In order to limit (let's not dream) the creation of "bogus" clubs to take advantage of the benefits granted to level 1 clubs, in particular through dubious transfers, I propose the introduction of a double authentication system (sending an SMS, for example) to :

• create a new club
  but also
• put a player on the transfer list
• buy a player from the transfer list
• possibly also to carry out certain operations such as launching a build or loaning a player

Even if some clever people use a 'friendly' phone number to create a bogus club, they'll no doubt find it difficult to keep the club going in the long term and even in the short term, as I think the admins could have a database that would allow them to see the phone number associated with the club and identify duplicates.

I'm curious to know if there are any technical obstacles to setting this up. In any case, my bank knows how to do it, my tax office knows how to do it, almost all the service providers I use with a login know how to do it, etc...

Unfortunately, I think this goes completely against the direction the game seems to have taken.
I get the feeling that a lot of changes have been made to appeal to an 'easier' audience.
You see, the manager who downloads the game, tries it out very quickly, is quickly helped (dynamically) with aids, doped-up mentoring and so on.
And then, they don't have to think too hard (training sessions simplified to the max, simple tactics), and they don't need to be on the game a lot (logging on once in the morning on the metro, and once in the evening during a break).
So if I've got my facts right, I think that setting up this verification system makes it much more difficult to catch consumers. And so I think it goes against the current policy (I'm afraid it's "more managers = better business for the Store", which is understandable, and can be defended, to be honest).

That said, you're absolutely right to point out a real concern about security in the game. By that I mean the fight against cheating.
But when A45 says in full audio that "we can now detect multiplayers very easily", I think we've all understood where we stand.... :/

When he sees that the admins are all going to give up their jobs, he'll back down.
Otherwise he'll have to get used to the idea that cheating is part of the game.

Double authentication when creating an account once and for all by registering a telephone number and then having to validate the code received by SMS only when making a transfer makes life infinitesimally more complex for the 'normal' player but enormously more complex for the 'cheating' player.
So as far as I'm concerned, there's no point in debating whether or not to introduce such a system.
..unless the aim is to make people believe that there are dozens of new players every day (at the risk that 90% of these new players are multi-accounts).

Rather than sending a code by sms for each action, a multi-account player often has to log out, so the code for each connection seems better. I do agree, however, that double authentication is needed.

Perhaps we could have a clear and honest communication from Aymeric on this subject?
Because he really did say in his voice that it was now very easy to detect multiple accounts...

But when you dig a bit, you quickly realise that there are a lot of them (plus those with wives, cats and so on...).

I think the majority of the community is very worried about what's planned for next season!

Personally, I wouldn't mind every time you log in, but you're going to get a lot of moaners whining that it's too much.
I think that at creation to register the phone and then only occasionally to validate 2 or 3 sensitive operations such as transfers (not auctions), choosing a sponsor, launching a build, would be enough for now and would reduce fraud considerably and simplify the work of the admins by also considerably limiting the time of an investigation for multiple accounts.

myforsans: Faire une double authentification à la création de son compte une fois pour toute en enregistrant un numéro de téléphone et devoir ensuite valider une fois le code reçu par SMS uniquement quand on fait un transfert complexifie de façon infinitésimale la vie du joueur "normal" mais complexifie énormément la vie du joueur "tricheur"
Donc pour moi il n'y a pas de débat et pas à se poser de question sur l'opportunité ou non de mettre en place un tel système.
..à moins que le but soit de faire cro...

Hmmm no, I don't agree. Now, I'm not necessarily right.
But if a new player is tempted by the game, if they're asked for their phone number the first time they use it, I think most of them won't get past that stage. Because you wonder "why?" or "what are they going to do with it? You know, people are suspicious. Personally, I put myself in their shoes. If I was new and didn't know VF at all, I'd be reluctant to pass on data. You never know where it's kept, what it's used for, how secure it is and so on.
Admittedly, this information is probably already stored on the download platform (PlayStore, AppleStore, etc.) but that's considered secure. Now you're going to a game you know nothing about...
I really think you're just losing people. Your targets as an MDJ...

Then, are there any newcomers arriving? Of course, and I hope they do ! Otherwise the game is lost ! But I'm not fooled either. By dint of seeing cheating, I've reached the point where I look at each new account with suspicion. If I communicate with them, I always wonder which banished person I'm talking to, or which VF 'celebrity' I'm talking to... But that's abnormal, I agree. Nevertheless, I'm convinced that there are some real new players. The problem is that they don't stay. And that's A45's big problem, which he seemed to want to alleviate a while ago (setting up support, mentoring). Even the handbook I wrote was more or less oriented in this direction, and above all, was part of this policy (getting newcomers hooked).
Now, without more information, I don't have any data on the veracity of my feelings about the 'real manager / multis' gauge. I totally agree with you that measurements are needed. And I'd even add that uncontrolled cheating is the cancer of a game. It's vital to curb it as much as possible. I'm simply saying that your method, however interesting it may be, and however effective it may be in the fight against cheating, may have undesirable effects elsewhere.
Now, I'm not a prophet, I'm just stating the problem in your idea, which is very interesting by the way

The simplest solution is to stop all aid at level 1, as is the case now, and that would solve a lot of problems.

