Dark Patterns Audit & Prevention: How to Identify and Fix Deceptive UX in Your Game Before the FTC Does

Introduction: The $520M Wake-Up Call

In December 2022, Epic Games received a stark message: $245 million in consumer refunds for using dark patterns to trick players into unwanted purchases. That's not a fine. That's not just a settlement. That's money going directly back to players who felt deceived by Fortnite's purchase interface.

The FTC's message was crystal clear: "Dark patterns are now illegal." Not gray area. Not "aggressive marketing." Illegal. And for game studios—large and small—the implications are severe.

Before December 2022, many developers operated in murky territory. Purchase buttons could be bold red and easy to miss refund options. Confirmation screens could be skipped. Players could accidentally spend $500 while the game was loading. Studios justified these designs as "optimized for conversion."

The Epic Games settlement changed that calculus entirely. Today, the FTC actively enforces against dark patterns. The Federal Trade Commission has indicated this is a priority enforcement area. And game developers need to audit their interfaces immediately.

But here's the opportunity: Fixing dark patterns doesn't destroy revenue. It builds trust. Games with clear, honest payment flows retain players better. And most importantly, you avoid the $245 million problem.

This guide walks you through exactly what dark patterns are, how to audit your game for them, and how to fix them. By the end, you'll have a concrete checklist to ensure your payment interface, refund process, and account management meet 2026 compliance standards. For a complete overview of all regulations including GDPR and EUDIW, refer to our Gaming Compliance 2026: The Complete Guide.

What Is a Dark Pattern? The FTC Definition

The FTC defines a dark pattern as "a user interface designed to trick, mislead, or manipulate users into taking actions contrary to their interests or stated preferences."

In plain English: It's UX designed to deceive.

The key phrase is "contrary to their interests." If your design makes it easier to spend money than to see what you spent it on, you have a dark pattern. If your refund button is buried under three menu layers while your purchase button is center-screen, you have a dark pattern. If your confirmation screen says "yes" instead of "confirm purchase," you have a dark pattern.

Dark patterns exploit human psychology:

Urgency ("Limited time! Buy now!")
Scarcity ("Only 2 left in stock!")
Cognitive load (Too many clicks to refund = users give up)
Defaults (Opting in by default instead of opting out)
Social proof (Fake reviews, inflated user counts)
Misdirection (Confusing button placement or labeling)

The FTC distinction: Dark patterns are not just about dark UX patterns. They're specifically about deceptive intent. An unclear button by accident is poor design. An unclear button designed to increase impulse purchases is a dark pattern.

The FTC has identified dark patterns across three major categories that directly impact gaming: purchase manipulation, consent deception, and retention traps. Understanding where each pattern appears in your game helps you systematically audit and fix issues.

Purchase Manipulation Patterns

These patterns exploit players during monetization flows, making it easier to spend money than to understand what they're buying or get refunds.

1. Roach Motel

Why it fails: Making it easy to sign up or start spending, but difficult to cancel or refund. Gaming example: Epic Games' refund process required players to navigate through Settings → Account → Purchase History → Find the item → Request refund. Compare that to the purchase button: one tap on the cosmetics store and you're charged.

Fix: Make refund/cancel buttons as prominent and easy as purchase buttons. One-tap refunds for cosmetics purchased in the last 24 hours. Clear refund policy on the checkout screen.

2. Bait and Switch

Why it fails: Offering one thing but delivering something different or changing terms after the user commits. Gaming example: "Buy this cosmetic for 800 V-Bucks" but the actual price is 950 V-Bucks (developers require over-purchasing V-Bucks to complete the transaction).

Fix: Display the exact final price before checkout, including any V-Buck bundles required. Honor exclusivity claims.

3. Forced Continuity

Why it fails: Billing users for auto-renewing subscriptions without making cancellation easy. Gaming example: Battle pass auto-renews next season without clear notice. Free trial converts to paid without clear warning.

Fix: Display cancellation steps BEFORE purchase, not buried after. Make cancellation as easy as signup (one button, not through customer support).

4. Hidden Costs

Why it fails: Adding charges after the user has already made their purchase decision. Gaming example: "Buy V-Bucks for $9.99" but by the time the purchase is complete, fees or taxes push the final charge to $12.47.

