Why is the onus on the people being griefed to provide proof of hacking?

That's why streaming is the best way to record matches. It doesn't take up hard drive space, and at least on Twitch, the vods do expire after some time. You can save your highlights and export them from Twitch straight to Youtube without having the video ever touch your local hard drive. I have a few saved highlights of hackers in my own Twitch library.

More effective anti-cheat aside, they've said that it's practically impossible now to add in a match replay system now, that such a thing would have had to been originally coded back in 2016.

Maybe in a possible DBD 2 someday.

Today I had to clip a video in multiple different parts to be able to upload it in the ticket.

It was not even a case of cheaters, just griefing and holding the game hostage, but the same problem applies.

I am 100% sure that they did not tell you that YOU got them banned. That you reported someone and they got banned does not mean that your ban was responsible. It could also have been that someone else reported them WITH video evidence and then the Cheater got banned.

You 100% need videoproof for reports like this.

I actually spotted a subtle cheater when playing survivor recently. They had ran the killer for a long time while on death hook so I figured I'd help before they went down. I spot them and what do you know, they were boosting their speed randomly between tiles while the killer was busy breaking pallets. Suddenly it makes sense how they "juiced" the killer for over a minute on an almost completely barren map. I do always report them since if they then get manually reported with evidence they're more likely to get banned if BHVR see that their report rate is much higher than what's normal.

But even with video evidence, needing to create a BHVR account and submit each ticket manually is such a bother. I frankly think it's embarrassing that it's possible to cheat like this, but I don't know the infrastructure behind DBD. I just know for being such a big game, the anticheat is pretty much useless once you've bypassed it since the server doesn't question what the client sends to it in any way whatsoever, seemingly at least.

Like imagine in Fortnite, CS, Valorant or Overwatch that a cheater could teleport around the map and shoot people immediately as soon as the game started with infinite damage and instantly win the round in a few seconds. That would be ridiculous and it would be incredibly dumb that the server doesn't recognize a teleporting instakilling character as cheating. Which is why it's literally impossible to do that in those games since they properly check what the client sends to the server. Yes, there's aimbots obviously, just like there would always be wallhacks and info hacks in DBD. But at least in those games you can't directly change your characters stats and speed and position and even other players characters directly. The fact that you can do it in DBD and the server doesn't even question it is very bad.

As someone who works in IT and has done some stuff with security, I can 100% tell you that the fact that you think it doesnt work, while not being invested with cheaters every single match actually proves it works. Just look at CS2, you literally could not go a single match without 1 person having cheats. They didnt even get banned, because Valve updated the anti-cheat in 2020 and left it at that.

You dont need to do anything but report in-game. In most cases, anti-cheat has already put a million red flags on that player and that player is doomed to be banned. In most other cases, it's a new cheat that currently bypasses the system and it will require tweaking to anti-cheat to detect those things.

In theory, BHVR can 100% ban all cheaters automatically, the problem there is, that 20% of non-cheating players will also get banned. Its because BHVR wants to ban as close to 0 non-cheating players as possible that there are still cheaters. But if anti-cheat didnt work, your average match would contain a cheater. Not 1 every 25 matches.

And that's been proved a lie. The engine has an easily implementable Replay API officially supported since version 4.20, and many other games using Unreal Engine did it way after their release (Fortnite, Rocket League, Tekken 7…).

I'm not saying they don't have their reasons to not do it, but "having to recode the whole game" is not one of them.

While I appreciate your perspective and your background in IT, I believe it's important to differentiate between theoretical anti-cheat efficacy and what players demonstrably experience in practice.

From a systems design perspective - particularly in real-time, client-authoritative environments - trusting the client without robust validation is a known architectural weakness. Once that trust is exploited through memory injection, packet spoofing or desync manipulation, server-side checks become non-negotiable. And yet, in DBD, the server seems to accept manipulated input without hesitation.

