Fast and secure authentication for your gamers with BYOI

June 25, 2021
Expand your mobile game business to PC and web to reach new players.

Major data leaks are increasingly common these days. Old websites with failing security, new websites targeted by hacking, and the inside sales of personal information can release millions of passwords to the public. In many cases, people use the same password across different platforms and keep that password for many years. All it takes is one website you signed up for years ago to leak your password, and the world knows your current bank, email, and social media passwords as well. 

According to a 2019 poll from Google, 4 in 10 Americans say their personal information has been compromised online, and 47% of those lost money due to the compromise. Specific to gaming, the most extensive catalog of hacked accounts by Breach Report included more than 500,000,000 hacked user accounts for games and gaming forums. 

Cybernews and their personal data leak checker tool currently displays a staggering 15,000,000,000+ breached accounts affecting over 2,000,000,000 unique email addresses


One way to combat this is with unique passwords for every platform, mitigating the chance of having a single point of failure. However, this method is hard to manage in practice. Password managers are an option, too. But using them may not be convenient for everyone: one needs to have the manager installed on a PC or mobile phone and have it within an arm's reach whenever they log into a game. Not to mention having to update the password database constantly. As seen in the above poll from Google, only 15% of users use these tools, despite many people saying they need a better way to track passwords.

Gamers, who regularly use different services across many different devices, know the pain of needing to remember a different password every time they sign in. Social media sites like Reddit and Twitch, community platforms like Discord, and gaming storefronts like Steam and Epic are just some of the many platforms a gamer uses regularly. Game developers could (and should) think of gaming-oriented solutions to improve their security, mitigate the chances of a data leak affecting their customers, and create a user-friendly sign-in experience. This is where BYOI - bring your own identity - comes in.

What is Bring Your Own Identity (BYOI) and why is it important?

Considering all of the current problems with password management, security, and convenience, there’s a need for an all-encompassing tool that does the job. Something that acts as a password manager, works across platforms, and is both safe and convenient for the user. A system like that would undoubtedly be helpful to you as the developer.

Bring your own identity, or BYOI, takes form when digital authentication, when signing up and logging on, is managed by a third party. While traditionally requiring a username/email and a password to sign up for a website, BYOI presents the user with choices to use an account they already have. You may have seen examples of this already on sites that allow you to sign up or into a platform using your Facebook, Twitter, or Google account instead of creating a specific one for that site.

Typically, websites offer several social media hosts to choose from with their BYOI, as seen in Patreon’s sign-up portal here. Instead of signing up with a name, email, and password, users can simply register an account using their chosen platform and be signed up or logged in with just a few clicks


BYOI, in the context of gaming, allows players to get right to playing. Creating an account can discourage players by requiring a new username, password, password security checks, password confirmations, and so on. With BYOI, reusing passwords is not an issue. With a properly established BYOI ecosystem, players can use the same authentication method to log into your games, as well as other applications and services that you offer. 

Not only is BYOI more secure than reusing old passwords, but it’s also more convenient than using the same password repeatedly. It’s crucial to have an optimized customer journey and foster a convenient registration and authentication process - the more straightforward your customer journey, the higher your conversion rate. We talk further about the importance of a simplified user journey and the collection of data here

Considering that gamers use many accounts across many devices, you’ll want to make your sign-up and sign-in process as quick and easy as possible. The last thing you want is to have a gamer commit to signing up for your platform or website, only to turn them away with a lengthy and unsafe signup process. Studies show that long registration or payment processes are a leading cause for exit and bounce rates. With BYOI, players who sign up with you can seamlessly transfer themselves to online, in-game accounts with the click of a button across your entire online environment. Using a custom launcher, like Xsolla Launcher, can make this part a breeze.

However, setting up BYOI can be a challenge for developers. Adding support for dozens of services and platforms is necessary, especially ones that gamers frequently visit - is no small feat. Depending on your region, the involvement of money, and other factors, there may be regulations to comply with. Also, since no two platforms are created equal, they almost always require specific integrations for each service. Developing a solution that meets the necessary technical limitations can be a complex, time-consuming, and costly process. 

