Mobile Pie's My Star hit by 93% piracy rate on top in-app purchase in October
iAP Cracker the cause
The concept of people pirating paid games is an established, if still despised, part of the industry for most developers. The idea that free releases can be hit by the practice too, however, is relatively new.
That's exactly what's happening with My Star from Britsol-based Mobile Pie, however, with owners of jailbroken iPhones making use of a tool called iAP Cracker to unlock the game's in-app purchases.
Indeed, the game's top IAP – 200 Star Cash credits, sold for £26.99 – suffered a 93 percent piracy rate in October, equivalent to almost 14 hacked IAPs to every legitimate one.Eye on analytics
The hack was only discovered when the studio noticed a discrepancy between the game's analytics and official reports from Apple.
"We had a much higher than expected month in analytics for September which I initially put down as a big whale," creative director Will Luton said via email.
"When I ran the October report from analytics and it showed that we had over a 10 times multiple for revenue month on month, I was ready to stage an intervention. Digging deeper in to our server records, however, we realised that the IAPs were actually spoofed on a jailbroken phone using iAP Cracker."
The IAP in question, in Luton's words, awards players with "an awful lot of nice items in the game".
More importantly, however, it also lets players level up quicker and, as such, facilitates the posting of inflated scores on My Star's leaderboards.
The issue within
As such, while Luton doesn't believe those using iAP Cracker would otherwise be legitimate customers – lost revenue not really the issue here – Mobile Pie is still concerned by the practice, given it messes with the studio's analytics and means future projects will have to be hack tested.
Indeed, in the case of less valuable IAPs, the ratio of pirated purchases to legitimate ones falls dramatically, to 1.16:1 – a negligible figure Luton admits could be accounted for by an error in the analytics.
"The numbers could be the work of one or two players using the hack," Luton added.
"This is the second attack we've had - the first being altering P-Lists. I would advice all developers to avoid using them for any sensitive data as any jailbroken user can edit them.
"It certainly isn't pandemic like paid app piracy. Also, we know who the players are that are using the hack so could easily delete their characters or ban them completely in some instances. We haven't exercised this yet. We will update the My Engine to shut the practice down."