Yes, there’s a proprietary authentication mechanism. It’s been used in all controllers from the Xbox One, released in 2013, onward. At the moment, at least publicly, it remains uncracked. That’s actually quite impressive!
I think a lot of people are interpreting this news to mean that all third party Xbox controllers will stop working. Controllers from the likes of PowerA, Razer or 8bitdo. But they will still work. They are licensed by Microsoft and contain their proprietary authentication processors.
Some third party accessories like the Cronos Zen allow other controllers (Joysticks, wheels, PC gamepads, Playstation controllers etc.) to work with Xbox - and also often contain ‘cheat’ mechanisms (like automatic direction input to compensate for gun recoil in shooters). They require you to connect an authentic Xbox controller to them and hijack communication to do ‘authentication’ via the authentic controller. Perhaps Microsoft has worked out a way to detect this?
Lastly, there are some cheap third party controllers, often from Chinese manufacturers, that seem, at the moment, to ‘just work’ without being licensed by Microsoft. General online consensus seems to be that they’re using recycled authentication chips - but perhaps some contain cracked copies of the algorithm and Microsoft has figured out a way to tell?
It’s these last two categories that Microsoft is presumably cracking down on.
Is there some kind of DRM/authentication scheme in certified controllers, or is it just looking at the device VID/PID?
If not then third-party controllers could just offer a firmware update to spoof the vendorID and productID.
Yes, there’s a proprietary authentication mechanism. It’s been used in all controllers from the Xbox One, released in 2013, onward. At the moment, at least publicly, it remains uncracked. That’s actually quite impressive!
I think a lot of people are interpreting this news to mean that all third party Xbox controllers will stop working. Controllers from the likes of PowerA, Razer or 8bitdo. But they will still work. They are licensed by Microsoft and contain their proprietary authentication processors.
Some third party accessories like the Cronos Zen allow other controllers (Joysticks, wheels, PC gamepads, Playstation controllers etc.) to work with Xbox - and also often contain ‘cheat’ mechanisms (like automatic direction input to compensate for gun recoil in shooters). They require you to connect an authentic Xbox controller to them and hijack communication to do ‘authentication’ via the authentic controller. Perhaps Microsoft has worked out a way to detect this?
Lastly, there are some cheap third party controllers, often from Chinese manufacturers, that seem, at the moment, to ‘just work’ without being licensed by Microsoft. General online consensus seems to be that they’re using recycled authentication chips - but perhaps some contain cracked copies of the algorithm and Microsoft has figured out a way to tell?
It’s these last two categories that Microsoft is presumably cracking down on.
Necessity is the mother of invention.