The idea that “the system works silently in the background” might sound reassuring - but it doesn’t align with what many players encounter: repeated exposure to blatant and subtle cheats, vague or absent feedback after reporting, and a near-total absence of transparency. If flags are truly being triggered, they don’t seem to result in timely or visible action. That creates an environment where the perception of impunity is stronger than any reassurance the system might hope to deliver.

I understand that no anti-cheat is perfect and that avoiding false positives is important. But when that caution results in a system that feels unresponsive, the effect isn’t "precision" - it’s stagnation. A system that rarely bans the wrong player but consistently fails to act on the right ones is functionally indistinct from a broken one.

In short: what should work - and what does work - are two very different things. And the wider the gap, the more it undermines trust.

You make some well-structured points, particularly from a technical standpoint, but it’s crucial to draw a line between theoretical anti-cheat capabilities and the actual, tangible experience players face in a client-trusted environment like DBD.

You're correct that detection suppression exists, even in top-tier systems. But that’s precisely why modern competitive games like Valorant have moved toward kernel-level drivers and server-side validation, because trusting client input without robust, real-time verification invites manipulation. Dead by Daylight, on the other hand, still relies heavily on client-side trust, making it especially vulnerable to memory manipulation, packet spoofing, and desync abuse.
That’s not just a challenge… it’s a structural flaw.

The idea that 99% of cheaters are being banned may be statistically comforting, but in practice, the system feels indistinguishable from one that does nothing. Silent background enforcement is only effective if its presence is felt through results. But in DBD’s case, player perception of impunity is stronger than any reassurance the system hopes to deliver… and that’s a sign of disconnect between design and lived experience.

Yes, rebuilding the game would help. But so would rebuilding the anti-cheat philosophy: starting with server-side checks on position, velocity, and desync states, basic validations that Riot, Blizzard, and even smaller studios treat as foundational. It’s not just about catching cheaters… it’s about making cheating meaningfully harder.

Until then, trusting the client in a live PvP environment is less a strategy, and more a gamble.
And right now, the house isn’t winning.

I get the sentiment, and I agree: cheaters aren’t part of the community → they’re a parasite feeding on it.

But ironically, a large-scale hack wave might be the most effective QA test Dead by Daylight has ever had.
After all, nothing motivates action quite like public humiliation and a collapsing new-player experience.

For nearly a decade, the game has operated without server-side validation, relying instead on what can only be described as a “client-trust utopia.” Speed hacks? Teleporting killers? Survivors flying like budget Avengers?
All technically allowed… as long as the client says it's okay.

If it takes a flood of cheaters to finally force systemic change, then maybe the infection is the cure.

Kate Denson reference.

Just spent another cozy 3 hours in Dead by Daylight™ this week and was lucky enough to encounter a Nea who clearly paid extra for the Teleportation DLC.

And the best part? Server-side validation continues to shine as brightly as ever. I mean, who needs consistency or fairness when you can have spontaneous wormholes?

Meanwhile, I’m standing in a tile like an idiot, watching Nea phase through reality like she's on patch 1.0.9 of Doctor Strange.

Honestly, I don’t blame her. If I had access to that kind of power, I’d be gone the moment I hear “Exposed.” Just whoosh — off to a less bug-infested universe.

Anyway, video attached for scientific purposes. Viewer discretion advised: contains scenes of unregulated time-space travel.

"Saying it's not competitive ignores the core structure of its design."
Where did I say it isnt competitive?

