Ok, I admit it. Nobody does online retail gaming better than Steam.
You may hate the Steam client but like or not they must be doing something right because the likes of EA and Ubisoft have copied it.
Over the years it's matured from a simple retail gaming portal to a thriving online community where developers and gamers alike regularly interact. It was the incubator for the fledgling Indy Game movement even if Valve got a bit greedy while it was doing it.
Sales, Promotions, a marketplace for gaming related items not to mention hundreds of active forums and even a mode designed for those big TV screens just like consoles have.
There's a lot that's right about Steam but there's also those times when they manage to shoot themselves in the foot.
Over and over and over again...
One of those times has to do with the aforementioned Steam Marketplace.
Best described at the gaming equivalent of a Mashup between penny stocks and Ebay the Marketplace primarily trades in gaming related kitsch generated by Valve and developers.
C'mon now!
What red blooded, self-absorbed, button masher wouldn't want a special hat for fragging in Team Fortress 2 or the opportunity to get that elusive virtual trading card that will let you finally show off that badge for Euro Truck Simulator 2016 in your Steam Profile page...
But in the past few years Steam has had some security issues. Most recently an admission that an average of 77000 accounts get hacked every month depriving players of their hard earned goodies and along with it the cash balance in their Steam accounts.
The response, mandatory 2 factor authentication for the Steam Marketplace. The same solution used by Google, Microsoft and touted by security gurus as the best way to secure your online information.
If you care at all about privacy and the Steam Marketplace you should be at odds with this "mandate."
To be fair, It's a "soft Mandate" but failure to comply effectively cripples your marketplace transactions. But I'm not going to play Steam apologist here...
To be fair, It's a "soft Mandate" but failure to comply effectively cripples your marketplace transactions. But I'm not going to play Steam apologist here...
2 problems are glaring at me and they are specifically aimed at what Steam is doing.
1. Steam accounts are hacked primarily to steal marketplace items and account balances. All of which are traded in REAL MONEY!
2. I have a problem with the whole premise. If Steam has effectively thrown up its hands in securing user information then IT SHOULDN'T HAVE THE INFORMATION IN THE FIRST PLACE!
If you buy a game on Steam, chances are you're going to be paying with either a credit card or PayPal. It's an entirely separate process from the marketplace and subject to PCI rules governing monetary transactions via electronic means.
Yep, just like Amazon.com and Target, there's rules for anything that involves REAL MONEY.
The Steam Marketplace, however, is an entirely separate process. In fact if you want to add money to your Marketplace account you actually have to do it via a separate secured process. In effect you're buying a token that has cash value.
WHY ARE WE DOING THIS?
Why are we using something of actual value in a sand-boxed marketplace. Nothing for sale there, ABSOLUTELY NOTHING is worth anything outside of the Steam ecosystem. So why the hell is real money involved? Why not use a point value system or jumping joysticks or whatever but NOT A PROCESS THAT INVOLVES CASH! Why are we exposing that much information for a site that sells VIDEO GAMES!?
Steam's answer to its security problem? 2 factor authentication....
They now want a phone number, preferably on a Smartphone, and an app to secure your account if you want to participate in the marketplace.
WHAT?
Who came up with this? My GOD, they're selling games not mutual funds!
Worse, they've already proven they can't adequately secure your private information much of which they really don't need anyway. So WHY THE HELL WOULD I GIVE THEM EVEN MORE!
Oh, and by the way....
Their Steam Authenticator app is buggy, slow and has literally locked people out of their own accounts.
Oh yeah, this too... Even if you don't bother with the marketplace, they'll still harass you about it every few weeks when you log in....
Folks, you really need to wake up. E-commerce is here to stay but there's absolutely NO REASON that any vendor should have enough information on you to construct an entire identity.
They're selling you games not a mortgage. What you're buying is less important than a roll of toilet paper and nobody at the grocery store is going to demand my phone number to pay for it!
We need to get personal information out of the hands of retailers. It's obvious they're not good at securing it and frankly companies like Valve don't have a good reason to demand it even if they cloak it in the name of "security."
I did this video a few days ago which illustrates the problem. Take a watch and actually see what I'm talking about here.
I'm out...
No comments:
Post a Comment