Okta Director of Security Engineering Arun Kumar Elengovan on What Identity Infrastructure Teaches About Trusting Game Clients

Okta authenticates over a billion identity transactions per day. Every one of those transactions is a trust decision — is this user who they claim to be, should they have access to this resource, and can the system verify the answer fast enough that the user doesn’t notice the question was asked? The engineering infrastructure behind those decisions spans authentication protocols, token validation, session management, continuous verification, and adaptive risk scoring. Build it right, and users sign in seamlessly while attackers bounce off walls they never see. Build it wrong and either legitimate users get locked out, or unauthorized users walk through open doors.

The same trust problem exists in every multiplayer game with a leaderboard, every arcade game with a score counter, and every online feature that accepts client data; the server cannot fully control it. The client says the player scored 50,000 points. Did they? The client reports a combo multiplier of 10x. Is that possible given the game’s physics? The client submits a global gift count to a community counter. Can the server trust that number? In identity infrastructure, these questions have decades of engineering practice behind them. In game development, they’re often answered with “we’ll worry about that later.”

Arun Kumar Elengovan has spent his career making sure “later” never arrives too late. As the Director of Security Engineering at Okta, he founded and leads the Engineering Security organization that protects the identity platform serving millions of users across 19,000 customer organizations. He scaled that team from four engineers to a global function spanning the United States, Canada, and India. A Forbes Technology Council member with international recognition in applied cryptography, cloud security, and AI-driven defense systems, he approaches every system — financial, enterprise, or recreational — through the lens of trust verification.

When Elengovan evaluated nine Christmas-themed arcade games at Neuro Nostalgia 2026 — a 72-hour competition where 25 teams built retro 2D games using Turbo, a Rust-based engine compiling to WebAssembly — his scoring patterns consistently rewarded projects that solved trust problems well, even when those projects didn’t frame their engineering decisions in security terms. Games with robust state integrity, clear verification boundaries, and well-separated trust domains earned his highest marks. Games with ambiguous state, unverified client claims, or collapsed trust boundaries scored lower.

Global State and the Federated Trust Problem

Identity platforms don’t operate in isolation. When a user signs in to an application via Okta, the authentication event is propagated to every service that trusts Okta as an identity provider. A single compromised session token can cascade through dozens of connected applications. The engineering challenge isn’t authenticating a single user for a single service — it’s maintaining trust and integrity across a federated system where every participant depends on every other participant’s security posture.

SantaBash, by the team SantaBash, demonstrated a federated trust architecture in miniature. The game used Turbo OS Cloud integration to maintain a global community gift counter, with presents delivered by all players worldwide accumulating toward shared milestones at 100,000, 200,000, and 300,000 gifts. Reaching each milestone unlocked new Santa skins for every player: Classic, Cyber, Gold, and Dark. One player’s deliveries unlocked rewards for all players. One player’s compromised gift count could inflate the counter for everyone.

Sathiya Veluswamy, a fellow evaluator who conducted deep code-level reviews of the same batch, identified the cloud integration as architecturally significant: “This is above-baseline Turbo work — not just sprites and input. You’re using Turbo OS and server primitives for global goal and score submission.” Pallav Laskar, another batch evaluator, highlighted the trust implications directly: “Four procedurally-rendered Santa skins unlocked via global community gift milestones using Turbo OS Cloud integration — a unique social feature.” Ramprakash Kalapala framed the global counter as the differentiating innovation: “The core mechanic is familiar, but the game is wildly innovative in its theme, narrative presentation, and global community goal, which sets it apart.”

Elengovan scored SantaBash 4.45 on a 5-point scale, with perfect 5s for both arcade authenticity and Christmas theme integration, reflecting a mature assessment of the game’s architectural achievement. The dual-phase gameplay — sixty seconds of dodging enemies followed by twenty seconds of precision chimney deliveries — created a rhythm that generated trust-sensitive data at two distinct cadences. Combat phase scores are accumulated locally. Delivery-phase contributions have been pushed to the global counter. In identity terms, this is the distinction between local session state and federated identity claims—both require integrity. Still, federated claims carry systemic risk because they affect participants beyond the originating session.

Detection as Authentication

In identity infrastructure, authentication is the process of verifying a claim. A user presents credentials—password, biometric, or hardware token—and the system evaluates whether they match an expected pattern. The sophistication of the authentication system determines how reliably it distinguishes legitimate access from unauthorized access. A simple password check is authentication. Multi-factor verification with risk scoring is a better authentication method. Continuous behavioral analysis that detects anomalies in real time is state-of-the-art.

