Challenge Summary
Welcome to the What the Hack! - Cyber Security Game Design Concepts Challenge!
Our client on their initial step to build What the Hack! - Cyber Security Game application that will be used as hybrid game along with the actual physical game board.
For this challenge, we are providing you with some initial information to suggest design concepts and ideas on how the game should work as the companion of What the Hack! Cyber Security Game board.
In this challenge we are looking for DESIGN CONCEPTS on how this game could work. What should the user see and experience?
Design how this game can be fun and addictive to played, looking forward topcoder community design creative ideas!
- What the Hack! Cyber Security Game Logo
- initial What the Hack! Cyber Security Game Design Concepts Screen Flow
Note: For this challenge it will be helpful if you can provide additional files to explains your design suggestion like: GIF Animation, Sounds Effect, Click Flow, etc
- What the Hack! Cyber Security Game Logo
- Final What the Hack! Cyber Security Game Design Concepts Screen Flow
Note: For this challenge it will be helpful if you can provide additional files to explains your design suggestion like: GIF Animation, Sounds Effect, Click Flow, etc
Challenge Description
Our client is a large European green power company with thousands of employees. Like many others, we like to go digital with our services and products, but fear cyber security issues.
One of the biggest weaknesses is, well, our own employees. They are not grown up in the digital world, and many are not really interested or aware of cyber security risks or best practices. We want to tackle this problem by a hybrid board/online game which we will make available to all our employees who can play it in the work or spare time.
About the What the Hack! Cyber Security Game:
What the Hack! Cyber Security Game It is a cooperative game in which the players win or lose as a team. This is a turn-based game type. Players have to counter attacks from a hacker and ultimately capture the hacker. Working title “What the hack!“. The game has a board looking like a network with many nodes and paths between these nodes.
There are 4 company roles and 1 hacker role, and they can move on this network. The roles are (1) Architect, (2) Cyber Security Engineer, (3) Forensic Expert, (4) User. Each has one piece and can move on the board. This is the part that‘s a classical board game using physical playing pieces.
What the Hack! Cyber Security Game is a round based game in which each round will be played using a mobile app, in three steps:
1). The group can decide on a team quest to answer a certain question around cyber security. If they get it right, or partially right, they get 1-2 security tokens of different types which they can use to counter the hacker‘s attacks. The tokens are physical. This quest, however, is coming from the app by scanning a QR code on the board.
2). The hacker strikes an attack, that can be countered by the security tokens gained in step 1. The attack also comes from the app, again by scanning a QR code. If the team has gained the required tokens, they countered the attack. If not, the hacker will move some steps on the network towards the ultimate data treasure. Once the hacker gets to the treasure, the team lose.
3). Now the team can move on the network to capture the hacker. If they succeed, they win.
The mobile application
For this challenge we need your help to design Initially app look on Android mobile app only, but the code should not use Android specific functions too extensively. As you see from the rules above, the app needs to be able to:
- Scan QR codes, and trigger one of the following, random actions based on the code:
- Either formulate a quest of a certain type, capture the answer and feedback whether the answer was fully right, partially right, or wrong
- Or shoot an attack with a counter token requirement
- The quests and attacks data should be retrievable in online or offline mode (for the MVP Offline is sufficient)
Game Equipments
- What the Hack! Game Board (See Illustration: GameBoard-Illustration.jpg)
- Example concept screens for the mobile app (See: Example_concept_screens.jpg)
- Security Tokens
- 1 x Hacker Playing Piece
- 4 x Team Playing Pieces representing the 4 roles
- What the Hack! Game application on Android mobile device (you need create design for this challenge submission)
Game Logo
- For this challenge you need create What the Hack! Cyber Security Game look on Splash screen
- Use the same mobile screen size for the game logo on splash screen: 750px x 1334px
Mobile Game Flow
1). Start Game
- If the user scans any QR code on Game Board, the app should check whether QAD is loaded in the last 30 days or not.
- If it wasn’t, new random QAD needs to be retrieved from a web service.
2). User open the App without scan QR Code
- If the user opens the app without scanning a QR code, inform the user to scan the next QR code according to the game rules.
3). Start Game
- After scanning a QR code, it is determined whether a game session has been started already in the last 30 minutes. If yes, the QR code is processed (next step). If not, a new game is started; the user is informed and offered a link for help (the link can be a stub for now). From that moment onwards a counter of 30min („mm:ss“) is displayed permanently on the screen
4) Processing the QR code.
