian_fl

    sebastian_fl Count Count

    You gonna be surprised. Quite frankly, I don't care about some kids selling their lvl0 toons to other kids. I do care, however, about end game char trading. And trust me, those folks didn't just do it once. They've been throw the selling process many times. Russian 'Facebook' group (vk) is almost purely dedicated to selling and killing bosses for money. When they sell, they do it throgh an intermim, some kind of trusted piece of junk that follows his procedures. No end game char sell will happen out of nowhere. It would be either friend to a friend, or throw a mediator.
  12. _Baragain_

    _Baragain_ Living Forum Legend

    Which is why I said:
    Even if you bind it to a phone number so there could be a text message two factor authentication, that doesn't even work because two factor authentication is predicated on keeping other people out of your account.

    BP would need to allow for people to change their number because phone numbers change. The problem is that a seller could change the phone number prior to the deal and just claim that they moved. And regarding multi-player accounts, it would be a simple matter to set up an auto forward for all authentication text messages so that both (or more) pilots get the code when ever it is sent.

    I have been giving this a lot of thought and the problem is there are no good ideas yet. I've had several less bad ideas.

    For example, for multi-user accounts, introduce a reasonable Geo IP lock out. If I'm playing with an IP address that says I'm from New York City, log out, and then five hours later "I" log in with an IP that places me in Russia, that is not physically possible. For the first offense they could simply apply a 6 or 12 hour ban. Subsequent bans could get progressively longer. The issue with this one is travel and VPNs. On travel, they could build a mileage list and take normal flight time into account. Unless you are flying in a military jet, it is impossible to log out, travel 1500 miles, find a hotspot, and log back in, in a matter of five hours. This would take a bit of effort to decide and code, but could exclude people who travel legitimately. If I log out and then log in 8 hours later from a location 400 miles away, that is reasonable with a simple plane ride. On VPNs, it is simple; make a "No VPN policy" so people understand that a VPN will lock their account out for a short period. Post it in a notice when the person logs in from an impossibly far away distance to give them the benefit of the doubt.

    There are three problems with this approach. First, it does nothing to address account selling. Second, it doesn't stop account sharing between people who are relatively close geographically, particularly in the small countries in Europe. Third, this doesn't address past cheating unless the DSO team ran it in the background for a month or so to gather data about the cheaters before going public about the system and banning the consistent cheaters. Then those people would start whining about how their ban wasn't fair since people couldn't get banned for that in the future because the system would prevent that brand of cheating in a live fashion.

    Ultimately, the DSO team would have to devise a non-transferable method of account binding that still allows for normal life events. I can't think of anything that can do this that would be feasible to implement in an online game. For example, a fingerprint could do this, but I don't see DSO implementing a biometric lock, forcing the user to go out and buy a fingerprint reader to play an online game. Most users would go find a different game.

    This doesn't mean that I've stopped thinking about the problem. Instead, I'm thinking critically and looking for something productive and realistic instead of talking about viewing a device MAC address from the internet.
  13. MikeyMetro

    MikeyMetro Forum Overlooker

    Since we are discussing other potential exploits that need to be addressed here I would like to chime in a bit on this. Dual logging and gang banging are definitely important issues. These issues, however difficult, can be tackled since I know players who in the past (although it's been a while since the last one) who were banned for this.

    Stopping account selling though is a near impossible task if the seller and buyer have just a bit of sense about it. No amount of linking/binding accounts is going to prevent this ( I won't get into the workarounds for everything I have seen mentioned thus far in this thread :cool:) The only workable way is for a user to provide personal info that in this day of data breaches I really can't see anyone doing just to play a game. I also doubt that any gaming company would invest anywhere near the $$$ like the huge companies that have this info (which, btw, you hear about them getting breached regularly.)

    Quite frankly I do now care much about that issue. Sure, there is the fairness issue about a new player have unearned capabilities. But those same capabilities existed on the server before the original player decide to stop. And in reality a newbie with this toon will not be as strong simply because they do not know how to utilize them to their best potential.

    Which bring me to why does this rule even exist? I realize that not only BP but most publishers have a rule on this the but why. One reason is it negatively impacts them is market share. Market share is always figurd on registered users and not those that are actually playing. I have long suspected that this is the reason that DSO never had multi-char accts from day 1. By making player register 3 different acct to play all classes they actually beat an older tripple A game to the 10 million registered user announcement I'll bet the folks from that other game were going like, "WoW, how did that little shoppe in Germany beat us?" ;)

    The other reason this rule exists is, ofc, lost revenue for the publisher. In some case the company makes more mony on the sold toon. Original owner was not going to spend anymore but new owner will. However, as @sebastian_fl pointed out:
    This is where money that should be going to BP is going to a third party. This should be stopped but would require a team just to do this. It would take some sleuth work from some at BP going to these sites and running a sting on those people. So the bottom line here is would prevention cost more than the lost revenue.

