Expanded Microsoft Azure Attestation protections coming for Season 04
When Ranked Play launched in Season 02, RICOCHET Anti-Cheat introduced expanded protections using Microsoft’s cloud-based attestation technology. This extra layer of defense helps us verify trusted PC systems before competitive matches begin.
In Season 04, we’re building on those protections – going forward, Activision is requiring modern PC security standards to access competitive playlists.
IMPORTANT: Players who fail Microsoft Azure Attestation (MAA) checks will be placed into a separate matchmaking pool. To access all playlists, players must successfully complete the MAA process. Because the pool of players who haven't passed our attestation checks is small, access is limited to a select set of playlists to help maintain healthy matchmaking.
Players who do not complete attestation will be limited to Nuketown 24/7 in Call of Duty: Black Ops 7 and Battle Royale Casual in Call of Duty: Warzone. This requirement helps protect the integrity of the game and the experience of the broader community.
Alongside these PC security updates, #TeamRICOCHET’s enforcement and education efforts around unauthorized scripted input devices, such as Cronus Zen and XIM Matrix, are making a real impact. Nearly two-thirds pf players temporarily banned for using these devices don’t return to them when they come back to play Black Ops 7. These results help create a healthier competitive environment where matches are decided by skill.
Season 04 at a glance:
- Reduced Matchmaking for Failed Attestation: Players who do not meet TPM 2.0 and Secure Boot requirements will see a message alerting them of their “Failed Attestation Status” and will be placed into separate matching pools.
- Unauthorized input device enforcement: Improved detections targeting scripted input modification devices, including Cronus Zen and XIM Matrix. Most players banned for using those devices don’t use them again when they come back to play.
Microsoft Azure Attestation Enforcement
RICOCHET Anti-Cheat uses Remote Attestation to help verify important PC security settings directly with Microsoft as part of our implementation of TPM 2.0.
Some games rely on local checks that happen on the player’s PC, but those systems can sometimes be manipulated to falsely report that everything is “all clear.” Remote Attestation works differently by validating those checks through trusted Microsoft servers instead, making it much harder for tampered systems to appear legitimate.
By verifying PCs in this way, Remote Attestation strengthens the security foundation behind Call of Duty.
- How it works:
- If your PC isn’t compliant, you will receive a notification that your system failed attestation, and matchmaking access will be adjusted accordingly.
- If you attempt to play with party members whose PCs aren’t compliant, you will also receive a message that you’ve failed attestation because at least one party member did not meet secure attestation requirements.
To be fully compliant, your system will need:
- TPM 2.0 (Trusted Platform Module) enabled
- Secure Boot enabled
For AMD users, versions of AMD’s TPM software in the 3.x.0.x range can return an error during the attestation process, and the fix is to update the system BIOS or firmware.
If you don’t have these features enabled, you will be placed into a separate matchmaking pool. You also won’t be able to match with players whose systems meet our security requirements or with console players.
If you need help updating your settings, visit our Player Support page.
- Why This Matters:
- These updates are designed to make it harder for bad actors to play Call of Duty while protecting fair play for everyone else.
- This is also an important step toward improving the overall health of the PC ecosystem for competitive play.
- As we mentioned above, in some cases, a PC may fail attestation because of issues with hardware or firmware rather than anything a player intentionally tampered with.
- When players report these issues to us, we work with the appropriate manufacturers to share findings and request fixes where needed.
- We’ll continue helping identify and escalate these cases, but those fixes ultimately come from manufacturers.
Temporary Bans Deter Repeated Device Use
Unauthorized scripted input devices, including Cronus Zen and XIM matrix, remain a key focus as we continue detecting and enforcing against their use.
These devices manipulate player inputs in ways that undermine fair competition, and we're constantly evolving and updating our systems to identify gameplay behavior that goes beyond normal human abilities.
Our initial enforcement focused on player education through warnings before escalating to bans. That approach continues to show positive results, with fewer players returning to scripted input devices after receiving warnings and temporary bans.
Nearly two-thirds of players temporarily banned for using these devices changed their behavior after enforcement, returning to Black Ops 7 without the scripts that originally got them banned.
Our phased rollout strategy is intentional. These devices are sold through mainstream retailers, and some players may incorrectly assume that meant they are permitted for use in Call of Duty. (As you all now know, they’re not.)
We'll continue evolving our detections and security systems throughout Season 04 and beyond to help ensure your matches are decided by skill.
Follow @CODUpdates and @CallofDutyCM on X for real-time updates, information from upcoming Progress Reports, and more.
©/TM/® 2026 Activision Publishing, Inc. For more information on Activision games, follow @Activision on X, Facebook, and Instagram.
Join Call of Duty's Official Discord to get the latest updates and maybe even meet your next squadmate!
