Spoofers destroy the game for legit players
Dear Niantic, @NianticBrian
TL;DR: Spoofers destroy the game for legit players which as consequence are leaving the game. Niantic MUST improve on detecting spoofers and ban them quicker.
Agents playing in Copenhagen, Denmark are unfortunately hit by many spoofers within the last month. New spoofer accounts are experienced nearly every day. The spoofers have improved their game. They surprisingly start out as "near-perfect" real life experienced players; they walk, deploy and link in perfect small fields, leveling up in portal-dense areas. They are also very good at glyphing. But no one, from any faction, has ever meet them IRL and when they reach level 8 they are used to further **** specific areas and players.
The suspected spoofer accounts are of course reported to Niantic. But if or when reaction/banning comes, the spoofers has already made their negative impact and just create new spoofer accounts.
It is destroying the fun out of the game for legit players. Niantic MUST improve on detecting spoofers and ban them quicker. Legit agents will stop playing and are considering to abandon the game.
PS: Some ideas: (I have no idea whether they are technically or practically possible):
- Ask suspected agent/account to take photos of portals. If they do not reasonably comply they will be flagged for further investigation.
- Ask suspected agent/account to take contact to a verified agent for confirmation as real agent.
- Connect account with device used so that if account is later banned, it can be detected whether new (potential spoofer) accounts are using same device, raising flags for further investigation.
- Make it impossible to use emulators (except for your own developers).
- Forbid or make it harder to use VPN connections.
- Use known/verified WiFi hotspot locations in spoofer detection algorithm. If device's GPS is one place, but available/"visible" WiFi hotspots are at another location, then account can be flagged for investigation.
- Measure GPS signal strength and use that in spoofer detection algorithm.
Hi, I understand your concern. I've lived in an area where spoofers breed (Saragossa) as well experiencing a spoofing in my hometown. I really understand you, I've reported many times without any result (that account was banned some months later) . In this cases, is really tiring to report each of the accounts and the bots for telegram are not working properly and only can be used for hard to reach portals.
I hope this situation may change soon, we can only trust local communities from both factions to enforce niantic TOS.
I wish we could be united against spoofing, because is killing our gsme, our dearest game.
To look at the ideas:
This is only relevant if it can be done in the moment. It doesn't help if you're asked to take a photo once you've come down the mountain and into cell signal again. As a practice, I've always done this, with a selfie with the portal (not just a portal photo), so that if ever asked by the other team, I can provide them. 99% of the photos have never been needed, but I always tend to take them. NIA Ops would only be able to do this if they could flag possible spoofing immediately though.
How would you verify the verifying agents? Niantic in the past has had significant issues (The TR program 2.0 comes to mind) with biased supposedly trustworthy Agents gaming the system for their team's benefit.
Spoofers can easily spoof their IMEI and Device ID. Smart ones do it routinely and are never associated with any real device.
This is a cat and mouse game. They have put many protections against emulators in. The problem is that every time they add a new detection, the emulators find a way to fake that. Prime won't run with root permissions on an Android device, or with jailbreak on an Apple device. Yet the rootkit and jailbreak tools now fool Prime into thinking it's not running on a device with root or jailbreak access. This suggestion while good, doesn't actually change what they're doing.
They tried that at one point. No-one in China could play for a week. They still ban specific VPN IP addresses when that IP is found to be hosting a spoofer, but it also can host legitimate players. The advice is to cycle endpoints to a new server, but spoofers alike do the same thing.
What happens if I turn off my WiFI on the device? Emulators (when not detectable) also can happily fake or prevent any WiFi from being detected.
This is already being done to some degree with their metrics package. But without a complex survey of the entire world's GPS strength at any time in any location, what are they going to compare it against. An additional level to this is measuring Altitude. Most spoofers devices will report 0m above sea level at all times, even on a mountain. But again, Niantic would need to compare against a known altitude at the location, and a more complex emulator could simply track the location and look up it's altitude on a multitude of public map databases too.
Ultimately, it's extremely difficult to stop these systems, while there is a market of people willing to pay for someone to develop a tool that thwart's Niantic's protections. The more Niantic stops, the more expensive they make the tools, but people are still willing to pay. Eventually, there might be a tipping point where the tools are too expensive for people to afford, but I think that's a long way off.
Until then, all we can do is report spoofers, and Niantic can develop new ways of detecting them.
Im directly in war with the spoofers @smukski describes. They use Copenhagen to level up and then move on to my hometown, where they do everything to terrorise me. I have a field over me, so I (and anybody else) can't link. Everytime I capture a portal, the spoofer(s) are there and **** it down.
