Know and understand minimising the potential danger of using online gaming including not using real names, not giving out personal or financial data
Topic 8 – Safety and Security (IGCSE ICT 0417)
Objective
Know and understand how to minimise the potential danger of using online gaming, including:
Physical safety when using ICT equipment.
e‑Safety – protecting personal and financial data.
Security of data – recognising threats and applying appropriate protection mechanisms.
How these concepts relate to the Cambridge IGCSE ICT assessment objectives (AO1, AO2, AO3).
Why Safety Matters in Online Gaming
Online games connect millions of players worldwide, offering entertainment and social interaction. At the same time they expose users to physical hazards, technical vulnerabilities and personal‑data risks. Understanding these risks enables learners to protect themselves, their devices and their personal information – a requirement of syllabus sections 8.2 (e‑Safety) and 8.3 (Security of data).
1. Physical Safety When Using ICT Equipment (Syllabus 8.2)
Tripping or crushing hazards – loose cables, power strips or accessories on the floor can cause falls or injuries.
Over‑heating of equipment – laptops, consoles or monitors left on for long periods become hot; ensure ventilation and never cover vents.
Electrical safety – use surge protectors, plug devices into correctly rated sockets and never handle equipment with wet hands.
Ergonomic posture – sit upright, keep the screen at eye level and take a 5‑minute break every hour to avoid eye strain and musculoskeletal problems.
Battery safety – charge controllers, headsets or mobile devices on a stable surface and unplug once fully charged.
Exam tip (AO2): When answering a question on physical safety, cite at least two of the above hazards and explain why each is relevant to a gamer’s environment.
2. e‑Safety – Personal Data & Data Protection (Syllabus 8.2)
What counts as personal data?
Personal data: any information that can identify an individual – name, address, email, date of birth, school, avatar image, gamer‑tag, etc.
Sensitive data: details that could cause discrimination or harm if disclosed – health information, ethnicity, religion, financial details.
Key GDPR‑style principles (exam‑relevant AO1)
Lawful, fair and transparent processing
Purpose limitation
Data minimisation
Accuracy
Storage limitation
Integrity & confidentiality
Accountability
These principles underpin the Data Protection Act 2018 (UK) and similar legislation worldwide. In a gaming context, they mean you must only share the minimum information needed, keep it secure and never use it for unauthorised purposes.
Why avatars, gamer‑tags and chat logs are personal data
They can be linked to a real‑world identity through search engines or social media.
Sharing them without consent breaches data‑protection principles and can lead to identity theft, cyber‑bullying or targeted scams.
3. Common Threats to Data & Devices (Syllabus 8.3)
Threat
Typical gaming example
Impact on CIA (Confidentiality, Integrity, Availability)
One‑sentence mitigation
Phishing (email, in‑game messages)
Fake “prize” link asking for login details
Confidentiality – attacker obtains credentials
Never click unknown links; verify the sender’s address.
Smishing (SMS phishing)
Text offering a free game key if you reply with personal info
Confidentiality – personal data disclosed
Ignore unsolicited SMS and delete it.
Vishing (voice phishing)
Phone call pretending to be support asking for credit‑card number
Confidentiality & Integrity – financial data stolen, account altered
Hang up and contact the official support channel directly.
Pharming
Fake game‑store website that looks identical to the real one
Confidentiality – credentials entered on a fraudulent site
Check the URL starts with https:// and shows a padlock.
Malware / viruses
Downloading “cheat” software from a third‑party site
Integrity – malicious code can modify game files; Availability – may corrupt the system
Use only official stores and keep anti‑malware software updated.
Ransomware
Malicious attachment in a guild chat that encrypts game saves
Availability – files become inaccessible; Integrity – data altered
Back‑up saves regularly and never open unexpected attachments.
Card fraud
Someone asks for your credit‑card to “top‑up” their account
Biometrics – fingerprint or facial recognition on consoles and mobile devices.
Encryption & SSL/TLS – all web‑based purchases and account log‑ins should use https:// (SSL/TLS) to encrypt data in transit.
Digital certificates – the game store’s server presents a trusted certificate to prove its identity.
Firewalls – enable the operating‑system or router firewall to block unauthorised inbound connections.
Anti‑malware software – keep real‑time protection active and run regular scans.
Secure payment methods – use PayPal, virtual prepaid cards or platform‑managed wallets instead of storing raw card numbers.
Regular updates – apply patches for the game client, operating system and security software promptly.
Back‑ups – store game saves and important files on an external drive or cloud service with versioning.
5. Practical Safety Practices for Gamers (AO2 – Apply)
Create a pseudonym – a gaming name that contains no part of your real name, birth date or school.
Keep personal data private – never post address, phone number, school, or personal photos in public chat or profiles.
Use strong, unique passwords – at least 12 characters, mix of upper‑/lower‑case, numbers and symbols; change them every 6‑12 months.
Enable 2FA or biometrics wherever the platform offers it.
Guard financial information – use prepaid or platform‑managed payment methods; never share card details with other players.
Review and tighten privacy settings – set profiles to “Friends only”, disable location sharing, and limit who can send you messages.
Download only from official sources – the game’s own store, Google Play, Apple App Store or the console’s marketplace.
Keep anti‑malware and the OS up to date – enable automatic updates.
Use a firewall – keep the built‑in Windows/macOS firewall active, or configure your router’s firewall.
