Davis discussed video game cheating and how it affects the multi-billion dollar interactive entertainment industry in a lecture, "Protecting Computer Games and Entertainment Security," on Wednesday in the Haldeman Center.
Davis, the author of the 2009 book "Protecting Games," explained many forms of video game cheating in the lecture, from "gold farming" a widespread practice in multiplayer online games where players sell in-game resources for real-world currency to individuals utilizing security flaws in casinos to rig slot machines.
Although simple systems to prevent cheating could save the industry money and even potentially generate profits overall, video game companies are reluctant to spend money on security measures because they think that they will not generate high profit margins, according to Davis.
"Security, after all, doesn't really exist in the abstract," he said. "It is a direct, bottom-line issue."
Davis explained that companies are reluctant to act against gold farming because of what they see as unequal incentives.
While companies treat cheating as a customer service problem, gold farmers envision a multi-million dollar industry, Davis said.
"Guess who wins," he said.
But security that improves industry profit margins should be attractive to video game companies, Davis said. Digital rights management software, for example, has already provided new revenue streams by prompting users of pirated software to buy legitimate copies instead, he said.
"If it doesn't save you money, make you money, keep you off the front page of the newspaper don't do it," Davis said.
Finding effective ways to provide security is a more complex question, he said, noting that simplicity is important.
"If you can't explain your security concept in one PowerPoint slide or to a second grader, it's probably too complicated," Davis said.
Despite the need for simplicity, the best method is not a single system, but instead a combination of security measures that create fail-safes for each other, he said.
Even after creating multiple layers of security, it is impossible to completely prevent cheating, Davis said.
"There's no such thing as being secure," he said. "The key is to make the bad guy work a heck of a lot harder than you."
Davis said he became interested in video game security after watching an episode of the television show "Nova," which asserted there was no way to prevent cheating in the online gambling industry. Proving the program wrong changed his career path "in a radical, unplanned way," he said.
Too many security experts focus on macro level security, Davis said, explaining that some of the most interesting security problems are found "deep in the specifics of individual businesses."
Before entering the interactive entertainment industry, Davis worked on a range of commercial and government ventures, including designing nuclear controls for the National Security Agency and assisting U.S. Treasury and Department of Defense projects.
The College's Institute for Security, Technology and Society sponsored the lecture.
