Reading the whitepaper, the whole thing seems like it's focused on promoting Arxan's services. It's entirely possible that the presentation itself took a different tone/direction, but the whitepaper itself was fairly contentless sprinkled with a few good points about older MITM attacks exploiting the In-App purchases for iOS and the high piracy rates on Android in China and Russia.
Really that last part is the thrust of the article -- high piracy rates for which they don't really offer any solution except DRM and always-online games. (To their credit, they do make the recommendation of "some sort of protection on the networking layer, in-memory layer, and on disk layer...as well as portions dealing with receiving and unpacking the player's saved game or state.")
Everything else was either misleading, fairly obvious non-suggestions, or just plain outdated information.
- Whitepaper dedicates a section to lost revenue from a MITM attack allowing iOS users to get in-app purchases for free. The reference they use is a 2012 article from the Guardian talking about how Apple already fixed it. Specifically, this was relating to iOS 5 and has since been resolved. While Jailbreak options still exist, the whitepaper does not mention these nor does it discuss any other actual leak.Referenced Article
- Whitepaper has section on Flappybird clones which reads:
...However, by March 2014, approximately 60 Flappy Bird clones a day were being added to the iOS App Store...Worst of all -- a reported 79% of these clones contained malware.
This section has a reference that points to a McAfee threat report from June 2014 - as the section reads, "these" refers to the clones on the iOS App Store, however, the McAfee report clearly shows that this is Android stores that are plagued, not iOS. http://www.mcafee.com/us/resou... Page 6
- Whitepaper has a section on how hackers damage communities, which is not incorrect, however, they provide the following "helpful" tips:
- Learn how to tell when a hacker hacks
- Include banning as a feature
- Look for reports of hacking
While these are not bad suggestions, they're also absolutely common sense for mobile game developers, or just people dealing with problems in general.
The submitter is absolutely right that this could have been a really keen presentation, but based on what they produced in the whitepaper, it sounds like a business trying to drum up some more business for themselves with misleading and/or useless information.