Sponsored By

Featured Blog | This community-written post highlights the best of what the game industry has to offer. Read more like it on the Game Developer Blogs.

How to Fight China’s Mobile Game Pirates & Avoid Clash Royale’s Fate

Clash Royale was cloned in China's massive mobile game market in just a week, becoming just the latest victim of Chinese piracy. Security expert Mary Min explains why this problem is so pervasive - and how developers can prevent it from happening to them.

Mary Min, Blogger

May 20, 2016

8 Min Read

With China on track to overtake the US in mobile game revenue on iOS in the next few years, developers are even more focused on launching their games in that market. However, rampant piracy and copycatting continue to be a challenge - perhaps becoming even more of a problem since I wrote about it last year. Here’s a look at the problems the industry faces in China now -- along with strategies for dealing with them.

Chinese Piracy: Fast, Cheap, Out of Control


Clash Royale clones in Chinese app stores

As it happened, I gave a related GDC talk last March right as just about everyone in the industry was watching aghast as Supercell’s blockbuster Clash Royale was cloned for the China market in less than a week. Just as notable is the cost effectiveness of this copy:

Take a look at the data in this slide:


Cost to create Clash Royale: Millions. Cost to clone Clash Royale: Thousands.

This info above is from a colleague who’s the CTO of a gaming company in China. After consulting with a few other Asian game developer colleagues, my team concluded this was an entirely feasible estimate in terms of numbers.

You’re reading the numbers right: It cost a company just $30,000 to build an extremely quick knockoff of Clash Royale, which after it launched, was earning almost a half a million a month on Android alone. Thanks to broad pool of well-trained engineers, it’s now possible to pay a pittance to quickly create a copycat game that earns back its development cost in just a single month.


Chinese Clash Royale clone’s likely yearly earnings

Do the math (above), and you can see how that revenue adds up. Assuming a $1.60 cost per install and a 1% conversion rate on both iOS and Android, we’re talking around $6 million a year gross -- so after the app stores take their cut, an ill-gotten profit for the copycatter of over $4 million. Which also shows why copycatting in China is so pervasive -- it’s a big business.

There’s an even greater cause for concern: I can say with confidence that there’s a high likelihood that the knockoff in question has used some or all of Supercell’s original source code -- particularly the communication piece between the server and client. I’m convinced there’s no way the copycats could have replicated that smoothness and speed (it’s very sophisticated tech) without having directly taken the source code.


Copycat vs. Clone vs. Crack: Defining the difference

Before we go any further, I want to make some distinctions between the different types of potentially infringing apps we see on the market. Some developers regard “copycats” as an accepted part of the gaming ecosystem, believing that imitation is the sincerest form of flattery. The question is, how far can you take it for something to be OK? Can you really say you “own” a particular gaming style? After all, no one would argue that Tekken, Mortal Kombat, and Street Fighter are copies of each other.

I break down apps into these three categories: copycats, clones, and cracks.

Copycats: Countless games, as any longtime gamer can tell you, are directly inspired by other games. This does not necessarily involve hacking or other infringing/unethical activity, especially when the copycat comes with substantial tweaks and additions to the original title. For the most part, the game is self-developed with its own code, and in doing so, the developer builds on top of a known game mechanic or idea and adds his/her own twist to the new game.

Clones: When a copycat involves pervasive imitation in every aspect of the game, and starts to include source code from the original game, we are entering into the realm of clones. These games are not self-developed, and primarily rely on the original source code for the game’s algorithms and logic. (Sometimes reverse engineered through recorded gameplay.) Most of the time. it is a simple “reskin” of the game, meaning the source code is largely untouched and only the graphics are switched out.

Cracks: Cracks are modified version of the original game that allows you to cheat, by getting free items/gold, allowing you to bypass restrictions placed by game designers (speed hacks, unlimited lives, etc.), removing ads, and other barriers that may be in place.

On left, Oniix/Game Hive’s official game Tap Titans; on right, its Chinese pirate Tap Tap Heroes

I explored these distinctions in a Gamasutra post last September highlighting the grief my colleagues at Oniix endured when their latest game, Tap Titans, was apparently copied in China. After playing the Chinese knockoff, they learned that not only was the surface UI similar, discovered, so were the leveling curves, scoring logic, etc. This was not just an imitation of their games images and UI design -- it was almost certainly an outright copycat that had also reskinned graphics on top of Tap Titans’ source code.  

Clash Royale and Tap Titans are not rare examples of the phenomenon -- the problem is rampant:   


Chinese 2048 Android clones as far as the eye can see

We took this screenshot above from a top Android app store in China. As you can see, there’s not just one knockoff of 2048, but numerous -- I count three dozen on just this one screencap from just one app store (there are thousands in China) alone.


These problems aren’t confined to China, by the way, but are quickly being exported overseas -- including and especially into the US. Last month, there a California court posted a ruling on Lilith Games (Shanghai) Co. Ltd. v. uCool, Inc, with Lilith alleging that uCool, a US-based company, had copied 240,000 lines of code along with the overall look of the game. According to a legal analyst, Lilith had a high chance of winning the lawsuit overall, yet their preliminary injunction was denied. The junction was denied even though many gamers in the public now believed it was Lilith which was the infringer, because uCool’s game was released to US app stores before Lilith could do so itself. Again, this is an example for why it’s so important to be proactive. You can take infringers to court, but by then, it may already be too late -- and the law might not help you enough to ameliorate the problem.


Cracked apps easily accessible through a Google search

… And this is from a US-based website that lists all “cracked” apk files for games. There are countless sites like this online. If that’s not a visual to convince you to start protecting your game now, I don’t know what will.

Now that I’ve hopefully laid out how serious this problem is, let’s look at a multi-prong strategy for dealing with it:  


Seven point app protection plan

Pre-Launch Code Protection: Memory Hacking Prevention, String & Binary Obfuscation

On the development side, you want to secure your code against multiple varieties of hacking. I explored these in detail in this Gamasutra post: “Six Strategies for Protecting Your Mobile Games Against Hackers, Crackers & Copycatters”. The key is these are pre-launch strategies, reliable only if they’re implemented before copies of the game are available to the general public. If you try protecting your app after it’s already in app stores, it’s too late. After a game’s already been released, it can sometimes require weeks of development time to retroactively secure a code vulnerability. And by then, as we see in the Clash Royale case and many others, hackers may have already done their worst.

In addition to protection on the code side, there’s precautions you can take on the business side:

  • Launch worldwide from the beginning: Many publishers hesitate to do this, and often don’t have the resources to do so. But at the very least, create a global rollout plan even before the initial launch, so you’re ready to globally expand as quickly as you can -- and start with China. The downside to a launch delay gives Chinese pirates time to put out copycats, build a fanbase, and tarnish your brand.

  • Scan the China market often: Your local partner in China (and we highly recommend having one) will probably need to do this, but it’s not just about scanning the Chinese app stores. You also want to search the web, to catch unscrupulous copycatters pointing people to their download sites. As for China’s major app stores, you and your partner should form good relationships with them -- know the key people who can help you immediately, when the inevitable finally happens.

As I noted above, my team has counted at least 100+ clones and copycats, and countless “cracks” for Clash Royale. And those are just the ones that are at the top of the leaderboards -- who knows how many lurk beneath the surface? Any mobile game, regardless of level of success, is a target for hackers. So if you’re developing games to become worldwide hits, preemptive protection must be an integral part of your plan.

Read more about:

Featured Blogs

About the Author(s)

Daily news, dev blogs, and stories from Game Developer straight to your inbox

You May Also Like