Fix: Show the final dollar amount before checkout. No surprise fees or currency conversions.

5. Misdirection

Why it fails: Designing the interface to trick users into actions they didn't intend. Gaming example: The specific Epic Games example: On PlayStation, the cross button previews cosmetics, but the square button buys. Developers then reversed this for other items.

Fix: Consistent button behavior. Clear labels ("Preview" vs. "Purchase"). Confirmation screen for any purchase over $5.

Consent Deception Patterns

These patterns manipulate how users grant permissions, share data, or opt into features—often making privacy-invasive choices appear required or beneficial when they're optional.

6. Trick Questions

Why it fails: Wording consent requests in confusing ways so users don't understand what they're agreeing to. Gaming example: "Do you want to OPT OUT of promotional emails?" (Double negative confuses users).

Fix: Use clear, direct language. "By clicking yes, we will send you weekly promotional emails (you can unsubscribe anytime)." List specific partners.

7. Privacy Zuckering

Why it fails: Tricking users into sharing personal information by making privacy settings confusing or burying privacy controls. Gaming example: Discord sends a notification: "Connect your phone number for enhanced security." The user taps it assuming phone verification is optional. It's not.

Fix: Clear opt-in for data collection. No defaults that collect data. Explicit choice: "Allow location access? Yes / No" (not "Yes / Ask Later").

8. Friend Spam

Why it fails: Using social networks to trick users into spreading messages or sharing data without explicit consent. Gaming example: "Invite 3 friends to get 500 bonus coins." The system auto-populates friend lists or sends messages on the user's behalf.

Fix: Never auto-send on behalf of users. Require explicit consent for each message. Show the exact message before sending.

9. Disguised Ads

Why it fails: Advertising that doesn't look like advertising. Gaming example: Influencer cosmetics presented as "recommended" without disclosure that this is paid sponsorship.

Fix: Clearly label all sponsored content. "#ad" or "Sponsored by [brand]" should be obvious.

10. Obstruction

Why it fails: Making it difficult to find and use privacy or opt-out options. Gaming example: Parental controls buried three levels deep in settings. No option to delete your account (only "deactivate").

Fix: Options like Delete Account, Refund Request, and Privacy Settings should be in Settings, not hidden deeper. Max two clicks to access critical controls.

Retention Trap Patterns

These patterns use psychological manipulation to keep users engaged, spending, or reluctant to leave—often through artificial urgency, guilt, or repeated prompting.

11. Nagging

Why it fails: Repeatedly prompting users to take actions they declined, in a way designed to wear down resistance. Gaming example: "Are you sure you want to skip the battle pass? You'll miss this unique skin forever!" Multiple warnings after the user already said no.

Fix: Accept user choice. One confirmation is sufficient. Don't re-ask after the user declined.

12. Shaming

Why it fails: Using manipulative language designed to shame users into compliance. Gaming example: "Leave this clan? Your teammates are counting on you." Or: "Skip this battle pass? You'll be the only one without this exclusive skin."

Fix: Neutral language. "Do you want to leave this clan? Yes / Cancel." No guilt-tripping.

13. Urgency (Fake Scarcity)

Why it fails: Using false scarcity or countdown timers to pressure users into quick decisions. Gaming example: "This cosmetic is leaving the shop in 2 hours! Buy now or lose it forever!" But the cosmetic returns to the shop regularly.

Fix: Use real scarcity and time limits. If the cosmetic returns in two months, say so. Don't use countdown timers for recurring offerings.

The Epic Games Case Study: Exact Dark Patterns That Cost $245M

Let's examine the specific dark patterns Epic used in Fortnite that led to the $245 million refund order. Understanding exactly what Epic did wrong is the best way to ensure you don't do it yourself.

Dark Pattern #1: Saved Credit Cards with No Confirmation

Why it fails: The system automatically saved players' credit cards. Once saved, a player could spend V-Bucks (virtual currency) with a single tap. No CVV re-entry. No "are you sure?" confirmation. Just one tap and the charge was processed.

Fix: NEVER auto-save credit cards for recurring purchases. For cosmetics, require at least a confirmation screen. For battle passes, require password or CVV re-entry.