"there’s no confirmed evidence that DBD meaningfully validates movement, positioning, or state changes server-side."
But there is validation, you claimed there was none: Pallet validation, DS validation, it validates loadouts nowadays too(which is why you no longer see flashlights with wirespool like you used to, nor have medkits with 20 Abdominal Dressings to do a self-heal in 3 seconds.
And you're right, we dont know if there are any other specific validations surrounding movement, positioning or state changes on the server side. But you know what's also funny? Neither do you know if that happens in a lot of cases. Kicked for flying can have a multitude of reasoning. Like a clientsided check for your movement vector that gets updated and sometimes considered impossible, and your client sending a message to a server to get you kicked in case you're on a server. You assume its done server sided because the server does the kicking. The same happens with pallet stuns, they are just client sided information that is send to the server, and the only validation the server does is check which event happened first. It's still server sided validation, but its the client that checks for it. The only game I am aware that actually does movement and positioning on the serverside is Overwatch 2, as they render the full game and basically do a comparison between what should happen and what actually happens. But if they fully render the game on the server and control, how do you still have cheaters in overwatch 2? Simple, you cannot ban people for suddenly having high ping, that alone can allow you to teleport on the server's end, it just gives you a flag for investigation if it happens too often, and even then, some of those flags are ignored due to high ping. Meaning if you have a program that purposely slows down information send to the server would allow you to cheat and not get any flags.
You're really trying to paint any anti-cheat as superior, when really, its not. 10% of the top 500 players in the Overwatch 2 leaderboard are confirmed cheaters. Meaning they not only managed to cheat and not get banned, they managed to do so for HUNDREDS of games in a row. Despite a full server side validation system rendering the entire game.

"I've personally submitted over 20 cheater reports to BHVR support → always with precise details, Steam IDs, and full context. In every case, unless I attached direct video proof, I was explicitly asked to upload one before any action could be taken."
Funny, because I have submitted at least over 200 by now, and while in a lot of cases I could provide video proof since I have recording software that needs 5 seconds to start up before it can record, I couldnt always record it.
They stopped asking for video proof explicitly in 2022 when I couldnt record, there have been some cases they did ask, where I presume they looked into the matter but couldnt find any substantial evidence with what they had in place, but even then, last time that question happened was early 2024. The main question they have for me is if I reported them in-game, because sometimes, its a saturday with no plans and I have played for 6-7 hours with on average 4 games per hour.

"If true server-side validation existed, this level of manual verification wouldn’t be necessary. The current process isn't reflective of a system that independently detects and confirms cheating — it's reflective of one that doesn’t."
No, it does not. Again, 50 people in the top 500 of Overwatch 2 are confirmed cheaters by the community, they have still been able to evade bans because despite reports, its not enough. Overwatch 2 gets video evidence from people from Twitter and viral Youtube video's, and once a video has gained enough traction, then someone in the top 500 might get banned for it.
Again, you're painting Anti-Cheat measures as if they are miracle work, when in reality, there are thousands, if not millions of reports coming in. Often a lot aimed at a handful of players alone. Then you have people looking into those players and they often need to be manually banned, because autobans only work if you can isolate an issue to be a cheating-only possibility(like, wirespool on a flashlight).
And while I cannot go into detail due to an NDA, financial companies have extremely strict detection systems incase someone gamed the system, as literal millions can be at risk. You have teams of 20 people per team, working 40 hours a week each, being available 24/7 as a team while in contact with the police, trying to catch 5 people. Despite the strict detections, despite KNOWING what they are doing, they have been able to avoid the police. That can take weeks. You, on a daily basis, will trigger hundreds of fraud flags at your bank, by just existing. Someone is making sure that your fraud flags can be considered normal human behaviour. Its the ones that get a manual flag added by people on the team that get higher priority over everyone else. And that is a financial company having 2500+ employees as a whole.
The biggest benefit? When they finally do catch the person, they are actively removing that person from being able to do anything financial because they go to jail.
Now imagine that that person could pay 200$ a month to get an entirely new physical appearance whenever they get caught, then that person could go on with their financial crimes after weeks have been dedicated trying to catch that person. And they can go on doing exactly what they have been doing for weeks with no reprocussions. THAT is the modern issue with hardware spoofers.
The bigger the team, the faster bans can happen. And with BHVR having about 200 people working there, You can assume that 20 people would pretty much cover the entire security team. For a game as popular as DBD, thats small. Overwatch 2 has Activision Blizzard, which has a team of 200 people doing security (and even then, 10% of the top 500 confirmed cheaters who have been able to avoid a ban).