Take regular breaks and maintain ergonomics – 5‑minute break every hour, proper chair height, screen at eye level.
Report and block abusive or suspicious users – use the in‑game reporting tool; block the user to stop further contact.
Quick‑write (AO3): Choose two threats from the table and evaluate which would have the greatest impact on a 13‑year‑old’s gaming experience. Justify your answer using the CIA impact column.
6. Checklist for Safe Gaming (AO1 – Recall)
Action
Why Important?
How to Implement
Create a pseudonym
Prevents real‑world identification and targeting
Combine letters, numbers and symbols; avoid any part of your real name.
Keep personal data private
Reduces risk of identity theft, bullying and fraud
Never share address, school, phone number or personal photos in public chat.
Use strong, unique passwords
Stops attackers from guessing or cracking accounts
≥12 characters, mixed case, numbers, symbols; store in a password manager.
Enable 2FA / biometrics
Adds a second verification step
Activate via account settings; use an authenticator app or fingerprint login.
Secure financial details
Prevents unauthorised purchases and card fraud
Use prepaid cards or platform‑managed wallets; never store raw card numbers.
Install anti‑malware & keep it updated
Blocks viruses, ransomware and malicious mods
Run real‑time protection; schedule weekly scans.
Use firewalls & SSL/TLS
Protects data in transit and blocks unwanted network traffic
Keep OS firewall on; ensure any web‑based purchase uses https://.
Download only from official sources
Reduces chance of malware infection
Use the game’s official website, console store, Google Play or Apple App Store.
Adjust privacy settings
Limits who can view or contact you
Set profile visibility to “Friends only” or “Private”; disable location sharing.
Take ergonomic breaks
Prevents physical strain and overheating of equipment
5‑minute break every hour; keep cables tidy; ensure ventilation.
Report & block suspicious activity
Protects you and the wider community
Use the game’s report function; add the user to your block list.
7. Mini‑Case Study – Designing a Safe‑Gaming Policy (Systems Life‑Cycle, Syllabus 7)
Scenario: A secondary school wants to create a policy that lets students play educational games safely on school‑provided tablets.
Analysis – Identify risks: physical (over‑heating tablets), e‑safety (sharing personal data), security (malware from unofficial mods).
Design – Draft rules: use school‑issued pseudonyms, enable 2FA, restrict app installations to the official store, set privacy to “Friends only”, schedule 5‑minute breaks every hour.
Implementation – Configure each tablet with a firewall, anti‑malware, and a shared password manager; distribute a step‑by‑step guide.
Testing – Run a pilot with a small class; monitor for incidents, check that updates install automatically, verify that privacy settings work.
Documentation – Produce a one‑page policy sheet, an FAQ, and a checklist for students and teachers.
Evaluation (AO3) – After one term, collect feedback: Did incidents of data sharing decrease? Were any devices overheating? Adjust the policy based on findings.
Exam tip (AO3): When asked to evaluate a safety solution, refer to the life‑cycle stages you have used and explain how each stage improves confidentiality, integrity or availability.
Audience awareness – Content shared in-game (avatars, screenshots, streams) should be appropriate for the age group of the audience and must not contain copyrighted material without permission.
Copyright – Using game assets (music, images) in personal videos requires either the game’s licence permission or a fair‑use justification; otherwise it is infringement.
File management – Store screenshots, chat logs and saved games in a clearly labelled folder hierarchy (e.g., Games → [GameName] → Screenshots). Back‑up important files to an external drive or cloud service to satisfy the “availability” aspect of data security.
9. Quick‑Check Questions (AO1–AO3)
List three physical hazards associated with long gaming sessions and suggest one mitigation for each. (AO1)
Explain why a gamer‑tag can be considered personal data under GDPR‑style legislation. (AO2)
Choose one threat from the table and evaluate how it could affect the confidentiality, integrity and availability of a player’s account. (AO3)
Design a one‑page safe‑gaming checklist for a school’s tablet lab, referencing at least four protection mechanisms from section 4. (AO2)
10. Summary
Physical safety: keep cables tidy, ensure ventilation, use surge protectors and take regular ergonomic breaks.
e‑Safety: treat avatars, gamer‑tags and chat logs as personal data; apply GDPR‑style principles of lawfulness, purpose‑limitation, data‑minimisation, etc.
Security threats: phishing, smishing, vishing, pharming, malware, ransomware, card fraud, identity theft, data tracking, social engineering – each impacts confidentiality, integrity or availability.
Protection mechanisms: strong passwords, 2FA/biometrics, encryption (SSL/TLS), digital certificates, firewalls, anti‑malware, secure payments, regular updates and backups.
Practical steps: use a pseudonym, keep personal/financial data private, enable 2FA, download only from official sources, adjust privacy settings, report abuse, and maintain healthy gaming habits.
Systems life‑cycle can be used to design, implement and evaluate a safe‑gaming policy for any organisation.
Suggested diagram – Flowchart of “Safe Online Gaming”:
Create pseudonym → Set strong password & enable 2FA → Configure privacy & firewall → Download from official source → Take ergonomic breaks → Report & block abusive users → Back‑up & update regularly.
Support e-Consult Kenya
Your generous donation helps us continue providing free Cambridge IGCSE & A-Level resources,
past papers, syllabus notes, revision questions, and high-quality online tutoring to students across Kenya.