Dark Pattern #2: Deceptive Button Placement (Roach Motel)

Why it fails: Refund/cancel buttons should be as visible as purchase buttons. The refund process was buried and difficult. To request a refund: 1. Open Fortnite app 2. Go to Settings... 7. Wait for review. Contrast that with the purchase process: 1. Open cosmetics store 2. Tap cosmetic 3. Tap "Purchase". The asymmetry was extreme.

Fix: Refund/cancel buttons should be as visible as purchase buttons. Store all purchases in a clear "My Purchases" section. One-tap refunds for purchases under 48 hours old.

Dark Pattern #3: Inconsistent and Confusing Button Design

Why it fails: On PlayStation, the button layout for purchasing cosmetics was inconsistent: Cross button = preview for some items, buy for others. A player familiar with one cosmetic would buy another by accident. This wasn't a bug. This was by design.

Fix: Consistent button layouts across all cosmetics. Always include a confirmation screen. Clear labels: "Preview" vs. "Purchase" (not just button symbols).

Dark Pattern #4: Misclicked Purchases Due to Cramped UI

Why it fails: On mobile, the preview button was placed very close to the purchase button. A misclick (common on small screens) would instantly charge the player. No confirmation. No undo.

Fix: Buttons must be large enough to tap accurately (min 44x44 pixels). Space buttons at least 16 pixels apart. Preview first, then move to a confirmation screen to purchase.

Dark Pattern #5: No Confirmation Screens

Why it fails: Cosmetic purchases had no confirmation screen. Tap, and you're charged. Epic knew confirmation screens would reduce "impulse purchases." They rejected the recommendation specificially to preserve impulse purchasing.

Fix: ALWAYS include a confirmation screen before purchase. Confirmation screen must show: Item, Price (in dollars), and clear "Confirm" / "Cancel" buttons.

Dark Pattern #6: Difficult-to-Find Refund Options

Why it fails: Refund requests were hidden in a deeply nested menu. Most players never found it. Those who did faced "no refunds" policies or lengthly forms.

Fix: Refund policy must be clearly stated before purchase. Refund button must be visible in "My Purchases" section. Refund requests should be instant/auto-approved if under 48 hours.

Dark Pattern #7: Account Lockouts for Disputed Charges

Why it fails: When players disputed charges with their credit card companies, Epic locked their entire accounts. Players lost access to games they'd paid for. This was retaliation.

Fix: NEVER lock accounts due to chargebacks. Process refunds directly instead of forcing credit card disputes. Assume good faith.

Dark Pattern #8: Hidden Account Recovery & Deletion

Why it fails: Users couldn't easily delete their accounts. The process was intentionally complex to keep user accounts (and their purchase data) in the system.

Fix: "Delete Account" button in Settings (not buried). One-click account deletion. Clear data deletion timeline (30 days).

Dark Patterns Audit Checklist: Use This Now

Print this checklist and audit your game's purchase flow, refund process, and account management against each item. Be honest: If you check "yes" to any of these, you have a potential dark pattern.

Step 1: Payment Flow Audit

Do you save credit cards and allow purchases with a single tap? FIX: Require password/CVV confirmation
Is there a confirmation screen before any purchase? FIX: Add confirmation showing item and price
Is the final price clearly shown before purchase (in dollars)? FIX: Display price + fees upfront
Are purchase and cancel buttons the same size/visibility? FIX: Make them equal prominence
Is button design consistent across all items? FIX: Same button = same function everywhere
Are buttons large enough to tap accurately (min 44x44px)? FIX: Increase size on mobile
Do players need to buy virtual currency bundles to complete purchases? FIX: Offer exact V-Bucks needed
Are limited-time offers actually limited? FIX: Remove countdown timers for recurring items

Step 2: Refund & Cancellation Audit

Can players find the refund button in under 2 clicks? FIX: Add to "My Purchases" section
Is there a clear "request refund" option for all purchases? FIX: Show option on receipt
Is the refund policy clearly stated on the checkout screen? FIX: Display policy clearly
Is refund approval instant for recent purchases? FIX: Auto-approve under 48 hours
Do you require only the item name/date (no lengthy forms)? FIX: Simplify to one field
Is subscription cancellation/don't-renew visible before purchase? FIX: Show "Cancel anytime"
Can players cancel with one button? FIX: Add cancel button in "Active Subscriptions"