    Luck be with ye,
    Last edited: Mar 8, 2018
  14. sebastian_fl

    sebastian_fl Count Count

    I could hardly imagine BP taking over account trading -))) does it exist in other games? Legallly?)

    I see where you coming from, it sort of makes sense. My issue is, again, high end trading. I understand that capability exists either way, but people leave and it represents some sort of inflation if there is no trading. But more importantly, 2 things:
    1. Cheaters, once banned, buy end game accounts.
    2. Buyers will get what new players could only dream of - old runes and gems, sapphires, old lifekeeper etc. Items that cannot be obtained anymore, but someone with a couple of grands can have all of it in a minute.

    BP sort of designed this mess. They introduced this concept of 'something OP' that cannot be achieved anymore.

    BP also doesn't put enough effort into secondary character development. If you got tired of your class for whatever reason, and you start new one, you get what? - mentor bonus for knowledge tree and pvp?) This is nothing. Ofc some prefer to exchange characters, or trade. Why would I farm 300m glyphs all over again if I can just buy them?

    Why wouldnt they implement something preventive? For instace, if any char has 300m glyphs, subsequent chars get 300% glyph bonus. Inventory expansion works across all the chars, you only need to buy it once. Same about other aspects. Perhaps, some of the traders would rather play than buy if there was good incentive.
    MikeyMetro likes this.
  15. Bp would lose money this way. Its not really to their advantage so I highly doubt they would do this. Just my opinion
  16. sebastian_fl

    sebastian_fl Count Count

    I shared your doubts. But sometime, you, as a company, need to do friendly steps to keep your core userbase. If you keep upseting your base going after some quick and dirty money, you gonna lose. Will see what they are up to.

    As a startup guy myself, I know what it is to balance between retention and acquisition, but I'm sure better experience grants more money. BP is playing on the edge creating their boring events that require 24/7 grind. They seem to misjudge the fact that happy user will more likely to spend more time and money.
    MikeyMetro likes this.
  17. Demon

    Demon Forum Mogul

    They cant make happy everyone.Those situations with people that travel so often are under 5% so i would risk to lose that 5% if they cant live with that if this way i can shrink that market under 20%.
    In our society we are too focused on human rights and forget to bring punishment for those that harm people just because they have rights but this way we make more harm to majority just waiting to prove that they have break the law.

    There will be collateral victims but only if they don't/cant provide proofs that in fact they are traveling allot or they use vpn.And restrictions can be - no payments allowed not necessary ban the account, also they can close the shop from game for those accounts and this way they will not have legal issue with owner if he is stubborn to not offer to support what they ask and this way boting will not be so popular if you can't buy anything from shop.

    There can be a compromise here , will see if someone from BP cares, but that phone sms checking should be implemented soon for members that have that premium subscription as a new way to get more protection for you account.
    Last edited: Mar 8, 2018
  18. sebastian_fl

    sebastian_fl Count Count

    Now this is ridiculous. I travel a lot. And by a lot I mean A LOT. 100s flights a year or so, frequent flyer on most american + lufthansa. I have legal and/taxation residenship in multiple countries. You cannot ban me for that, and it is immoral even suggesting that. I'm quite sure it is illegal too. I'm not aware of any service of sorts that would bind a user to specific location, unless it is about gambling or other regulated domains.

    You seem to live in some broken society suggesting such a nonsense. Presumption of guilt only exists in russia, north korea and alike. No need to bring such a crap to respected world.

    Btw, recently read on some paper that in-game gambling is now considered gambling in a couple of Asian countries, or something like that. It also forces game developers to list the probabilities of getting items when gambling. Could be one more reason BP shut down Asia.
    Last edited: Mar 8, 2018
    _Baragain_ likes this.
  19. iNeXoRaBlE

    iNeXoRaBlE Forum Great Master

    Yeah gambling for the spheres. I have opened many spheres and i got 1item from my last 20spheres (all other draken), gambling is considered for the things you get with real money.
    BP should mention the possibilities either is legal or not, i have wasted my anders for those things and i have got like nothing.
    GoulishNightmares likes this.
  20. sebastian_fl

    sebastian_fl Count Count

    Gamble is a trade of funds for a chance to win an item. In-game jesters is just that. And popup window asking you to buy andermants for real money is your connection. This could be considered deliberate act. And I'm pretty sure it would be. Lawmakers just didn't have time yet to get into the gaming industry. California will take a lead here, very soon.
    Demon likes this.
Thread Status:
Not open for further replies.

Share This Page