I've tried to play in some ofter different towns, but the spoofers show op there to and ****, so I can't link. They follow me the whole day.
When other (beside me and my boyfriend), capture portals in my hometown, the spoofers let the portals be. Even the other local player they don't do anything about - only if I upgrade his portals, then they are there and **** it down.
The first team of spoofers we got banned last week. The new spoofer started the next day, and are now lvl 8.
I've made tons of reports, with video evidence. But nothing happens.
What do niantic want as proof then?
Last cycle we had 5 spoofers in the top 50 resistance.
i agree, we had 89 green banned spoofers, just in this year...... thats alot.
As we write, we got at least 3 confirmed green spoofers, roaming around.
The spoofing in the Copenhagen area has been going on for quite a while. At first it was clearly "bought" accounts mainly used to take down Large Fields. A LOT of these accounts were banned.
Now it seems to be more widespread. New "agents" pop up in central Copenhagen or other portal dense areas and level up. These accounts and are later used for taking down BAF or for harassment like @Riskiks and @Smukski mentions. I suspect some of them are also used for item storage/farming. The spoofing is not isolated to one faction both blue and green accounts appear and level up quickly without any connection to other agents. This is currently a huge problem and discouraging legit players - but I don't see any easy fixes for this.
Perhaps biometric id could be required for account login, tying one person to one account.
Perhaps game mechanics should prevent dropping items for other players other than keys. (yes this will hinder some of the cooperative aspects of the game - but will require you to teach new agents to fish instead of just feeding them)
Perhaps some kind of machine learning could be applied to detect gameplay patterns that could flag accounts for closer inspection by Niantic employees.
An idea could also be, that when dropping items, it shows in intell, like when you destroy or deploy reso. Then It would be more vissible.
And I also see persumed green spoofers. Like the one that took down a p8 farm Last night. Slyng...
This one does not respond to any dialog in comm.
I am also a Copenhagen player (RES). Spoofers are indeed killing the game. Not only are the disturbing the game itself (killing large fields, stalking players, creating spoof farms, etc etc). But worst of all they are creating an angry and hostile environment between the factions (and inside the factions too), where accusations of cheating, supporting of cheating, benefits on spoofer actions etc. are flying around.
We used to have a fair and reasonably sober XF community, but the action of spoofer(s) are taking its tolls on that.
I hope that Niantic is aware of the fact that the game mechanics isn't the biggest asset of ingress. It's the player interactions that has made ingress (and Niantic) what it is today. And player interactions are very much threatened by the spoofer(s).
My suggestions on how to limit spoofers are very simple: Account verification. Being that ingress is a game for mobile phones, and the common verification of mobile phones are SMS based, I suggest that a SMS verification code is required to start an ingress account. Loads of other apps require SMS validation. And phone numbers are not an unlimited ressource for the common spoofer.
Thank you @smukski for opening this thread, and I sincerely do hope Niantic will listen to this cry for help / call for action.
Agent @schatchaos - RES L16, POC for Copenhagen Obsidian Anomaly
All you need to do is verify your location on the portal. An agent can require up to 10 verifications per month. Captured a remote portal, put a checkmark and wait for the agent's photo next to the portal captured directly from the camera. And then to the ban, all those who could not provide a photo.
spoofers make legit players stop playing in the long run, its hard compete vs dirty cheaters.... in the end most will quit and left is spoofers and players that dont play legit, is this what niantic wants? i dont think so... must be harder punishment for spoofers etc....
About this and @Perringaiden comment, I've come with an idea. A picture or a selfie are not just enough since it could only prove that this agent has been ONCE at the place. What If I go to the top of the mountain, take 20 different pictures, then go home and use them to spoof 19 times?
Solution could be a video. Lets say the portal scan had an option to get audio stream aswell. Simply dispaly a random string of numbers so the agent can record the audio reading it while getting the record of the portal. This method would assure the agent has actually been there without any doubt at the given time.
But even if this happened, do you realize how much is required just to prove someone legal? What if this is not possible to record because? Night-time, broken camera, broken mic, poor connectivity (unable to get the code), etc. A picture is not the solution, it can only work as a shield so the agents can defend themselves from proofless acusations.
Biometric verification of account is the best idea I've heard so far. Voice check + face scan would require real people, but even then, a database would be require to store and retireve this info EVERY TIME a new agent comes along. I don't need to work in Niantic to know how expensive that is. But gotta say that it would be the first feature in years that actually fits the "agent" concept.
In particularly contentious areas, I've also taken a photo of my Fitbit with the date on it at the portal, but at some point, confirmation becomes too much. We're not going to carry a news paper up with us to every single portal.