Anti-cheat is basically a nuclear protocol, especially the auto-ban feature. You HAVE to tread lightly and not have it go off on people by accident. And considering the fact that people can bypass bans due to certain spoofers and be at it again within 15 minutes after a ban, and the average ban can take an hour or so to be implemented, you have the situation you currently have at DBD.
In theory, BHVR could ban 100% of cheaters 100% of the time, but you can equally expect 30% of players getting banned for stunning a killer with a pallet after you have gone down, or getting stunned by a pallet after you've downed a survivor because latency was just slightly too big for the server side validation to check.

I made it that much, because thats how complex the situation is. You can flyhack in overwatch and not get banned, you can flyhack in valorant and not get banned.

No anti-cheat can be up to that level of detection without creating an unplayable game. Every. Single. Frame. would need to be traced. Every. Single. Variable. must be taken into consideration (aka, hundreds, if not thousands of frames prior need to be saved just in case the "flying" happened due to a vector launch elsewhere).

You dont know what you're demanding, not even Google servers can handle what you demand. Hence the essay I wrote.

I really hope the anticheat gets some proper tlc. It'd be a shame to go another 9 years with the current trainwreck that requires everything but the kitchen sink working right to function.

Another day, another interdimensional tourist. This time it was Bill…. same phasing cheat, same physics-defying nonsense, different beard.

I’ve played maybe 10 hours in the past two weeks and already matched with multiple blatant cheaters.

And honestly? That might actually be a good thing.
Because like a toddler ignoring bedtime, sometimes the chaos has to get loud enough that the grown-ups are finally forced to step in.

If the anti-cheat is a discipline system, then congratulations BHVR: you’ve just hit the phase where the furniture gets drawn on in marker.
Let’s see how many walls need repainting before someone remembers that "trust the client" was never a parental strategy.

They get banned in DBD too, and Valorant bans in waves too. Valorant doesnt use the "verified movement logic" you think they use. And as for desync validation, that mainly depends on available servers. And yeah, Valorant has MORE servers (other than that, RIOT is also significantly richer than BHVR). But, you're forgetting 1 key factor that has the biggest difference here why it SEEMS like Valorant is more capable, when in reality, their anti-cheat isnt objectively better:
Riot has its own client.

DBD catches as many, if not more cheaters than Valorant(player ratio). The way RIOT somewhat influences spoofing, is due to having their own client. It means that it requires cheaters to set up a new Virtual Machine first every time they get banned, because if they forget then they can get a hardware ban since the ban would be done via the client, and no amount of spoofing gets you around your hardware having been banned.
If Valorant was usable through Epic Games and/or Steam, cheaters would flood Valorant as much, if not more.

Again, what you are asking is impossible. The only way to improve anti-cheat is to reduce your literal privacy.

And no, they dont need video proof. But BHVR will ask for everything that could speed up the process. They could, without videoproof, check the claim and find more than enough evidence. But you know whats 100x easier and faster? Clicking a link and pressing play to see someone teleporting across the map. Its not a requirement.

And there is no PVP standard, you are claiming Valo and League are the standard, but that isnt the standard. Fortnite doesnt have that system, Dota 2doesnt, CS2 doesnt, OW2 doesnt. What RIOT does, is breaching privacy in exchange of giving cheaters a slightly more roundabout way to get back at it. Which, is more effective. But once again, breaching privacy.

You automatically start up the Riot client and are doing your taxes? Congrats, now Riot also has access to your tax info. You have the client running in the background while doing some private research incognito? Congrats, Riot can now see which arrangement of carnality you enjoy most and maybe even offer merchandise that looks eerily similar. That's what kernel level anti-cheat really means. That is the REAL cost of what happens in Valorant and League.

There is no PVP anti-cheat standard, and DBD is legitimately one of the groups with an actually active anti-cheat system that recieves constant updates. Like it or not, DBD is very close to being the anti-cheat standard. Its variables outside of BHVR's control that make it seem like they dont.

Just as a comparison, you have an anti-burglary system:
Valorant and League basically have camera's installed in your house EVERYWHERE and on at all times, even when you're home. Someone still manages to get into your house and steals your TV, and not all of them will be caught.

