This is almost certainly a stupid question, because I've only just started looking at PlayerIO. I am working on a single-player mobile game in AIR. The game has a number of purchasable items and we want to take reasonable measures to discourage cheating.
We want to serve game configuration info from BigDB, so we need to make sure that players can't just rewrite the server response, e.g. to give themselves infinite health (it's a shooter). I can see enough intelligible information in the traffic between my AS3 client and BigDB that I can tell it's not encrypted.
If I want to encrypt the traffic to discourage players from rewriting responses, my understanding is that I need to set up a wrapper on a server somewhere that encrypts and decrypts client traffic based on a shared key and then reads and writes to/from the DB on the client's behalf.
Okay so far. The probably-stupid question is, do I have to set up an external server just to do this (in which case I wonder why I don't just set up my own database and skip PlayerIO)? Or is there a way I can build it into the server-side dll?