TRIBES 3 uses Denuvo’s anti-cheat product to ensure fair play and create a great experience for our community.

We do NOT use Denvo’s DRM product.

Denuvo’s anti-cheat product is NOT the same as their DRM (digital rights management) product.

Our development team ran performance tests playing the TRIBES 3 game with and without the Denuvo anti-cheat product, and did not observe any noticeable performance difference.

We have also not observed significant differences in player performance relating to Denuvo anti-cheat during multiple external playtests with large numbers of players.

We absolutely understand there are concerns about Denuvo’s systems affecting PC performance, but please keep in mind we are using their anti-cheat system, NOT the DRM product. Many of the performance concerns we’ve heard have been around use of their DRM product, and we do not use that product.

From what we’ve observed, there is a trade-off between: 

A) Improved performance from Denuvo's anti cheat in terms of catching cheaters (from what we saw in all our external playtests), relative to Easy Anti Cheat, which could create a more fair game and fun experience for players.

B) Potential reputation challenges associated with using Denuvo's products, which could lead to less players, review bombing, and general concern around playing TRIBES 3.

After several external playtests that included Denuvo’s anti-cheat solution, we have decided to launch TRIBES 3 using Denuvo anti-cheat because we’ve seen that it does catch more in-game cheating relative to EAC. And that improved performance aligns with our main goal, which is to create the best, most fair game experience possible for all of our players.We have also seen that by being transparent, many players have become less concerned about the use of Denuvo’s anti-cheat system.

This FAQ has LOTS of helpful questions and answers to help provide more information for each player to make a decision on whether they’re comfortable playing TRIBES 3, given that the game includes Denuvo anti-cheat. Ultimately, we recognize it is your choice, and hope you choose to join us!

• We are seeing the ability to catch more cheaters (there aren't many, but the goal is always zero). This data came consistently from multiple external playtests.

• On the back end, we receive a lot of detail about any modifications that makes it much easier to confirm someone is truly cheating.

• That confidence allows us to do VAC bans or hardware bans (which we don't take lightly), and may deter cheat developers in general as a result.

• The tooling in general is also easier to use for our support team, which is a nice to have.

Yes it is a kernel level system. This is also the case for many other widely used anti-cheat systems in gaming, such as Easy Anti Cheat! (EAC)

However, unlike some other kernel level anti-cheat systems, Denuvo’s kernel driver only runs while the game is running. Denuvo has more information about their decision to use a kernel-mode driver available here.

Push to Talk also recently released an article discussing some of the concerns with modern anti-cheat solutions. While it does not talk about Denuvo specifically, it includes statements from some of the leading developers in the anti-cheat field.

Denuvo anti-cheat is compatible with Proton, including Steam Deck/SteamOS. It is not supported natively on Linux (and TRIBES 3 does not currently offer a native Linux client). It may not be compatible with other Linux compatibility layers.

Troubleshooting for common installation and runtime issues can be found here

‍Thank you to our community member for these thorough questions and Denuvo for their responses. Formatting edits are our own, we directly quote wherever possible below.

Denuvo: As you can probably understand, we can’t get into the details of exactly how our solution works, but we will try to answer all of your questions as transparently as possible.Generally, compared to our competitors, our solution is the most flexible one when it comes to the kernel mode driver. It doesn’t need to run during Windows startup, not even on game boot, as we leave it up to the game developers to decide which game modes the Anti-Cheat to be running in the background. If you only stick to modes which do not require the Anti-Cheat, you never need to install our solution on your system.

Do you have a list of such tools that would cause the anti-cheat to trigger if they are running when the game is being played?

No, because none of these tools triggers our system if not doing any malicious interactions with the game.

Is this detection configurable by the game developer?

Yes, in the end, the game developer can decide what counts as cheating and what doesn’t, it’s a server side policy decision.

Would just having such tools merely installed cause a detection or would they have to be running?

No, not even when they are running in the background and, depending on the decision of the game developer, not even if used on the game.

Could they be running, but not attached to the game process?

Yes, and even if they interact with the game process, it’s up to the game developer if they want to allow it or not.

Could someone who is concerned about the kernel level access on Windows PCs play the game in a virtualized environment (say Ubuntu on WSL2) without triggering any detection?

Yes, it would be possible to run the game in a virtual environment, but the game experience will probably suffer independent of any anti-cheat solution, due to the additional layer of virtualization especially when it comes to performance intense things like render calculations.

But generally, there is no need to be concerned about a kernel level anti-cheat per se, this https://www.pushtotalk.gg/p/the-gamers-do-not-understand-anti-cheat recent article describes it very well. If someone wants to harm you, there is no kernel mode access required, the game application itself could contain the necessary code and do everything in user mode already. The problem is that the most sophisticated cheats nowadays run in kernel mode, and you won't be able to detect them if your anti-cheat only runs in user mode.

What about routers and local traffic shaping?

Denuvo Anti-Cheat does not try to detect any particular router and traffic shaping behavior. We are only depending on establishing a connection to our server and there is a fallback to HTTPS.