- On the Board, there are 12 different QR codes: 8 for hacker attacks and 4 for security quests. - From the QAD pick one random attack or quest from the right group of Attack or Quest
- Show the quest or attack to the user and capture the response.
5). Security Tokens
- These are physical tokens
- The players can earn tokens by correctly answering quests from one of these 4 types:
-- Security by Design,
-- User Awareness,
-- Server & Client Protection,
-- Forensics & Counter Attack
- Each Quest type is represented by a QR code in one of the Blue, Purple, Blue or Green quadrants on the Game Board (see GameBoard-Illustration.jpg).
- Pick a random question from the right type that has not been shown to the player in the same game session.
- Display the question and the 4 possible answers (as radio buttons).
- Capture the player’s response within a countdown period of 30 sec (show the time, and make some fancy sound if time is running out).
- If the answer is right, grant the tokens with a text “you earned <#> <type> tokens“ or “sorry, no token earned“
- There are 4 different security tokens user can received based on the color (Yellow, Blue, Green & Purple)
- Number of security tokens user received will be vary between questions
- In case the team answered a question wrong, need inform user the right answer, some explanation and a “got it“ button.
IMPORTANT: The app does not need to keep track of the number and type of tokens awarded as prizes e.g. if the team has collected 5 Blue tokens and 6 Green tokens the app does not need to track this.
6). Hacker Attack
- The hacker has 8 attack levels with rising sophistication, each represented by a distinct QR code.
- Pick a random attack, present it to the player, and ask whether the player has enough token of the type required to counter the attack (Yes, no buttons).
- If yes is pressed, display “Well done. Return the tokens to the bank“.
- If no is pressed, display “Too bad” Move the hacker forward by <#> steps”. The # of steps is an attribute of the attack
7). Menu options on the mobile app
Start new game.
- Ask “are you sure”?
- If yes, reset the 30 minutes clock
Pause game
- Display “Game paused“ with “resume“ or “quit“ buttons visible.
- Hold the clock, until resume is pressed.
- If quit is pressed, close the app
Quit game
- Ask “are you sure“?
- If yes, close the app
8) Time Countdown Display
- Every 2 minutes, make a fancy sound like a gong indicating that time is running.
- When the clock arrives at 5:00, make a more fancy sound indicating that time is running really low.
- When the clock arrives at 1:00, make an even more fancy sound.
- Finally, when the clock is at 0:00, make a final sound and display “Time is up“ and a “quit“ button.
- If it is pressed, the app closes
Quest Data Examples
Type: Quest
Level: 1
Title: Password
Question: Pick a weaker password than Abcd1234
Answers:
A: qwertyuiop
B: a1s2d3f4
C: 4321dcbA
D: Peter74
Prizes: 2 Blue Tokens (User Awareness)
Type: Quest
Level: 2
Title: Firewall
Question: We are working with many third parties from within and outside the EU. The firewall is filtering valid requests going into the data centers/cloud. What is a good filtering logic?
Answers:
A: German and non-German requestors
B: Request criticality
C: EU and non-EU requestors
D: Internal/external, EU/non-EU & criticality
Prizes: 3 Purple Tokens (Server & Client Protection)
Type: Quest
Level: 3
Title: Honeypot
Question: What is a honeypot?
Answers:
A: A pot full of honey
B: A hot, alcoholic drink that hackers prefer in hacking sessions
C: An easy, but uncritical target for hackers which derails them from the critical systems
D: An invitation to a friendly hacker to test the safety of the systems
Prizes: 3 Purple Tokens (Server & Client Protection)
Attack Data Examples
Type: Attack
Level: 1
Title: Spam
Question: Sending millions of unwanted e-mails to aim for getting a few clicks on the links provided. What do you do?
Answers:
A: Nothing. My Spam filters work well enough
B: Click on the e-mail to see what it's all about
C: Inform engineers to adapt firewall settings
D: Delete immediately
Response: Requires 1 Blue Token (User Awareness) and 1 Yellow Token (Security by Design)
Type: Attack
Level: 2
Title: Phishing
Question: Sending targeted e-mails that mimic serious requests in order to capture account and password data from users. What do you do?