Registration using social media accounts may not grant you your users' emails, which is a wasted opportunity for marketing efforts. Existing BYOI solutions can offer registration or authentication via Facebook, Twitter, etc., but not the emails behind those accounts. Plus, you’ll need a convenient and secure way of collecting and storing these emails, which can present a whole new problem.

On top of it all, regional regulations, such as the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA), can be a real headache. Even if you manage to get user emails somehow, it's necessary to store them the right way and delete them if necessary. If you mishandle this data, that's a problem for many reasons. Finding a boilerplate solution that fits your needs can be complicated as well. 

Luckily, there’s Xsolla Login.

Meet Xsolla Login

Xsolla Login is a complete, games-oriented solution that brings BYOI to the gaming ecosystem. Xsolla Login supports over 30 different third-party platforms like Facebook, Google, Steam, Twitch, Discord, Xbox, and more - compared to the typical three or four platform options provided by other BYOI systems. This variety allows you as the developer to choose the ones that suit your needs depending on your products’ platforms and regions and enables gamers to pick and choose whatever account is most familiar to them without ever having to create a new account. 

Plus, if you have several products or platforms, including games, websites, mobile applications, and more, players can use the same credentials across the board, even live chat support systems like Zendesk. Xsolla Login’s proper use of Open Authentication and Single Sign-on (SSO) will ensure an extremely simple sign-up and sign-in process on the gamer’s end. Xsolla Login only needs to be set up and integrated into your products once, unlike APIs with multiple points of contact to maintain. This makes Xsolla Login quick to set up, easy to integrate, and safe for both parties to use.


Deployed instances of Xsolla Login, with custom branding and multiple sites to choose from

Xsolla Login boosts marketing efforts as well. Suppose a user chooses to sign in with social media accounts through typical BYOI portals. In that case, it can prove challenging to collect email data due to some social media services not providing this information. Xsolla Login can obtain user emails for use in marketing activities by detecting if the authenticating third party provided their email. If it wasn’t, it redirects the user to a page where they re-enter the email for confirmation. Xsolla Login is also fully customizable and currently supports over 20 different languages. Like many other Xsolla products, you can tune Xsolla Login to your liking and incorporate your company’s branding and design language.

Just some of the customizations that are possible with Xsolla Login

Regulations such as the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other regional regulations can be an issue with other BYOI solutions. However, Xsolla Login supports all of the principal regulations and restrictions and keeps everything in compliance, meaning you’ll never have to worry about the legal side and safety of the data.

Xsolla Login supports Unity, Unreal Engine, HTML5, and WebGL integrations, so it’ll work across most web platforms and major game engines. You can find more information about the integration process here. Xsolla Login is entirely secure, too. It features redundant duplicates of storage protected by two-factor authentication, rate limiting, and DDoS protection. Xsolla Login also employs AuthRank to provide end-users with the most relevant authentication methods based on geolocation and personal behavior.

This all comes at no additional cost if you already use other Xsolla products. If not, Xsolla takes a 5% fee off every transaction that goes through the Xsolla Login portal. This means you can deploy the Xsolla Login without any upfront costs that would otherwise keep you from deploying right away.

In Summary

Xsolla Login is an essential tool in creating a safe, secure, and user-friendly sign-up process for players. Xsolla Login isn't just an alternative to traditional or BYOI authentication and registration; it allows you to cut integration time and expenses, handle technicalities surrounding regional regulations, and safely and securely ensure that your user data is protected. 

With no up-front costs and easy integration, you can deploy Xsolla Login now across your websites, game launchers, and other platforms. At the same time, you can gather additional customer information for better marketing and community-building efforts. 

Find out how you can use Xsolla Login to power your studio’s BYOI needs, and talk with an Xsolla account manager at business@xsolla.com to get started today.

Maximize Mobile Revenue On Android
5 Ways To Convert Players To Subscribers
System
Status