Step 3: Account Management Audit

Do you require password re-entry for sensitive actions? FIX: Require password for deletion/refunds
Do you lock accounts for chargebacks? FIX: Process refunds directly, don't punish disputes
Can players easily see what data you have about them? FIX: Add "My Data" section
Is the "Delete Account" button visible in Settings? FIX: Add to main Settings menu
Can players delete their account with one confirmation? FIX: One-click deletion
Are promotional emails opt-in (not opt-out)? FIX: Require explicit consent
Is the privacy policy easy to find and understand? FIX: Link in Settings, plain language

Before/After Case Study: How to Redesign for Compliance

Let's look at a real example: battle pass renewal. This is where many games implement dark patterns.

Aspect	BEFORE (Dark Pattern Version)	AFTER (Compliant Version)
Battle Pass Purchase Screen	Buttons same size. small print: "Auto-renews next season."	Purchase button larger. Warning: "⚠️ IMPORTANT: This battle pass will automatically renew. You can cancel anytime."
After Purchase	No confirmation. Just charged.	Confirmation screen: "Purchase Complete!" + "MANAGE SUBSCRIPTION: [Cancel] [Change Payment]"
Cancellation Process	Buried in small print, 3 menu layers deep.	One-click [CANCEL SUBSCRIPTION] button in Settings > Subscriptions.
Result	Players forget to cancel. Unintended charges. Lockouts.	Fewer accidental charges. Fewer chargebacks. Fewer support tickets.

Regional Compliance Note: How Dark Patterns Laws Vary

European Union

Strict

Consumer Rights Directorate fully bans dark patterns. Confirmation screens REQUIRED.

Key Law: GDPR + CMA Dark Patterns Code

Requirement: Cancellation must be "as easy as signup"

Status: Strict Enforcement

United Kingdom

Strict

Similar to EU. Explicit dark pattern enforcement by Ofcom.

Key Law: Online Safety Act

Authority: Ofcom

Requirement: Platform safety + easy exit

United States

Active

FTC Act Section 5 prohibits "unfair or deceptive practices". Epic Games case is the precedent.

Key Law: FTC Act Section 5

Authority: Federal Trade Commission

Precedent: Epic Games $520M Settlement

Australia

Emerging

ACCC targets dark patterns. Misleading/deceptive conduct is prohibited.

Key Law: Australian Consumer Law

Authority: ACCC

Implementation Timeline: How to Roll Out Fixes

If you identify dark patterns in your game, here's a realistic implementation plan:

Week 1-2

Audit & Documentation

Use the checklist above to audit your game. Document every dark pattern you find, take screenshots of problematic screens, and consider getting a legal review.

Week 3-4

Quick Wins (No Code Changes)

Update privacy policies to clarify refund terms, send in-game notifications about new refund policies, simplify refund request processes, and update customer support scripts.

Week 5-8

Medium Effort Fixes (Code Changes)

Add confirmation screens to purchases, make refund buttons visible in 'Purchase History', implement one-tap cancellation for subscriptions, and fix button placement.

Week 9-12

Major Overhaul (Full Redesign)

Redesign payment flow UI if necessary, implement password/CVV re-entry for sensitive transactions, build 'My Data' section for GDPR compliance, and test thoroughly with QA.

Week 13+

Monitoring & Updates

Track refund requests (expect initial increase then stabilization), monitor customer support tickets, collect player feedback, and watch for decreased chargebacks.

The Business Case: Do Dark Pattern Fixes Hurt Revenue?

Studio owners often ask: "Won't fixing dark patterns destroy my revenue? If I make refunds easier, won't everyone refund everything?"

The short answer: No. Evidence suggests the opposite.

Positive Impact:

Reduced chargebacks = lower payment processing fees
Reduced customer support load = lower support costs
Reduced account lockouts & disputes = fewer refund requests
Better retention = players trust your game more
Positive word-of-mouth = "Game X actually let me refund easily"

Closing: Compliance as Competitive Advantage

Here's the counter-intuitive truth: Fixing dark patterns is a competitive advantage.

When your game's payment flow is transparent and honest, you stand out. Studios using dark patterns are taking on regulatory risk. You're not. When a player compares your game to a competitor, and your refund process is one-tap while theirs is buried, you win trust.

