Authenticators: Unethical, or Simply Misunderstood?

Two weeks ago, we reported on the story of a man attempting to file a class action lawsuit against Blizzard for making money by “deceptively and unfairly” charging customers for an after-sale security product to protect their private information from hackers — the Authenticator. This news has evoked polarized opinions on the matter; some people believe Blizzard deserves to lose the lawsuit due to unethical business practices, while others feel that, when it comes to authenticators, Blizzard has done right by its customers.

A major reason for these wildly differing opinions is quite simple: misinformation. Let’s clear up some misconceptions on the matter and see whether we can arrive at a consensus.

For a while now, a figure of $26 million has been thrown around when discussing how much revenue Blizzard brought in from authenticator sales. A back of the envelope calculation suggests this figure isn’t unreasonable — at $6.50 a pop, all it would take is 4 million users to purchase authenticators, which amounts to less than half of the current number of WoW subscribers and doesn’t even factor in Diablo 3 and StarCraft 2 players.

However, there’s an important distinction between revenue and profit. How much does Blizzard net on every authenticator sale?

A authenticator is a standard Vasco DigiPass GO 6 device, the kind used by many other companies, including banks. While it’s difficult to pin down exact numbers, the Vasco website sells single GO 6 devices in Belgium for 12.99 euros (~$16.74), and it’s safe to assume that bulk purchases would bring that price down. It’s not uncommon to see GO 6 authenticators sold by banks and other outlets for $10 or more, so it’s difficult to believe that Blizzard makes any appreciable profit by selling them for $6.50, which corroborates the company’s claim that it sells the gadgets at cost.

Then, let’s not forget the free shipping Blizzard offers residents of the US and certain other regions, or the final nail in the coffin for the “Blizzard turns a profit on authenticator sales” debate — the free authenticator app it offers for smartphones. Regardless of how simple an app it may be, it cost Blizzard money to have it developed. If Big Blue is trying to make profit off authenticators, then it’s not doing a very good job of it.

Does that mean that Blizzard is an altruistic company trying to protect its player base out of the goodness of its corporate heart? Absolutely not. It is to Blizzard’s advantage that players don’t get their accounts stolen, because more support tickets means more money spent on staff to deal with them.

Now, even if Blizzard doesn’t turn a profit on authenticator sales, one can argue that it still “deceptively and unfairly” charges customers for an after-sale security product. The company doesn’t force players to use an authenticator, but it “strongly recommends” them to, a fact not obvious to a prospective buyer of a Blizzard game. A section on the website reads:

“The authenticator greatly reduces the chance of someone else gaining access to your account, and we strongly recommend you add this measure to your account today. It’s available both as a keychain device and an app for various mobile phones.”

I doubt any judge or jury would find that what Blizzard is doing is legally wrong. Ethically, though, is the company doing all that it can to protect player accounts? Probably not — I’m sure Blizzard could include a free authenticator with every purchase or otherwise invest more money into enhanced security measures. But Blizzard is a business, not a charity, and it’s already doing more than many developers do to keep player accounts safe.

It’s been easy to hate on big, bad Blizz lately, but this may be one case where we’re being unfairly harsh on ol’ Blue. Let’s not forget who the real bad guys are, here: the hackers who steal your account.

Join the Conversation   

* required field

By submitting a comment here you grant GameFront a perpetual license to reproduce your words and name/web site in attribution. Inappropriate or irrelevant comments will be removed at an admin's discretion.

2 Comments on Authenticators: Unethical, or Simply Misunderstood?

mischievous owl

On November 28, 2012 at 1:22 pm

It comes down to they are Not Required… my account is fine and i dont use an authenticator.

Any sense of loss is their own, if you dont wanna buy one…dont.


On November 28, 2012 at 3:21 pm

Not seeing the issue with an authenticator. Had my account hacked about 4 years ago. Between now using a crazy random password and an Authenticator I picked up after being hacked. Never an issue since. Could just use a very strong password and it should be damn impossible to get into the account. I like making it harder for the scum of the earth.

It is just an added layer of security that you do not have to get.

Crap like this lawsuit should be tossed. It is a waste of time and money for all those involved. Only ones getting something from this are the lawyers.