On July 1st we pushed a sizable update to our game and transitioned from paid access to free to play. In the one month we’ve been F2P we’ve racked up:
- 6 million visits with an average player count in the ~2500 range (higher at launch)
- 2,964 moderator issued bans (~40% assisted by user reports)
- 25,342 automatic anti-cheat bans at a rate of ~817 per day
Keep in mind that these stats represent our first month after a major release. We expected them to be high. Trying to sample parts of our data to get a strong guess at our monthly ban count moving forwards still gives us a huge number of bans.
It is exhausting and demoralizing dealing with exploiters all the time. The enjoyment I get out of developing games on Roblox doesn’t even start to outweigh the burnout myself and my moderation teams suffer through. It’s so much larger of an issue than just an anti-cheat problem and it never feels like any meaningful progress is made by Roblox to assist developers with these issues.
All the security work in the world won’t make up for the fact that I can’t even keep a person out of my game let alone report them to the platform they’re breaking the rules on. I’m tired of kicking individual accounts after they join. I want to ban a person from my game because I caught them cheating, and I don’t want them coming back or even being able to press play. I want these people to have real consequences for their actions. I want the effort I put into my anti-cheat to not be totally undermined by a social platform that only has one developer facing moderation tool (with outdated docs and no tutorial for making the ban system the docs refer to).
I understand that there is no actual way to keep people from getting around a ban but quite literally anything is going to better than the current nothing we have to work with. Ban evasion getting harder and harder to pull off implies less and less people ban evading. As a developer I’d much prefer to manage a lake instead of an ocean.
There is often a lot of general advice thrown around in anti-cheat and exploit conversations. The sage “Don’t trust the client” tip, securing your remotes, do physics checks, so on and so forth. It’s all great advice and well worth following but it doesn’t change the fact that we are limited in our ability to actually combat problems with our experience. I’m not advocating for increased trust levels for developers, I’m just stating that this is a problem developers are stuck with. We have a by-design disadvantage when it comes to dealing with exploiting problems.
If developers are going to be hand-held when it comes to what we can and can’t do with this platform, then Roblox needs to have a far bigger presence in assisting with serious exploiting issues that developers cannot properly deal with.