Niantic would never be able to implement 100% guaranteed proof. The selfie is to prove to other agents that you can get there. 99% of the time, spoofing isn't done by legit regular accounts.
Another idea. You should have at least 50 scout points to have more than 200 items in your inventory.
Yes, I was referring to those who actually go to that hard portal once, learn the path, times, etc, get couple pictures, even request new portals... and later on they never come back physically. These are lower spoofers, but spoofers nevertheless.
There are many, MANY, agents whose phones don't support ARCore (myself included).
They did this with Verified back in the day. It was hard enough getting new players to actually give a phone number to get an SMS from instead of just quitting, and you're expecting them to Portal Scan fifty portals? Some places don't even have that many, so explaining why someone needs to do it multiple times to one portal would be impossible.
So maybe not 50. But I still think, som sort of verification would get some of the cheating.
We had it. As far as I heard, it did next to nothing, which is why they didn't pay for it themselves when they broke away from Google. Some form of verification might help, but right now the game is struggling for new players.
Anything that dissuades a legitimate new player, more than a spoofer's new account, is counter productive.
Not every device is capable of scanning. Some agents like myself opt not to scan at all. I do not want the badge and it will remain #foreverlocked on my profile.
That makes assumptions about signal, data and data storage that may not be true. Yes there are portals that are automatic if you capture it you better be able to prove you were there, but photo is an issue.
What is the current method for reporting and asking for (blue, in this case) field restoration? Green spoofer is killing fields and anchors in AL and GA. Clearly a spoofer, L3, hitting difficult anchors on trails at 3am local.
I reported to the bot, but is there another way to ask for prompt restoration post-Solocup?
"First time caller" ;)
See here: https://niantic.helpshift.com/a/ingress/?s=agent-protocol&f=reset-program-reversing-the-actions-of-banned-players
I wholly agree with the cheating in Ingress being the main thing hurting the game.
Not only does it breed distrust and even hatred between the teams, it starts you distrusting ANY new account. Even your own factions.
This is NOT healthy for game longevity.
Long time players get fed up with the cheating and toxic environment.
People stop doing epic ops due to spoof risk.
Backpack and multiaccounts are a lesser but still massive problem.
New players are distrusted until met in person which slows their acceptance into the community.
Constant querying from opposite faction "Who is this?" "Have you met them?" "We think X is cheating".
How about a minimum fix of 30min cooldown before any action not visible on COMM if a user switches accounts on a device? Or action must be visible on comm to unlock non visible actions? Like dropping a capsule not possible till resonater deploy.
Yes some players legit share a device but they are a tiny minority.
Definitely see that in our local area. It has created a ton of distrust. Paranoia is high. In our area, it seems like the biggest issue is multi-accounting. People using 2, 3, 4 and probably more accounts (some using accounts for the opposite faction). And, from what I've experienced, it isn't addressed, so that type of use is becoming more blatant. Like, what is stopping anyone from sitting in their car, using two or three phones? I can't take a picture of the bad actor and even if I could, what's proving that the picture is of this bad actor at all. There is literally nothing to stop it and as time goes on, it just seems to be more and more okay and more blatant. Sure, you run the risk of being shunned by your own faction, but maybe not. That seems to be less important than it used to be anyways. This game can certainly be played without any interaction or help from your own faction.
What is the answer? I have no idea. I'd love to provide an answer along with my complaints/observations, but I just don't see an option. The game has changed and in my opinion, continues to slip away from what it once was. I have less time invested in this game compared to many, so it's much easier for me to walk when I see nothing being done about these bad actors.
I think Niantic should delete all the old passcodes. I see that the spoofers following me, just makes new accounts, when they run out of shields, and then have loads of shields again.
The spoofers in my town, started with lvl 1 accounts, that just moved around us'ing shields of with Ultra Strikes. And with all the passcodes, they had tons of them.
Don't understand, why it's possible for new accounts, to use all theese passcodes.
No. They can dropped capsules from other accounts, then you suggest banning who sharing items? lol
I don't mention anything about banning those who share items. I just explain how the spoofers does here. And one thing niantic could do, to make it a bit more difficult for (some?) spoofers, is to delete all those old passcodes.
Niantic can endlessly complicate lives them. by removing certain functions*. This won't fix spoofing. They removed guardian in 2018 and nothing has changed since then.
Communities must start the job by outcasting cheaters. Spoofers are strong only when they are allowed and encouraged to keep spoofing.
It doesn't matter what countermeasures Niantic implements, if communities don't do their part then we better just switch the game off for good.
Agree communities need to police.
However once someone is ejected from community they become loan wolves.
Then you have those hiding inside communities who play legit around team and cheat when nobody around.