There’s been a bit of fuss in the last 24 hours or so about Fortnite’s arrival on Android. Most of it follows revelations that Epic Games will circumvent Google’s Play Store, and distribute using its own platform.
This is exactly what Epic Games does on other platforms with the exception of iOS; on PC and Mac, Epic Games runs its own store and payment platform, and though it can’t on iOS, it will be following this same model on Android.
As ars technica reported, Epic CEO Tim Sweeney has given a rather blunt answer when asked if Epic’s strategy was just to avoid Google’s 30% cut of Play Store purchases:
Avoiding the 30 percent “store tax” is a part of Epic’s motivation. It’s a high cost in a world where game developers’ 70 percent must cover all the cost of developing, operating, and supporting their games. And it’s disproportionate to the cost of the services these stores perform, such as payment processing, download bandwidth, and customer service. We’re intimately familiar with these costs from our experience operating Fortnite as a direct-to-customer service on PC and Mac.
Of course, many in Android land have construed Epic’s move purely as a cash grab – and to be fair, that is clearly a primary motivator. They’ve thus labelled the move as greedy and one that will expose Android users to considerable risk. But will it really?
The short answer is no, not really.
Is Play Store a guarantee of safety anyway? No
Critics of Epic’s move claim that Google’s Play Store keeps everyone safe, and circumventing it and distributing Fortnite directly exposes users to risk. Let’s unpack that – and it doesn’t take long. For starters, Android’s permission model is pretty solid, such that sideloaded apps really can’t do much without users’ explicit consent.
If users ensure they download Fortnite from Epic’s legit store (and let’s give most users credit, they can probably figure this out), then installing Fortnite directly – as opposed to through the Play Store – presents no additional risk whatsoever.
Secondly, even if it does, Google’s Play Protect product is active on every Android phone that has Play Services installed; outside China, that’s virtually all of them. It scans for malicious code and apps, and takes action to protect users regardless of where their apps are installed from.
Play Protect isn’t even new. It’s been around since early 2017, and it’s only getting better at what it does.
Most Android devices are pretty careful in protecting users around installing apps directly (as opposed from Google Play); they give clearly worded warnings of what’s involved, and most revert back to a safe policy of blocking 3rd party installs unless specifically re-enabled.
Let’s not even mention the amount of junk that does make it onto the Play Store which Google does little about.
In short, the risk is overstated.
What about financial protection?
Google’s Play Store policies are no guarantee that parents can claw back money spent inadvertently (or deliberately) by their kids. In fact, they can make this process downright painful in some cases. Granted, Google does frequently reverse such charges, but there’s no guarantee they will … no more than if you were dealing with a merchant directly.
Let’s consider this – there’s a strong incentive for Epic Games to get this right. Fortnite is hugely popular, and not just amongst Android users (who can’t play it yet); this exact same issue is and can be present on PC and Mac, and you’d better believe that Epic has spent a reasonable amount of time working out how to deal with this exact issue.
There’s also the way our financial system works .. and not just in Australia. If you buy stuff on your credit card, you are covered by a range of protections. If your kids use your credit card to buy stuff without your knowledge or consent, you’re protected by card scheme chargeback mechanisms, and in many cases, I’ll trust my bank to get that process right.
Claims there’s no good reason for Epic to act this way
I can think of two very good reasons, and even detractors can – they just ignore them. Fortnite is absolutely huge. Ask any teenager.
And not just teenagers in the USA; ask teenagers in Europe, Asia, and all around the world. If you restrict distribution on Android to Google’s Play Store, you instantly prevent users across China from accessing your game, and with the state of play across Europe, it might not be long before Android phones sold in the EU won’t come with Google Play services installed anyway.
Epic’s move – deliberately or not – will make distribution across Fortnite’s entire fanbase a lot easier. As discussed above, too, this move does little to harm users’ security of their devices.
So, is Epic’s move a cash grab that exposes users to risk? Nope
There may be a sound financial reason for Epic to do this; not that long ago, games makers (and app developers) didn’t have to share their revenue with a 3rd party. They could use all their proceeds to run their operations.
In 2018, those operations aren’t cheap. There’s staff to pay for, data centres, internet connectivity, financial providers, insurance, legal and the list goes on. Something as popular as Fortnite, while it likely makes a lot of money for Epic, also costs a lot to run. That 30% overhead mightn’t sound like a lot … but it doesn’t scale with growth. For $10 million in sales, does it cost Google $3 million to facilitate them? Doubtful. For $10 in sales, does it cost Google $3? Much more likely.
Be that as it may, Epic’s costs probably do scale, but that immovable 30% cut does not, and when you’re talking big revenue (and big costs), that’s a huge one to wear.
I’m not justifying Epic’s move, but I can understand why they’d want to look at alternatives. Anyone in business at that scale would.
Last, but not least
A user that lacks the knowledge or aptitude to avoid security risks is just as at risk by sticking to Google’s Play ecosphere as they are if they circumvent it; scams are spread far and wide, and most of them don’t focus on Google Play or apps anyway – there’s far, far more proven attack vectors outside of apps.
In short, a user who’s likely to be scammed will probably be scammed regardless of whether they install Fortnite from Google Play or Epic’s own game store.
I don’t buy the argument that this one factor exposes users to risk, and you shouldn’t either – like most things, it’s far more nuanced. Declaring otherwise is nothing more than scaremongering, and trying to score page views for the sake of it.