In this video Souleima shows how as a developer you should move as much of the game business logic as possible to the server. This is key to make your game more secure and mitigate most of the attacks shown in this series. Souleima uses Microsoft Playfab to show how this is done. However other options such as Beamable or the developer’s own server can be used.
The main takeaway of this video is that the developer should not use the ZBD API directly in their game client and should instead make API calls from their server.
Furthermore the ZBD API key should NEVER be stored in the client side.