6.6 Independent Servers: NEX and Nintendo Network Accounts: Common Items

This section describes required information and important notes for developers using independent game servers separate from the ones operated by Nintendo. Consult with support@noa.com if you are thinking about using an independent server for any reason, such as for a web service or to link data with a sequel title.

There are two types of Nintendo 3DS authentication methods: authentication using NEX, and authentication using the Nintendo Network ID. Applications that use independent servers must comply with the guidelines that are applicable to the method they use.

Note:

If you are independently implementing matchmaking, ranking, or data store features via an independent server, it is not necessary to comply with the guidelines in the NEX: Matchmaking, NEX: Ranking, or NEX: Data Stores chapters of this volume.

6.6.1 Independent NAT Traversal Feature

Nintendo recommends for applications that use P2P communication to use the NAT traversal feature in the library provided by Nintendo. Using an independent NAT traversal feature could lead to less interoperability with the list of verified Internet connection devices on Nintendo's home page, causing user confusion.

If you are planning to use an independent NAT traversal feature, consider taking steps such as publishing connection-related information on your website.

No required guideline items.

6.6.2 Communication Security

Nintendo recommends implementing some means of preventing packet eavesdropping and replay attacks after verifying the client's identity via a service token when beginning communication with an independent server. One such method is to use SSL to encrypt network connections.

Nintendo performs system consistency checks and security checks on applications that use independent servers. You must apply to request such checks; contact Nintendo at support@noa.com.

No required guideline items.

6.6.3 Using Independent Friend Presence Features

If your application uses an independent friend list, it is permissible to also use independent friend presence features. However, do not display friend presence information on Nintendo 3DS systems from applications which operate on non-Nintendo platforms and cannot communicate with Nintendo 3DS systems. For example, assume a certain application has a Nintendo 3DS version as well as a version for a non-Nintendo platform, and friends are managed in common between these versions. Even if users playing the non-Nintendo version come online, users playing the Nintendo 3DS version are not able to play together with the non-Nintendo users. In this situation, do not display the friend presence information of users playing versions of the application for non-Nintendo platforms.

Note:

Note that it is prohibited in principle for Nintendo 3DS to communicate with non-Nintendo platforms. If you have such plans, please contact Nintendo at support@noa.com. See section 6.1.6 Internet Communication With Non-Nintendo Platforms for further details.

6.6.3.1 Displaying Independent Friend Presence Information

Guideline Item

Applications must not display friend presence information on Nintendo 3DS systems from applications which operate on non-Nintendo platforms and cannot communicate with Nintendo 3DS systems.

Software to Be Tested
Applications that use independent friend presence features.
Test Method
Check the source code.
Pass/Fail Determination

Passes if the application does not display friend presence information on Nintendo 3DS systems from applications which operate on non-Nintendo platforms and cannot communicate with Nintendo 3DS systems.

6.6.4 Using Personal Information from Nintendo Accounts

If your application takes personal information (such as gender or email address) that is registered to a Nintendo account and sends it to a third party, your application must implement proper measures in accordance with the user's age and country settings.

For users under the age of 13:

It is Nintendo's policy generally not to provide information of the users under the age of 13 to other companies.

Therefore, for users under the age of 13, it is prohibited to send personal information registered in Nintendo accounts to an independent server.
For example, when creating an independent account, you must not use personal information from Nintendo accounts as the default value.

For all users age 13 and above:

For users age 13 and above, you must take the following measures.

  • Include an explanation in the licensee's independent EULA privacy policy.
  • Display an independent dialog containing the following message before sending the personal information, and make the user select whether they agree or disagree to sending the personal information. Alternatively, display a dialog allowing the user to view and edit the personal information that will be sent, while clearly indicating to the user what information will be sent and when it will be sent.

If you proceed, the following data will be transmitted to [publisher name]:

[List the relevant data that will be transmitted: "Gender," "Email address"] as registered in your Nintendo Network ID.

The data will be treated according to the Privacy Policy [or any relevant name of the document/policy] of [publisher name].

Back / Allow

Note:

In principle, it is prohibited to change the dialog text. Contact Nintendo at support@noa.com if you need to change it.

For users age 13 and above but under the age of 18:

If the user is under the age of 18 and a Parental Controls PIN code has been configured in their system, the Parental Controls restriction must be temporarily lifted by PIN entry in order to make any personal information available from their Nintendo account. (This is a system-side requirement.)

For users age 13 and above but under the age of 18, you must require a parent or guardian to enter the PIN, in addition to taking the measures required for all users age 13 and above.

Note:

You can use the nn::cfg::CTR::IsParentalControlEnabled function to check whether a Parental Controls PIN code has been configured in the system. This is planned to be provided in the SDK 7.2.x series and later versions.

For the United States Market:

Each licensee remains responsible for determining its legal obligations under COPPA. See section 6.2 COPPA for details.

6.6.4.1 Using Personal Information from Nintendo Accounts on Independent Servers

Guideline Item
Applications that take personal information registered to a Nintendo account and send it to an independent server must implement proper measures in accordance with the user's age.
Software to Be Tested
Applications that send personal information from Nintendo accounts to independent servers.
Test Method
  1. Prepare a system on which a Parental Controls PIN has not been configured. Using the Nintendo Network account of a user age 13 or above, perform whatever procedure is necessary to send personal information to an independent server.
  2. Prepare a system on which a Parental Controls PIN has been configured. Using the Nintendo Network account of a user age 13 or above but under age 18, perform whatever procedure is necessary to send personal information to an independent server.
  3. In the following cases, check the source code and confirm that the application is not able to send the personal information to an independent server.
  • From the Nintendo Network account of a user under age 13
  • From the Nintendo Network account of a user age 13 and above but under the age of 18, who did not give user consent
  • From the Nintendo Network account of a user age 13 and above but under the age of 18, where the Parental Controls restriction has not been lifted by PIN entry
Pass/Fail Determination

Passes if all of the following conditions are met.

  1. In step 1, there is an explanation in the licensee's independent EULA privacy policy.
  2. In step 1, the application displays an independent dialog with the text below. Or alternatively, the application clearly indicates what information will be sent and when, and allows the user to view and edit the information before sending it.

    If you proceed, the following data will be transmitted to [publisher name]:

    [List the relevant data that will be transmitted: "Gender," "Email address"] as registered in your Nintendo Network ID.

    The data will be treated according to the Privacy Policy [or any relevant name of the document/policy] of [publisher name].

    Back / Allow

  3. Pass/fail conditions 1 and 2 are met in step 2.
  4. The application is unable to send personal information to the independent server in step 3.

6.6.5 Tracking

It is each licensee's responsibility to take appropriate measures when tracking the user's play information within an independent server.

No required guideline items.

 


CONFIDENTIAL