Answers:
A: Inform engineers to adapt firewall settings
B: Delete and inform fake originator that her identity has been misused
C: Just delete
D: Click on the link and enter wrong information
Response: 3 Blue Tokens (User Awareness)
Type: Attack
Level: 3
Title: DDOS
Question: Hacking thousands of weakly protected devices (such as IoT devices or mobile phones) and generating millions of requests to targeted websites in order the bring the site down
Answers:
A: F*3K, do nothing – avoid any extra load
B: Ask engineers to stop all incoming traffic until the threat is over
C: Ask engineers to filter traffic between meaningful and useless ones
D: Reboot affected servers
Response: 1 Yellow Token (Security by Design), 1 Green Token (Forensics & Counter Attack), 1 Purple (Server & Client Protection)
Note: There will be more data when we develop the application later
General Submission Requirements
- Screen Size: 750px x 1334px (Mobile Retina)
- Color Theme: Use the theme and colours from the game board (see GameBoard-Illustration.jpg and Example_concept_screens.jpg)
- Fonts: Calibri
Design Presentation
- As part of your submission, you must upload your submission to MarvelApp so we can see how your application click flow.
- If you need an MarvelApp Project, send email OR via challenge forum to this email address: lunarkid@copilots.topcoder.com
- Important. Please include the Share URL/Link of your MarvelApp!
Target User:
- Internal Employee
Judging Criteria:
- Game app must useful as companion to the actual game board
- Design intuitive controls and challenging
- Capacity to provide a design out of the box.
- Design Quality and execution.
- Originality.
Submission & Source Files:
Preview Image
Please create your preview image as one (1) 1024x1024px JPG or PNG file in RGB color mode at 72dpi and place a screenshot of your submission within it.
Submission File
Submit JPG/PNG for your submission files.
Source Files
All original source files of the submitted design. Files should be created on 1 of these options:
- Adobe Photoshop and saved as layered PSD file,
- Adobe Illustrator as a layered AI file, or
- Sketch File.
Final Fixes
As part of the final fixes phase you may be asked to modify your graphics (sizes or colors) or modify overall colors. We may ask you to update your design or graphics based on checkpoint feedback.
Our client on their initial step to build What the Hack! - Cyber Security Game application that will be used as hybrid game along with the actual physical game board.
For this challenge, we are providing you with some initial information to suggest design concepts and ideas on how the game should work as the companion of What the Hack! Cyber Security Game board.
In this challenge we are looking for DESIGN CONCEPTS on how this game could work. What should the user see and experience?
Design how this game can be fun and addictive to played, looking forward topcoder community design creative ideas!
Round 1
Submit these screens your for a Checkpoint feedback.- What the Hack! Cyber Security Game Logo
- initial What the Hack! Cyber Security Game Design Concepts Screen Flow
Note: For this challenge it will be helpful if you can provide additional files to explains your design suggestion like: GIF Animation, Sounds Effect, Click Flow, etc
Round 2
Final Design plus any Checkpoint feedback.- What the Hack! Cyber Security Game Logo
- Final What the Hack! Cyber Security Game Design Concepts Screen Flow
Note: For this challenge it will be helpful if you can provide additional files to explains your design suggestion like: GIF Animation, Sounds Effect, Click Flow, etc
Challenge Description
Our client is a large European green power company with thousands of employees. Like many others, we like to go digital with our services and products, but fear cyber security issues.
One of the biggest weaknesses is, well, our own employees. They are not grown up in the digital world, and many are not really interested or aware of cyber security risks or best practices. We want to tackle this problem by a hybrid board/online game which we will make available to all our employees who can play it in the work or spare time.
About the What the Hack! Cyber Security Game:
What the Hack! Cyber Security Game It is a cooperative game in which the players win or lose as a team. This is a turn-based game type. Players have to counter attacks from a hacker and ultimately capture the hacker. Working title “What the hack!“. The game has a board looking like a network with many nodes and paths between these nodes.
There are 4 company roles and 1 hacker role, and they can move on this network. The roles are (1) Architect, (2) Cyber Security Engineer, (3) Forensic Expert, (4) User. Each has one piece and can move on the board. This is the part that‘s a classical board game using physical playing pieces.
What the Hack! Cyber Security Game is a round based game in which each round will be played using a mobile app, in three steps:
1). The group can decide on a team quest to answer a certain question around cyber security. If they get it right, or partially right, they get 1-2 security tokens of different types which they can use to counter the hacker‘s attacks. The tokens are physical. This quest, however, is coming from the app by scanning a QR code on the board.