Do you have a list of general or specific hardware that would trigger detection?

We cannot share what causes a detection as we don’t want to advertise certain devices and as said above, people using such things know what they do and shouldn’t be surprised if getting sanctioned for it.

Do you have a list of IPs that data gets sent to so that they could be whitelisted?

We can’t list the IPs as our system is hosted in the cloud and IPs can change, but you can find all the URLs required by our system on our support page which can be found here: https://support.codefusion.technology/anti-cheat/?l=english&s=ac&e=2003

I presume if the IPs were blocked, it would not necessarily trigger a detection, but would cause some sort of connection or token error- is that correct?

You are right, if we don’t see a player reporting, we will notify the game server which will take action.

Some streamers have setups with multiple PCs and video cards - will that cause any detections?

Same situation applies as above, we are aware of the software and hardware solutions which are used for legitimate purposes (e.g. streaming), and do not make an effort to monitor any actions performed by the user which did not affect the fair play.

When the detection is triggered what specific information is sent?

The data we collect is not detection related, the same data is collected for all players.

The EULAs I've read have included terms like 'WITHOUT LIMITATION' and 'ANY OTHER RELEVANT INFORMATION', which is quite concerning since it doesn't provide any specificity and both those phrases suggest unfettered and unlimited access to the entire system. The same EULA says it is sent to the developer (Prophecy/Hirez), but most of the documentation I've read on your site suggests it goes to you instead. Does it go to both?

Most modern games contain proprietary code that sends data to some server in the internet and also additional third party code that does the same. The EULA covers all of these stakeholders at once, as the game developer acts as the data controller and if the data is required by a third party, they (in this case we are one of them) act as the data processor.

We don’t know which data is collected by the game developers or other third-party solutions used by the game.

Thanks for pointing out that it only lists the game developer as the receiver of this data, we will get in touch and make sure this gets updated prior to the actual game launch.

Update to Answer Above - How Data Is Used

In the TRIBES 3 EULA, we do specify how data is used for anti-cheat systems, but this section is sometimes passed over because it’s located in our privacy policy section. Here is the relevant excerpt from our EULA:

‍We only provide data to anti-cheat providers that is necessary to secure our products. We therefore provide the following end-customer data to Denuvo - User ID, IP address, access date, country, platform-specific entitlement information, and data associated with a player such as information about hardware and software used to play the game, information about played games sessions, and details about unauthorized third-party programs (incl. date and time when the program was detected), along with statistical data such as information about the game process, OS kernel and applications interacting with the game process.

Additionally, Denuvo may create a hash of technical data of the used hardware to verify that only end-customers can access our products. This hash does not include any personal data and cannot be decrypted by Denuvo. The information in the hash therefore is completely anonymous.

The formerly mentioned data of end-customers is only processed as long as it is necessary to secure our products. This data will be erased if Denuvo has no legal obligation to store the data longer. Generally, after termination of the contract or period of limitation to protect against damage compensation and/or warranty the data will automatically be erased.

To process the former mentioned data of our end-customers, Denuvo uses the server infrastructure of Amazon WEB Services Emea Sarl, 38, Avenue John F. Kennedy, L 1855 Luxembourg (“AWS“). AWS has very high security standards and has taken all technical and organizational measures that everything is fulfilled according to the GDPR in the EU. AWS has ISO 27001, SOC 1/2/3 and PCI DSS Level 1 certifications.

The formerly mentioned data of end-customers processed by Denuvo will be transmitted to servers in the EU only.

‍Do you/they get the entire contents of RAM?

No, we don’t do that, we only monitor specific parts that are related to the game process itself.

If, say, someone had a Word document open, could you see the contents of that? Would you be able to read the browser tabs that were open or the page contents of sites open? What about messaging software contents like Discord, Slack, etc?

No, we are only monitoring the game process, as long as the processes don’t interact with the game process, they are not looked at. This wouldn’t even be relevant to find cheaters, so there is no reason to do anything like that.

If a detection is triggered, why would you need more than the offending process/device, account name/id, IP, and hardware hash?

Our solution does the cheat detection on the server side and in order to identify the cheat, we need to gather certain data. This data is mostly anonymized and collected and stored in a GDPR compliant way.

I hope we could resolve your concerns about our solution and we will soon see each other in Tribes 3!

Are you able to share a list of other games that are currently using the anti-cheat product? I understand that this might be a tough ask, and completely understand if you are unable to. My intent is to check out those communities and see what their experience has been. Most of the lists available through search are largely about the anti-tamper and they either conflate the two products or don't realize they are different.

Regarding games using our Anti-Cheat solution, unfortunately, I cannot tell you as much as I would like, as we have NDAs in place with our clients. The only one that I can share is Marauders from Small Impact Games, who were so kind to do a public case study with us on their experience using our solution. You can find more information on that here (requires your email address again): https://irdeto.com/guardians-of-fair-play/