Meta announced it’s introducing new anti-piracy measures for Quest developers that the company says will protect VR apps from “unauthorized modifications and potential security breaches.”
Called the Platform Integrity Attestation API (Attestation API), Meta says its new system is designed to detect whether an app’s server is interacting with an untampered VR device, thereby ensuring whether an app is authentic or not.
The Attestation API includes things like secure device authentication, hardware-based app bans, protection of financial and enterprise app data, prevention of external data misuse, and other anti-piracy measures.
In a developer blogpost, Meta calls it “increasingly important to instill a consistent method for validating the integrity of apps in order to provide a secure and safe user experience for everyone.”
It remains to be seen what effects this will have on modding communities, since modders for Quest games such as Beat Saber may inadvertently run afoul of the new token system at the core of the Attestation API.
“Once integrated, the API will provide you with an ‘attestation token,’ which you can use to determine if an app running on a Meta device has been tampered with,” Meta says. “This token is cryptographically signed by the Attestation Server to reinforce the security and reliability of the attestation process.”
At the time of this writing, we have not yet received a response for comment from Meta on what effects it may have on those communities. We’ll update this piece when/if we do.
Meta is allowing developers to opt-in now for their Quest apps, which spans Quest 2, Quest Pro, and the upcoming Quest 3, which is slated to launch in late 2023. Meta has published documentation for both Unity and Native.