DBD has alarms, infrared lasers that only activate when you're gone from home, replaces your lock once every 3 months while giving you a key to the door that will turn off all alarms because you shouldnt be losing any privacy. But for some reason, the people who break into your house earn enough money to pay people to keep making fake keys and after some succesful keys they manage to make a skeleton key that fits on all homes. DBD makes sure some locks are changed and that people are caught before you miss anything, but they have to change the locks on all homes soon enough.

CS2 just has a sticker of "this home is protected by an alarm", while the alarm has ran out of batteries 3 years ago and the door is unlocked. It basically keeps the basic cheaters out.

The fact that you are willing to sell your private info to a company in exchange for 55 minutes more time that cheaters need to set up a new account to cheat again (which, if it takes 1 hour to ban the average cheater, and it takes about 1 hour for the cheater to be back in running, you're going to have cheaters who will give up for the time being, where again, in DBD, probably takes the same hour, but then they just trigger a spoofer and buy a hacked account and are up and running again in 15 minutes). Valorant isnt better, its less convenient.

Remove hardware spoofers from existance, and the DBD cheater issue goes back to how it was in 2020, practically non-existant.

Also, I would love to stress, Valorant isnt as server sided as you believe. 95% of anti-cheat even in Valorant happens on the side of the client. The servers, even those used for DBD, have validation on certain things. But at a certain point, you cannot ask the server to do things for you without impacting enjoyability. Things that currently flow relatively nicely would no longer flow as nicely.

You genuinely dont know what you are talking about. You can have demands, like everyone else has, and I am not defending BHVR here as I do think there are things they can improve on. But you're asking privacy breaching levels of client sided anti-cheat, while using google server levels of server sided anti-cheat, and calling that "the standard".
Thats like claiming the bodyguards any US president has(who also has very little privacy btw), is the standard of protection that all citizens should have.
You want George Orwell's 1984 levels of anti-cheat. And no, I rather face 2 cheaters on average per match than give any company access to all my private info just so I can maybe face 1 cheater every 1000 games.

The TRUE modern anti-cheat standard, would be finding a way to still implement a hardware ban on people who use spoofers. And there is a way to it: Whitelisting.
You can use an extremely trigger happy anti-cheat that will automatically kick anyone from a match the second they detect something weird and add a flag. And if you dont get flagged for a long enough time (lets say, 1000 escapes/4000 kills), or if you have been personally investigated to not have any cheats, you get added to a whitelist and only face other players who have made it to the whitelist.

You would still have cheaters, but you wont face most of them. Only downside is that new players will be forced to play against quite a few cheaters, so to mitigate that, you can add a grey list, where people on the grey list will only face other people on the grey list, and the only way you can get on the grey list is through cheating. And with a trigger happy anti-cheat, you can instead of auto ban people send them to the grey list. Even in case of a false trigger, they would still be able to play the game while their situation gets sorted out.

Oh, I agree with things always being able to be improved upon, especially when it comes to hit validation. And technically anti-cheat implementation, but I am not going to fully agree with that aspect considering the details of the discussion. Yes, it can always be improved, but its not something magic.

My point effectively is: there will ALWAYS be a loophole. If there wasnt, you couldnt play the game online with/against other players. That isnt an excuse for any glaring weakness, obviously, but its also a reason why you cant simply say "this shouldnt be possible". And sometimes there are loopholes being abused that BHVR cant find for months, it might be a teeny tiny backdoor issue that skips detection because someone accidentally turned line 1295 into a comment that was checking for movementspeed and that somehow didnt get logged. It could also be that the server checks something for a specific killer that has to be there, otherwise the killer is broken (mainly looking at Twins here, somehow, whenever she gets a change, something breaks), and that specific check has to always be there or the game just crashes whenever that killer is placed in(again looking at twins). Ironically, I could be 100% spot on on something that happened in the past. Sometimes code just works like that. Please BHVR mods, this isnt me with insider knowledge if I happen to be correct, this is me literally just spitballing an example to show how complex implementing anti-cheat can be.

Other than that, month old reply, I know, I took a small vacation and didnt check all the replies.