If you’ve been following us for the last few days, you’re probably familiar with the recent outburst against Valorant’s anti-cheat system which took the internet by storm. Not only Riot’s so called “safe” anti-cheat system was found to cause performance issues in other games, but the kernel mode anti-cheat driver loads as soon as the operating system boots up. Claims that Riot went too far this time and that they’re invading people’s privacies were raised all over the internet, even across cheaters’ forums. Such a heated situation was defamatory for the legendary franchise behind League of Legends and they had to step up to loosen up the atmosphere.
Valorant had managed to gain insane popularity among gamers across the world. The competitive shooter was quick enough to reach the world record for the maximum concurrent viewers on Twitch, matching the likes of Fortnite and League and shattering the record of CSGO, its primary rival in the genre. With such a huge fan following, rumours about the franchise stealing data spread like wildfire and raised genuine concerns among gamers. Through a blog post made on Friday, Riot’s security team tried to clear up the misconceptions players might possess about their anti-cheat software.
Riot’s security team consists of Chris Hymes (Data Protection Officer & Chief Information Security Officer), Mark Hillick (Director of Security), Clint Sereday (Anti-Cheat Product Lead), Daniel Hu (Data Privacy Product Lead), and Warren Kenny (Application Security Product Lead) who started the post by admitting that “there’s been a lot of conversation about Vanguard and its kernel mode driver.”
While stating the philosophy behind Vanguard, the team made it clear that they had no interest in harvesting players’ personal data, “Vanguard does not collect or process any personal information beyond what the current League of Legends anti-cheat solution does. Riot does not want to know more about you or your machine than what is necessary to maintain high integrity in your game. The game data we collect is used for the operation of the game and integrity-related services such as Packman and Vanguard.”
They then proceeded to inform players about the architecture of Vanguard, but not so much as to compromise the security of their anti-cheat system and make the entire concept pointless. They mentioned that Vanguard consists of three components: The client, driver and platform.
The following mechanisms of these three components are stated exactly as mentioned in the blog post by Riot–
- “The client (user-mode) handles all of the anti-cheat detections while a game is running.
- The client needs to communicate with the platform to receive detections and in order for a player to be able to play.
- The client does not consider a machine trusted unless it recognizes the driver; untrusted machines cannot play VALORANT.
- The driver (kernel-mode) is used by the client to validate memory and system state, and to make sure the client has not been tampered with.
- The driver runs at start-up to prevent loading cheats prior to the client initialization.
- The driver can be uninstalled at any time (“Riot Vanguard” in Add/Remove Programs), although VALORANT won’t run without it.
- The driver does not collect or send any information about your computer back to us.
- The driver has been signed by Riot’s own EV cert, which has in turn been signed by Microsoft as per their code signing process.
From the blog post it’s evident that Riot are open to communicating with its fans about the anti-cheat. Towards the end they mentioned that “Players have every right to question and challenge us, but let’s be clear—we wouldn’t work here if we didn’t deeply care about player trust and privacy and believe that Riot feels the same way.” From the current looks of it, it truly appears that Riot aren’t keeping any secrets from the players of VALORANT.