Minor Protection in Chinese Games Anti Addiction Systems and Secondary Verification

On August 30, 2021, the National Press and Publication Administration (NPPA) issued the strictest minor protection mandate in gaming history. All online games operating in China must restrict minor playtime to exactly three hours per week. This rule shifts anti-addiction compliance from a policy guideline to an absolute technical standard.

1. Regulatory Logic: Verification Upon Registration, Universal Real-Name Requirements

Western minor protection systems rely on parental discretion and OS-level screen time controls. The Chinese anti-addiction system mandates state-level database verification and server-side physical blockades. Game developers bear full technical and legal liability for identity verification and access restriction.

Attention: Guest modes and anonymous logins are strictly prohibited.

Access Principle: All players must complete real-name verification during account registration or initial login. The game client must transmit the player’s inputted name and Resident Identity Card number to the NPPA’s real-name verification system for cross-referencing.

Note: Users cannot access any substantive game content before the verification API returns a “Pass” directive indicating adult or minor status.

2. Core Statutory Restrictions

The regulatory framework establishes three absolute boundaries for users identified as minors (under 18 years old).

1. Physical Playtime Restriction Minors can only log into games between 8:00 PM and 9:00 PM on Fridays, Saturdays, Sundays, and statutory public holidays. Access is legally barred at all other times. Spring break, summer vacation, winter vacation, and makeup work days adjoining public holidays must strictly follow this exact schedule.

2. Zero Tolerance for Unverified Users Accounts failing the state database verification must be treated as unauthorized access. Client permissions for these accounts must remain locked at the login screen.

3. Tiered Spending Caps The law dictates hardcoded in-game purchase limits based on specific age brackets.

• Under 8 years old: Absolute zero spending.
• 8 to 15 years old: Single transaction ≤ 50 RMB. Monthly cumulative ≤ 200 RMB.
• 16 to 17 years old: Single transaction ≤ 100 RMB. Monthly cumulative ≤ 400 RMB.

Attention: The 9:00 PM server disconnection must be absolute.

Delayed server kicks due to ongoing multiplayer matches, unsaved progress, or rendering cutscenes constitute direct compliance violations.

Note: Upon successful initial verification, the result can be stored in the user database. The game does not need to query the state API for every subsequent daily login.

3. Advanced Compliance: Identity Evasion and Behavioral Detection

Relying solely on a one-time verification during registration is insufficient for current compliance standards. Minors frequently use the identity cards of elderly relatives to register “adult accounts” and bypass playtime restrictions. Regulators actively target this exact evasion tactic. Developers must implement behavioral detection mechanisms to identify and manage suspected minor activity.

Suspected Minor Behavioral Monitoring: Operators should build server-side behavioral analysis models to screen “adult accounts” for anomalies.

• Age-to-Action Mismatch: An account registered to a user over 60 years old engaging in high-intensity, high-APM competitive gameplay late at night.
• Duration Anomalies: Continuous online sessions exceeding 4 to 6 hours, or frequent extended logins during standard school/working hours.
• Device Hopping: A single account frequently switching login devices or IP addresses within a short timeframe.
• Chat Logs: In-game text or voice chat content revealing minor status or utilizing minor-specific colloquialisms.

Secondary Verification Mechanism: Triggering the risk model must force a mandatory secondary verification window. High-risk accounts require facial recognition integration or mandatory re-entry of identity credentials. If a user refuses verification or fails the check, the system must immediately downgrade the account into the minor anti-addiction tier, enforcing playtime and spending limits.

4. Actionable Implementation Strategies

• In-Game Real-Name UI: Finalize the real-name verification system design before submitting the ISBN application. This includes the login UI, registration UI, verification API integration, and precise permission controls for minor accounts.
• SDK Integration: Ensure the client fully integrates the NPPA’s official real-name verification SDK prior to commercial launch.
• Server-Side Kill Switch: Deploy a mandatory disconnect protocol on the server. Cut all minor account network connections at exactly 21:00:00 Beijing Time.
• Anomaly Interruption: Design “in-game interrupt” logic for adult accounts flagged as suspected minors. Trigger facial recognition or identity re-verification at critical junctures, such as right before initiating a payment or entering a ranked match.
• Payment Risk Control: Refactor the billing backend. Read the age variable returned by the verification API to automatically intercept any payment request exceeding statutory limits.