2). The hacker strikes an attack, that can be countered by the security tokens gained in step 1. The attack also comes from the app, again by scanning a QR code. If the team has gained the required tokens, they countered the attack. If not, the hacker will move some steps on the network towards the ultimate data treasure. Once the hacker gets to the treasure, the team lose.
3). Now the team can move on the network to capture the hacker. If they succeed, they win.
The mobile application
For this challenge we need your help to design Initially app look on Android mobile app only, but the code should not use Android specific functions too extensively. As you see from the rules above, the app needs to be able to:
- Scan QR codes, and trigger one of the following, random actions based on the code:
- Either formulate a quest of a certain type, capture the answer and feedback whether the answer was fully right, partially right, or wrong
- Or shoot an attack with a counter token requirement
- The quests and attacks data should be retrievable in online or offline mode (for the MVP Offline is sufficient)
Game Equipments
- What the Hack! Game Board (See Illustration: GameBoard-Illustration.jpg)
- Example concept screens for the mobile app (See: Example_concept_screens.jpg)
- Security Tokens
- 1 x Hacker Playing Piece
- 4 x Team Playing Pieces representing the 4 roles
- What the Hack! Game application on Android mobile device (you need create design for this challenge submission)
Game Logo
- For this challenge you need create What the Hack! Cyber Security Game look on Splash screen
- Use the same mobile screen size for the game logo on splash screen: 750px x 1334px
Mobile Game Flow
1). Start Game
- If the user scans any QR code on Game Board, the app should check whether QAD is loaded in the last 30 days or not.
- If it wasn’t, new random QAD needs to be retrieved from a web service.
2). User open the App without scan QR Code
- If the user opens the app without scanning a QR code, inform the user to scan the next QR code according to the game rules.
3). Start Game
- After scanning a QR code, it is determined whether a game session has been started already in the last 30 minutes. If yes, the QR code is processed (next step). If not, a new game is started; the user is informed and offered a link for help (the link can be a stub for now). From that moment onwards a counter of 30min („mm:ss“) is displayed permanently on the screen
4) Processing the QR code.
- On the Board, there are 12 different QR codes: 8 for hacker attacks and 4 for security quests. - From the QAD pick one random attack or quest from the right group of Attack or Quest
- Show the quest or attack to the user and capture the response.
5). Security Tokens
- These are physical tokens
- The players can earn tokens by correctly answering quests from one of these 4 types:
-- Security by Design,
-- User Awareness,
-- Server & Client Protection,
-- Forensics & Counter Attack
- Each Quest type is represented by a QR code in one of the Blue, Purple, Blue or Green quadrants on the Game Board (see GameBoard-Illustration.jpg).
- Pick a random question from the right type that has not been shown to the player in the same game session.
- Display the question and the 4 possible answers (as radio buttons).
- Capture the player’s response within a countdown period of 30 sec (show the time, and make some fancy sound if time is running out).
- If the answer is right, grant the tokens with a text “you earned <#> <type> tokens“ or “sorry, no token earned“
- There are 4 different security tokens user can received based on the color (Yellow, Blue, Green & Purple)
- Number of security tokens user received will be vary between questions
- In case the team answered a question wrong, need inform user the right answer, some explanation and a “got it“ button.
IMPORTANT: The app does not need to keep track of the number and type of tokens awarded as prizes e.g. if the team has collected 5 Blue tokens and 6 Green tokens the app does not need to track this.
6). Hacker Attack
- The hacker has 8 attack levels with rising sophistication, each represented by a distinct QR code.
- Pick a random attack, present it to the player, and ask whether the player has enough token of the type required to counter the attack (Yes, no buttons).
- If yes is pressed, display “Well done. Return the tokens to the bank“.
- If no is pressed, display “Too bad” Move the hacker forward by <#> steps”. The # of steps is an attribute of the attack
7). Menu options on the mobile app
Start new game.
- Ask “are you sure”?
- If yes, reset the 30 minutes clock
Pause game
- Display “Game paused“ with “resume“ or “quit“ buttons visible.
- Hold the clock, until resume is pressed.
- If quit is pressed, close the app
Quit game
- Ask “are you sure“?
- If yes, close the app
8) Time Countdown Display
- Every 2 minutes, make a fancy sound like a gong indicating that time is running.
