I don’t know his game, so I can’t think of a great answer to that. However, the checks can be directly proportionate to actions in game that only a human would be performing (or a bot so advanced nobody would build it).
None that all human players can solve.
I could just put something heavy on W and i’d be walking forever and putting in input to the game, or I could set up a basic macro.
You’re the maker of your game, you’re the one who’ll know what’s unusual behaviour for your game such as if they don’t do any sort of activity in your game.
The game involves a lot of exploring and social aspects, like talking to other players.
Check for repeated movements in mouse or wasd movements. Try logging those movements and see if they’re repeating themselves over and over again frequently enough. A 20 second log lifetime for each movement seems good. If the player starts spamming their mouse check their wasd movements and chatting, and etc…
Thanks, that seems like a decent approach.
it won’t be that efficient, but most certainly appears on most incorrect gameplay :
EDIT : means it wouldn’t really distinct BOTS as it also involves noobs of the game at this point
(i don’t know the goal of your game, but take for example Bloxburg)
It’s a game with very troublesome statistics such as Hunger, Sleep, etc…
The popup would eventually appears if the game see the player is in bad condition for some times.
The problem with bloxburg is that those aspects won’t be a “game over” mode. Most exploiters would teleport the user instead of making them walk to move somewhere as it’s more efficient and bypasses any slowdowns.
Yes, if a stat is lowered the player will become slow or have a side effect that you don’t want but cheaters would very likely just cheat there way around this like I said before by teleportation.
Good point - this works for bloxburg because they have a system which requires you to eat, shower, etc, which can then determine inactivity, but I don’t currently have a system like that
You’re vastly underestimating this possibility given the exploiting community basically solely dedicates to reversing network protocols of rbx games now, for nothing at times.
If you really want to do something against auto clickers and ‘ghost mode’ (although I wouldn’t as it’s just not worth it), try asking for a code very rarely, maybe once in every 10 cheques, if the player spams the submit button constantly without entering a code it’s very likely they’re using an auto clicker as they would otherwise read the text asking for the code and then enter that into the box.
Also, why have such long codes? What’s wrong with just one or two letters, maybe even easier would be to ask the player to press a certain key on their keyboard.
Well it can get repetitive overtime. Having a randomly generated text would be another problem as the exploiter can read it. You’ll need a set of pre-made text labels.
The code is 4 characters long now - I shortened it after the picture.
And in terms of pressing a key, the player should be able to replicate that fairly easily in Ghost mode
I don’t think you would be able to stop bots. And if you do, it might get too hard or anyoing for legit players.
Good luck tho 
I’m not sure what you mean by the exploiter can read it? If the exploiter is reading the text anyway who cares if they’re exploiting. If you’re talking about literally reading the contents of the TextLabel, we’re getting into advanced exploits which would need to be unique for that game; something that rarely happens unless your game is front page for more than a few months and there is a real financial incentive to make that exploit.
Either way, if you’re getting into worrying about things like that it’s not worth doing anything as changes would likely impact the innocent player more negatively than the exploiters.
why not just move the cheque gui to a random position on the screen each time?
I doubt reading text labels is unique or advanced. Aren’t there popular exploits that let you run code on the client? It would be fairly easy to read a TextLabel using that.
If you look at any ‘hacker forum’ that does Roblox exploits, pretty much no one understands code or knows how to exploit themselves, the limit of their knowledge is using a premade program. Only a few people on those forums actually know how to code, and they have to make the scripts for everyone else to use. Yes, you could write a script in lua which reads the TextLabel, clicks the button then cashes the cheque, but this would still require an exploit unique to this game, most people don’t do that unless it’s super popular.
Perhaps an imagelabel isnt too bad of an idea, but they can just as easily create a table with each image and it’s text, then index this to get it’s contents, it’s not much of a jump for someone who’s already written a script to read the TextLabel then click the button.
I was thinking that, but it would look a bit ‘off’ (as it would no longer be centred), and for mobile the frame already takes up most the screen
it’s unlikely you’ll get someone using an auto clicker on mobile, but if you’re really worried about about cheaters and don’t want to use verification codes, I don’t see any other option, unless you implemented some sort of game or task where players will actually have to interact with your game to earn their money (like in club penguin where you had to play minigames to earn coins).
I still plan to have verification codes, but only pop up for people who the game thinks are trying to cheat
Nice suggestion. I think eventually I’ll try to shift the focus of income away from cheques to minigames and quests they can take part in.