Safe means that using basic integrated C2 functions I can make a game, where people cannot open it using any basic hackers software, add ?1m into their account and ask for a withdrawal.
alexgold87 you need to use back end server to validate the auth, also do some tricks like triple validation, the client generates number, the server validates if is from engine, not user injection and using hash like MD5 is checked.
Otherwise, if the number it's injected and no generated number from server, he gets banned.