Magpie: Hmmm non, je ne suis pas d'accord. Après, je n'ai pas forcément raison.
Mais si un nouveau joueur se laisse tenter par le jeu, si, dès la 1ere utilisation, on lui demande son numéro de téléphone, je pense que la plupart ne passent pas cette étape. Car tu te demandes "pourquoi ?" ou "que vont-ils faire de ça ?". Tu sais, les gens sont méfiants. Perso, je me mets à leur place. Si j'étais nouveau que que je ne connaissais pas du tout VF, je serai réticent à transmettre des données. Tu ne sais ja...

Personally, now that I know about VF, I'm even less inclined to give my personal phone number.
If the game is pirated or something, you don't know who's going to end up with it.

Well, if I tell you (or VF) that my phone number is 06 11 71 45 64 what difference does it make to me?
What exactly am I risking? Canvassing?

myforsans: Bof si je te dis (à toi ou à VF) que mon numéro de téléphone c'est 06 11 71 45 64 ça changée quoi pour moi.
Qu'est ce que je risque concrètement ? Du démarchage téléphonique ?

For example, or smishing.
And even so, it's a feeling, whether you deny it or not.
If you don't, well done 👍

Magpie: Par exemple, ou du smishing.
Et quand bien même, c'est un ressenti, que tu le nies ou pas.
Si toi tu ne l'as pas, bravo 👍

No I haven't, I must not be paranoid enough

myforsans: Non je ne l'ai pas, je ne dois pas être assez paranoiaque

This is crazy. Can't you really open up your spectrum of vision a little?
Can't we think outside your vision?

Tell me, is that your real number? If not, use the real one to see if it's really safe. I dare you.
Secondly, it's amazing what we can do with AI these days.
If you put your CV on the internet (linkedin, keljob, etc) with your number in an image (of your CV), in 1 hour I'll publish your name, surname, address, probably a photo, your career path, etc.
Just from a number.
This is just an example. But do it if you don't care.

Against
Not everyone has a telephone number (I don't have one myself)
Or an alternative to SMS verification

Many of us avoid talking to some of you, it's not to give you our 06!

Apart from this double authentication when creating an account, it will simplify life for admins and give them access to a panel of logs in terminal format that logs the IP of each connection, which will make life a little easier for the IP addresses.

Sun's: Contre
Tout le monde n'a pas forcément un numéro de téléphone (perso j'en possède pas)
Ou bien une autre alternative que les vérifications via SMS

Emails are already stored. An OAuth linked to emails when an account is created would limit things a bit, because at least email creation is limited.

Or mm crazier a script or bot that scrapes accounts with the same IP or devices or further added a few suspicious parameters to identify duplicates and automatically alerts the admins for manual verification.

You don't need a script or bot to scrape because you have server-side logs with this information.

OAuth is just a protocol for connecting with another account, like "connecting with google", it's not this protocol in itself that will restrict accounts.

I don't think there are any solutions that are at once simple, not costly in terms of time/money or RGPD-friendly for this subject, or even that our opinion will matter.

Azby: Tu n'as pas besoin de script ou de bot pour scraper car tu as des logs avec ces infos côté serveur.

OAuth c'est juste un protocole de connexion avec un autre compte, genre "se connecter avec google", c'est pas ce protocole en lui-même qui limitera les comptes.

Je ne pense pas qu'il y ait de solutions à la fois simples, pas coûteuses en temps/argent ou RGPD-friendly pour ce sujet, ni même que notre avis importera.

Of course you have the logs, but do the admins have access to them?

Azby: Tu n'as pas besoin de script ou de bot pour scraper car tu as des logs avec ces infos côté serveur.

OAuth c'est juste un protocole de connexion avec un autre compte, genre "se connecter avec google", c'est pas ce protocole en lui-même qui limitera les comptes.

Je ne pense pas qu'il y ait de solutions à la fois simples, pas coûteuses en temps/argent ou RGPD-friendly pour ce sujet, ni même que notre avis importera.

When an account is linked to Google or other platforms, this would limit the number of users, bearing in mind that you can change your email address once you've signed up.