Steam axing OAuth authentication system has left games wide open to key reselling

Alex Calvin
Steam axing OAuth authentication system has 
left games wide open to key reselling

Steam's decision to rescind its OAuth authentication system earlier this year is harming PC developers.

OAuth protected digital PC game bundles, preventing people from taking games out of those bundles and selling them separately.

Yet Valve quietly axed the system in January, and as a result third-party key resellers have taken advantage by buying cheap bundles and selling the individual parts for profit.

Participating in any bundle means giving up some control of your game's selling price,” said Paul Watson, marketing executive at indie publisher Curve Digital.

Steam dropping OAuth made this an even greater issue, as bundle sites now have to freely hand out Steam keys, which can be easily sold on the grey market.”

Indie developer Cliff Harris of Positech added: My problem with key-reselling for commercial reasons is that it takes away control over discounting from the developer.

We might be happy to have a quick one day sale on our game, or a limited duration ‘pay what you want' sale, but the idea of someone hoovering up keys and then reselling them for a profit sits very wrong with me, and reduces my enthusiasm for ‘pay what you want' sales. These discounts are aimed at gamers, not middlemen.”

This is also something that Tiniest Shark's Mitu Khandaker-Kokoris has experienced: This happened with Redshirt at one point, and I'm definitely much more reticent about bundles in the future.”

Bossa Studios co-founder Imre Jele believes the solution is to tackle key reselling at an industrial level: The problem is not with those buying games cheap and selling them on to others for profit. My attention is on firms and criminal groups doing this on an industrial scale. One potential solution is to disallow the purchase of multiple copies of a game by the same entity. But that is down to the platform.”

Humble Bundle, the world's biggest PC bundling site, told MCV that it is taking measures to improve its security.

We've sold millions of bundles without OAuth,” said co-founder Jeffrey Rosen. Far more than with the short-lived feature.

We have a number of features that keep our fraud rates down and prevents people from buying more than a few bundles. We are always improving these systems.”

GET EMAIL UPDATES

Subscribe