Call of Duty’s new Ricochet rules hit cheaters hard – and your anonymity harder

Call of Duty’s latest Ricochet update doesn’t just make cheating harder – it makes playing anonymously on PC a lot more expensive and a lot less convenient.

• New free-to-play PC accounts now require SMS two-factor authentication, putting a phone number wall in front of Warzone and other F2P access.
• Ricochet’s device detection just got sharper, targeting Cronus/XIM-style input spoofers and DMA cheats that live below the game itself.
• Microsoft Azure Attestation is now in the mix, giving Activision a deeper look at your system’s integrity without leaning on spoofable MAC addresses.
• This is Activision raising the cost of cheating – in money, time, and privacy – and testing how much friction the legit playerbase will tolerate.

This is Activision putting a price on anonymity

With Season 3 of Black Ops 7 and Warzone, any new free-to-play PC Call of Duty account has to enable SMS-based two-factor authentication on its Activision ID. No phone number, no F2P access.

There are some caveats. The requirement:

• Initially only hits new F2P PC accounts created from the start of Season 3 onwards.
• Is tied to the platform you’re playing on – for example, if you’re free-to-play on Steam Warzone and don’t own a recent premium CoD there, you’ll still be pushed into SMS 2FA even if you own Black Ops 7 on Battle.net.
• Is planned to expand to more existing accounts over time, according to Activision’s Season 3 notes.

This isn’t really about account security. Yes, 2FA helps stop account theft, but that’s a side benefit. The real target is account farming – the cottage industry where cheaters spin up endless free accounts, inject cheats, get banned, and repeat.

Requiring a phone number puts a hard resource limit on that loop. Phone numbers cost money. SMS verification at scale is annoying. It doesn’t kill cheating, but it raises the cost per ban, especially for low-effort grifters and rage hackers who treat new accounts as disposable.

The uncomfortable part is what it means for everyone else. A lot of PC players have gotten used to the idea that F2P = low friction. Just install, make an account, go. Now, Warzone and other F2P hooks are inching toward the “phone-first identity” model we’ve watched crop up everywhere from social platforms to Discord’s new age checks.

And SMS is the weakest form of 2FA going – vulnerable to SIM swaps, reliant on carriers, and annoying if you travel or change numbers. If Activision was purely chasing security, they’d be pushing app-based 2FA or hardware keys. They’re not. They’re chasing friction – specifically for people trying to spin up 20 burner accounts a day.

The question I’d put to Activision: how many unique accounts can share one phone number before you block it? That one policy decision will tell us whether this is a genuine security feature or mainly an anti-smurfing, anti-farming choke point.

Device bans are finally going after Cronus and DMA rigs

On the anti-cheat side, Ricochet’s Season 3 update leans into stronger device detection. That phrase usually appears in patch notes right before people with “perfectly legit” USB dongles start screaming on forums.

Here, it means two big things:

• Unauthorized input devices like Cronus Zen and XIM – which spoof controllers, stack macros, and abuse aim assist – are more likely to be detected and flagged.
• DMA-based cheats that run off extra hardware boards and read game memory directly are being hunted with system attestation, not just in-game scans.

For years, Ricochet and other anti-cheats tried to tag individual devices with bans using things like MAC addresses or serials. Cheat sellers answered with spoofers and disposable hardware. Season 3 shifts that fight from “what’s your MAC?” to “does your whole boot chain look legit?”

That matters because DMA cheats don’t behave like a dodgy exe you can scan for. They sit on separate hardware, read RAM directly, and feed perfect information back to the cheater. The only way to fight that reliably is to understand what hardware is attached and how the system booted.

Kernel attestation is the new anti-cheat battleground

Ricochet now taps into Microsoft Azure Attestation, a service designed to verify that a machine’s low-level state matches a “known good” configuration. In plain language: the game asks the platform, “Is this Windows install and its drivers what we expect, or has something been hooked in at a suspicious level?”

Compared to older tricks, that has a few key implications:

• Less reliance on spoofable identifiers like MAC addresses and more on system integrity signals that are harder to fake.
• Better detection of kernel hooks and DMA tools that never show up as normal user-space processes.
• Potentially higher risk of false positives for players with unusual setups – custom drivers, niche hardware, or heavily tweaked Windows installs.

This is the same general direction Riot took with Vanguard and Valve with CS2’s deeper VAC hooks: push anti-cheat further down the stack, closer to the operating system and firmware, because that’s where the serious cheats live now.

But every step down the stack also raises the trust question. You’re effectively giving a multiplayer shooter veto power over your system configuration. Its behavior is still bounded – Azure Attestation isn’t a spy tool rifling through personal files – but it is one more layer of opaque security code sitting between you and your desktop.

If Activision wants players to accept this long-term, the bare minimum is clear communication when attestation fails: what went wrong, how to fix it, and a realistic appeals process when someone’s legitimately weird setup gets nuked.

The collateral damage problem Activision hasn’t solved

Mandatory SMS 2FA and deeper device checks both sound great when you picture a rage hacker. They look a lot messier when you think about:

• Regions where phone numbers are shared or unstable – internet cafés, shared family devices, military deployments.
• Players who can’t easily attach a personal number because of privacy, safety, or local telecom issues.
• Legit peripherals and accessibility devices that might look “non-standard” to a stricter device detection system.

Every major FPS has had its “false ban wave” moment where someone’s anti-cheat update quietly bricks a niche subset of players. Ricochet’s stronger device detection and attestation layer is exactly the sort of change that can cause one if the QA net isn’t tight and the support pipeline isn’t ready.

The other uncomfortable angle: as CoD leans harder on these systems, it becomes harder to maintain alt accounts and smurfs, even for legit players who just want a second profile or a quarantine account for testing. That’s partly the point – fewer throwaway accounts means fewer throwaway cheaters – but it’s also a shift in how much freedom PC players have in a franchise that built its identity on plug-and-play chaos.

What to watch next

• Late Season 3 / early Season 4: Activision has said the SMS 2FA requirement will expand beyond brand-new F2P accounts – watch who gets pulled in next (existing F2P, lapsed players, specific regions).
• First major ban wave post-update: if console-style input spoofers and DMA cheat sellers start publicly complaining, you’ll know Ricochet’s new device detection is actually biting.
• Support and transparency: keep an eye on how many “false positive” stories crop up and how quickly Activision reverses bad bans or attestation issues.
• Whether SMS 2FA evolves: an eventual shift toward app-based or hardware 2FA would signal this is becoming a real security ecosystem, not just an anti-farming speed bump.

TL;DR: Ricochet’s Season 3 upgrade quietly rewires how Call of Duty handles identity and hardware on PC, making SMS 2FA mandatory for new free-to-play accounts and leaning on deeper system attestation to spot cheats. That raises the cost of cheating and goes after Cronus-style devices and DMA rigs in a way earlier anti-cheats struggled to. The real test will be whether Activision can keep collateral damage – from false positives to players locked out over phone rules – low enough that the cure doesn’t feel worse than the disease.