- When the clock arrives at 5:00, make a more fancy sound indicating that time is running really low.
- When the clock arrives at 1:00, make an even more fancy sound.
- Finally, when the clock is at 0:00, make a final sound and display “Time is up“ and a “quit“ button.
- If it is pressed, the app closes
Quest Data Examples
Type: Quest
Level: 1
Title: Password
Question: Pick a weaker password than Abcd1234
Answers:
A: qwertyuiop
B: a1s2d3f4
C: 4321dcbA
D: Peter74
Prizes: 2 Blue Tokens (User Awareness)
Type: Quest
Level: 2
Title: Firewall
Question: We are working with many third parties from within and outside the EU. The firewall is filtering valid requests going into the data centers/cloud. What is a good filtering logic?
Answers:
A: German and non-German requestors
B: Request criticality
C: EU and non-EU requestors
D: Internal/external, EU/non-EU & criticality
Prizes: 3 Purple Tokens (Server & Client Protection)
Type: Quest
Level: 3
Title: Honeypot
Question: What is a honeypot?
Answers:
A: A pot full of honey
B: A hot, alcoholic drink that hackers prefer in hacking sessions
C: An easy, but uncritical target for hackers which derails them from the critical systems
D: An invitation to a friendly hacker to test the safety of the systems
Prizes: 3 Purple Tokens (Server & Client Protection)
Attack Data Examples
Type: Attack
Level: 1
Title: Spam
Question: Sending millions of unwanted e-mails to aim for getting a few clicks on the links provided. What do you do?
Answers:
A: Nothing. My Spam filters work well enough
B: Click on the e-mail to see what it's all about
C: Inform engineers to adapt firewall settings
D: Delete immediately
Response: Requires 1 Blue Token (User Awareness) and 1 Yellow Token (Security by Design)
Type: Attack
Level: 2
Title: Phishing
Question: Sending targeted e-mails that mimic serious requests in order to capture account and password data from users. What do you do?
Answers:
A: Inform engineers to adapt firewall settings
B: Delete and inform fake originator that her identity has been misused
C: Just delete
D: Click on the link and enter wrong information
Response: 3 Blue Tokens (User Awareness)
Type: Attack
Level: 3
Title: DDOS
Question: Hacking thousands of weakly protected devices (such as IoT devices or mobile phones) and generating millions of requests to targeted websites in order the bring the site down
Answers:
A: F*3K, do nothing – avoid any extra load
B: Ask engineers to stop all incoming traffic until the threat is over
C: Ask engineers to filter traffic between meaningful and useless ones
D: Reboot affected servers
Response: 1 Yellow Token (Security by Design), 1 Green Token (Forensics & Counter Attack), 1 Purple (Server & Client Protection)
Note: There will be more data when we develop the application later
General Submission Requirements
- Screen Size: 750px x 1334px (Mobile Retina)
- Color Theme: Use the theme and colours from the game board (see GameBoard-Illustration.jpg and Example_concept_screens.jpg)
- Fonts: Calibri
Design Presentation
- As part of your submission, you must upload your submission to MarvelApp so we can see how your application click flow.
- If you need an MarvelApp Project, send email OR via challenge forum to this email address: lunarkid@copilots.topcoder.com
- Important. Please include the Share URL/Link of your MarvelApp!
Target User:
- Internal Employee
Judging Criteria:
- Game app must useful as companion to the actual game board
- Design intuitive controls and challenging
- Capacity to provide a design out of the box.
- Design Quality and execution.
- Originality.
Submission & Source Files:
Preview Image
Please create your preview image as one (1) 1024x1024px JPG or PNG file in RGB color mode at 72dpi and place a screenshot of your submission within it.
Submission File
Submit JPG/PNG for your submission files.
Source Files
All original source files of the submitted design. Files should be created on 1 of these options:
- Adobe Photoshop and saved as layered PSD file,
- Adobe Illustrator as a layered AI file, or
- Sketch File.
Final Fixes
As part of the final fixes phase you may be asked to modify your graphics (sizes or colors) or modify overall colors. We may ask you to update your design or graphics based on checkpoint feedback.
Please read the challenge specification carefully and watch the forums for any questions or feedback concerning this challenge. It is important that you monitor any updates provided by the client or Studio Admins in the forums. Please post any questions you might have for the client in the forums.