In 2026, trust is the most valuable currency in gaming. Not V-Bucks. Trust.

The Epic Games settlement wasn't just a fine. It was a message to the entire industry: This is the new standard. Studios that comply now avoid the $245 million problem.

The question isn't whether to fix dark patterns. The question is how fast you can fix them.

Related Devclosure Resources

Going deeper into these topics?

The Complete Guide: Gaming Compliance 2026: The Complete Guide — Overview of all compliance frameworks
Case Study: Lessons from Epic Games' $520M COPPA Settlement — Detailed breakdown of what Epic did wrong
Coming Soon: In-Game Purchase Compliance — Specific guidance on purchase flow by framework

Frequently Asked Questions

Q: What are the 13 FTC dark patterns? A: The FTC identifies 13 specific manipulative designs, including "Roach Motel" (easy to buy, hard to cancel), "Nagging" (repeated requests), "Forced Continuity" (automatic subscriptions), and "Sneaking" (hidden costs). See the full list above.

Q: Did Epic Games use dark patterns? A: Yes. Epic Games paid $245 million specifically for dark patterns that tricked players into making unintended purchases, such as placing buttons confusingly and making refunds difficult to find.

Q: How do I audit my game for dark patterns? A: You should review your entire user flow, specifically focusing on payment and cancellation screens. Use our Dark Patterns Audit Checklist to check your game against known violations.

Q: What is the penalty for using dark patterns? A: Penalties can be severe. The FTC fined Epic Games $245 million for dark patterns alone. In the EU, dark patterns can violate GDPR (fines up to 4% of global revenue) or the Digital Services Act (fines up to 6% of global revenue).

Author

Researched and written by Perplexity AI

References

CNN. (2022, December 19). "'Fortnite' maker Epic Games to pay $520 million in record fine." Retrieved from https://www.cnn.com/2022/12/tech/fortnite-epic-ftc-settlement
Federal Trade Commission. (2022, December). "$245 million FTC settlement alleges Fortnite owner Epic Games used digital dark patterns." Retrieved from https://www.ftc.gov/business-guidance/blog/2022/12/245-million-ftc-settlement-alleges-fortnite-owner-epic-games-used-digital-dar
Varnum Law. (2024, September). "Record-breaking Fine: Epic Games, Inc. and FTC Agree to Settlements Totaling 520 Million Dollars." Retrieved from https://www.varnumlaw.com/insights/record-breaking-fine-epic-games-inc-and-ftc-agree-to-settlements-totaling-520-million-dollars
FTC. (2022, September). "Bringing Dark Patterns to Light: Staff Report." Retrieved from https://www.ftc.gov/system/files/ftc_gov/pdf/P214800+Dark+Patterns+Report+9.14.2022+-+FINAL.pdf
Koley Jessen. (2025, July). "What are Dark Patterns?" Retrieved from https://www.koleyjessen.com/insights/publications/what-are-dark-patterns
Chicago Business Law Review. (2024, January). "Forthcoming Litigation for Companies That Employ Dark Patterns." Retrieved from https://businesslawreview.uchicago.edu/online-archive/forthcoming-litigation-companies-employ-dark-patterns
Consumer Finance Monitor. (2024, August). "Is your direct-to-consumer company using 'dark patterns' on its website?" Retrieved from https://www.consumerfinancemonitor.com/2024/08/07/is-your-direct-to-consumer-company-using-dark-patterns-on-its-website/
FTC. (2024, December). "FTC Sends Refund Payments to Consumers Impacted by Epic Games' Unlawful Billing Practices." Retrieved from https://www.ftc.gov/news-events/news/press-releases/2024/12/ftc-sends-refund-payments-consumers-impacted-epic-games-unlawful-bil
Epic Games. (2023, September). "Epic FTC Settlement and Moving Beyond Long-Standing Industry Practices." Retrieved from https://www.epicgames.com/site/en-US/news/epic-ftc-settlement-and-moving-beyond-long-standing-industry-practices
OECD. (2022). "Dark Commercial Patterns." Retrieved from https://www.oecd.org/content/dam/oecd/en/publications/reports/2022/10/dark-commercial-patterns_9f6169cd/44f5e846-en.pdf