Present Thief by team Hanuman Force, built what amounts to a multi-factor, continuous authentication system — expressed as guard AI in a stealth platformer. The game earned Elengovan’s highest score in the batch at 4.90 weighted, with perfect 5s for gameplay, arcade authenticity, and technical execution.

The reason becomes clear when examining the game’s detection architecture. Laskar’s technical review identified the specific mechanisms: “The hive mind radio alert system, where guards communicate within 150-pixel range, creates emergent gameplay. Adaptive AI Director tracks player performance and adjusts guard speed, view range, and detection rate.” Guards didn’t just detect the player through line-of-sight — they communicated detections to nearby guards, creating a propagating alert cascade. If one guard “authenticated” the player’s presence, neighboring guards within communication range updated their threat assessment automatically.

This is federated identity verification applied to enemy AI. In Okta’s architecture, when one service detects a compromised session, it can trigger a session revocation that propagates to all connected services. Present Thief’s guards operated on the same principle — a detection event at one node propagated through the security network, escalating the threat response across the entire system. The Adaptive AI Director added another layer by adjusting detection parameters based on player performance history, mirroring the risk-based authentication systems that increase verification requirements when behavioral anomalies suggest compromise.

Santa-Stealth by team Batman implemented a related but architecturally distinct detection model. Laskar documented the parameters: “Vision-based enemy detection with 160-pixel radius and 60-degree cone, plus alert propagation between nearby enemies, makes stealth meaningful.” Where Present Thief used an omniscient AI Director to modulate detection sensitivity globally, Santa-Stealth used local detection parameters — each guard had a fixed view cone that defined its authentication boundary. Step outside the cone and you’re undetected. Step inside, and the guard initiates its response protocol.

Elengovan scored Santa-Stealth 4.80, the second-highest in his batch. The dual weapon system — snowballs for stealth-compatible ranged attacks and a gun for high-damage loud engagement — created a tactical choice that maps directly to authentication bypass strategies. The stealth approach remains outside detection boundaries, avoiding authentication challenges. The direct approach forces through the authentication boundary with overwhelming force, accepting the consequence of triggering alert propagation.

Ingyu Woo, another evaluator, validated the technical execution: “The technical execution is strong, particularly in enemy AI behavior and boss design, which feel well tested. The main limitation is environmental variety.” The detection system worked reliably — the trust boundary between “detected” and “undetected” was well-defined and consistently enforced. The game earned its high score because its authentication architecture was sound, even if the game never used that terminology.

Continuous Verification and Earned Trust

Traditional authentication is binary: you’re either authenticated or you’re not. Modern identity systems have moved toward continuous verification — the system doesn’t just check your identity at the door, it monitors behavioral signals throughout the session. If your usage patterns suddenly deviate from your established baseline—accessing unusual resources, logging in from an unfamiliar location, exhibiting automated-looking behavior—the system escalates its verification requirements or terminates the session.

Aurora Runner, by team Striker, implemented continuous verification through its combo-scoring system. The game awarded points for collecting stars and power-ups, but missing a collectible not only ended the combo — it also penalized the player. Miss a star and lose three combo points plus twenty-five score. The system continuously validated the player’s performance, and any lapse in that performance degraded their standing.

Veluswamy’s code review identified the engineering that made this work: “Strong type modeling with enums and structs for obstacles, powerups, particles, waves, and text, along with clear function boundaries. This is engineered, not spaghetti.” Oreoluwa Omoike highlighted the player-facing result: “The combo-based scoring system adds meaningful tension and skill-based gameplay. The risk-reward mechanic of maintaining combos keeps players engaged and encourages mastery.”

Elengovan was awarded Aurora Runner 4.65, with perfect 5s for gameplay, technical execution, and innovation. The scoring pattern reveals what a security architect values: the combo system didn’t just reward performance — it continuously verified it. A single lapse in performance triggered an immediate decline in trust, forcing the player to rebuild their standing through sustained, verified actions. In identity terms, this is continuous adaptive trust — the system’s confidence in the user rises and falls based on ongoing behavioral evidence, not just initial credential presentation.

Santaviour by team Genesis pushed this pattern further with its boss AI. Laskar’s analysis documented the behavioral monitoring: “Boss AI is sophisticated with idle tracking — the boss attacks if the player stands still for more than three seconds — health-phase difficulty scaling with enrage at 50 percent and desperate at 25 percent, and weighted attack selection based on distance.” The boss didn’t just fight the player — it monitored the player’s behavioral patterns and adapted its authentication challenges accordingly. Standing still triggered increased scrutiny. Taking damage lowered the threshold for aggressive responses. Distance determined which attack patterns the boss selected.