after a lot of testing i have come to a conclusion
the anti alt does indeed work, however: it does not detect freshly made alts as of right now. alts need to be used for a bit before they’re noticed
Half a year and this API is still broken. This is the magic of what’s supposed to be part of our developer share!
3 Likes
there is also an Syntax Error in the Code Samples for BanAsync and UnbanAsync
the code samples are Banning Users and Unbanning Users
Syntax Error: Expected ‘(’, ‘{’ or when parsing function call, got ‘)’
Even that is broken now?! LOL
That’s exactly why I reverted back to the old way for my admin. Waste of my time.
1 Like
Wait this is so embarrassing. I intended to throw in some typing for clarity but it’s clearly not how it should be done. I’ll get that fixed 
2 Likes
We have not abandoned work on improving this API. We are still in the planning stages for what we want to release this year, but I am optimistic that it will be a material improvement over what we released last year, especially when it comes to bolstering your own anti-cheat systems.
As for the alt accounts service, we are very aware that this is the biggest issue with what we have released so far. However, I do want the chance to explain why it is what it is right now. We sometimes call it the sibling problem. How should our systems disambiguate the difference between one real person creating two accounts on the same machine versus two siblings sharing the same family computer? To us, this is a big user experience problem that we cannot just waive away, so we try to incorporate other signals that might change our confidence in the accounts being linked or not. With all of that taken into account, our confidence threshold is necessarily very high, resulting in many false negatives.
6 Likes
The current system just does not really consider how alt accounters operate. The failure of this system is in its inability to counter alt hoppers. What happens is a problematic user gets banned, and then they immediately hop to one of the 100+ alts they have in cold-storage. The current system, which seemingly requires long-term pattern usage, does nothing to account for this situation. There needs to be some kind of heightened detection measures within the first ~5 or so hours of a ban. If someone gets banned and then their alt which hasn’t been online for 2+ months suddenly tries to join 5 minutes later, it should be banned regardless of whether it’s a “sibling” or not.
“My brother cheated on my computer!!” oh well. If your siblings are cheating, trolling, chat bypassing, etc then as a developer I want the ability to nuke the machine from accessing my game. There will never be a proper way to distinguish between them if they’re using the same computer. Judging by the really bad detection rates currently I think a different approach is needed that takes into account developer needs more than extreme edge-cases. A detection rate of ~15% is simply broken. Right now the system is throwing away all detection to tiptoe around this issue. When the same guy returns 10 times using some chat-bypass script to spam slurs, as a developer and moderator I want to be able to remove his access to our games regardless of whether Roblox thinks CheatlifePRO74 is a potential ‘sibling’ of CheatlifePRO73.
Really what would help massively would be a better way for developers to detect exploits to begin with, as most of the issues we encounter with alts are from cheat addicts.
2 Likes
I want the ability to nuke the machine from accessing my game
a better way for developers to detect exploits to begin with
I hear you. I really cannot promise anything, but we are strongly hoping that we can address these two issues directly.
5 Likes
I would like to have the option to ban from just one private server with the Ban API by using the game.PrivateServerId. At the moment the Ban API is useless for Admins on Private Servers which means that I have to run 2 Ban Systems parallel.
There should be the option to ban from the entire game (the way how it works at the moment) and the option to ban from just one private server (the way I mentioned above).
If the problem is the confidence threshold why not let the devs define thesmelves what should be the checks? What if I want the entire machine to be blacklisted from my game?
I like this feature a lot. As I’m reading, it’s only allowed to ban 50 players maximum. For games with a lot of players and rule breakers, it can be challenging because the chance that there has to be more then 50 bans is high. I request that the maximum should be unlimited or atleast 1000-5000
A good update would be so if you are banned from your main or an alt acount you get banned on all acounts that you have entered from that device so if i use my pc and get banned all my alt acounts get banned as well because you have entered from your device in those acounts.This would be more helpful for game ban not acount ban so if you get banned from a game you get banned from your alt acounts as well.I know this wouldn’t be very effective because they probably have other devices or just create new acounts if those aren’t susceptible to the hardware ban but it would be effective at discouraging this practise so the same players actualy face consequences and nuke them in the worst way possible.
1 Like
you can only ban/unban 50 players at a time using BanAsync and UnbanAsync.
you can have an unlimited amount of concurrent bans though
“My brother cheated on my computer” is the “my dog ate my homework” of ban appeal excuses. This ‘problem’ being part of the rationale behind weakening the Ban API is VERY discouraging to hear as part of a development team trying to create a fair, fun, competitive game on the ROBLOX platform.
Your systems don’t need to disambiguate the difference - this sibling problem represents an edge case, not the majority of scenarios. Most alt accounts are intentionally created by individuals attempting to bypass rules, exploit systems, or evade bans. Designing an entire system around rare edge cases leads to inefficiency and harms the majority of developers trying to create a fair experience.
Your account moderation systems can detect behavioral differences between two legitimate users and one person controlling multiple accounts. Playstyle patterns, IP activity over time, device metadata, and session overlaps can help differentiate real siblings from exploitative behavior. Please use it.
Weakening the Ban API due to uncertainty about a small subset of sibling accounts risks enabling rampant abuse by rule-breakers.
Let me state this more clearly - the integrity of competitive game experiences that will generate revenue for ROBLOX and help “age” the platform into an older demographic is under threat. While the ‘sibling problem’ is a real technical challenge, it should NOT be used to justify weakening the Ban API - the only real means to keep bad actors out of experiences.
Edge cases shouldn’t dictate the broader enforcement strategy, especially when advanced behavioral analysis and appeal mechanisms can address these rare scenarios without compromising overall system integrity.
4 Likes
Sadly I almost guarantee half of these nonsensical requirements aren’t actually put forth by the people developing the systems and instead mandated by higher-ups who don’t actually understand what these systems are for. Same reason the exploit ban policy is 1day-3day-7day-deletion instead of immediate termination. Policy designed to keep metrics stable rather than empower developers to combat bad actors.
1 Like
What ? You can ban a unlimited amount of players…Imagine if you could only ban 50 that would be useless
You can only enter 50 IDs at a time.
1 Like
I’m ngl them using this as an excuse for their failing API raises a big red flag for me. It’s not rational. Half a year of stagnation and the excuse we get is something a child would come up with.
4 Likes
Ohhh! i get it now, thank you!!
One question, sorry if these are already answered but I really don’t care. Does this apply to ALT accounts? If the Roblox Banning API detects an ALT account bypassing a ban issued on the main account, would it automatically result in a ban, and can this ban not be removed by game creators? Does the individual have to contact Roblox support specifically to have it removed?