At a quiet little SOE Fan Faire panel on Fraud, RMT and Compromised
Accounts, Sony Online Entertainment developer Jason Brenner, Project
Manager for SOE's Business Development Team, lifted the veil on SOE's
potential plans to prevent account fraud through the use of a new
security token
system similar to Blizzard's
Authenticator.
border="1">
href="http://www.tentonhammer.com/node/87688">
style="border: 0px solid ; width: 300px;" alt=""
src="http://www.tentonhammer.com/image/view/87688">
SOE's Jason
Brenner
"I've figured out that there are two kinds of people in this world,"
Brenner said prior to introducing the security token system, "people
who back up their data, and people who learn they should've backed up
their data yesterday." In other words, people who take precautions and
those who don't. To appease the ones who take precations, he
displayed images of
a potential new security token system for SOE games to cheers from the
audience
members.
"I want to preface this by saying that this is not a done deal by any
stretch," Brenner said, "but I want to put this out there to see what
you guys think of it. I see that some of you already think it's a good
idea."
The security token is generated by a small device, much like something
you would attach to your key chain, which allows players to push a
button and generate a one-time use numeric code. The code must then be
added
to the player's existing static password to authenticate their account
upon login. "[The token system] is effective in preventing key loggers
from getting your account information," said Brenner, "And although
nothing's 100% failsale, it seriously raises your defenses against
getting hacked."
SOE is also working on what Brenner referred to as a "soft token"
system for mobile phones, which should work on all phones from about
the last decade. Users will be able to generate a code via email or
SMS. "This is good for people who like these [token generators] as
collectible items and they don't want to open the pack or actually use
the device."
border="0" cellpadding="0" cellspacing="0">
border="1">
href="http://www.tentonhammer.com/node/87689">
style="border: 0px solid ; width: 300px;" alt=""
src="http://www.tentonhammer.com/image/view/87689">
The
security token generators could potentially look like small keychains.
border="1">
href="http://www.tentonhammer.com/node/87690">
style="border: 0px solid ; width: 300px;" alt=""
src="http://www.tentonhammer.com/image/view/87690">
The
mobile
soft token will add extra portability and convenience.
Will there be a cost for the security token system? Brenner said, "If
you go to a retail store, do you have to pay for an item in the retail
store? The answer is yes. There will be an additional cost. There's a
charge on them industry wide. I can't tell you what your cost would be
yet,
but it will probably be the industry standard." Brenner also indicated
that the purchase of the token system would involve a one-time charge
and would not be subscription based.
Brenner made clear that the security token system was not a "done
deal," but indicated that the groundwork was done so that the system
could be easily implemented if the fan demand was strong enough. He
indicated to Ten Ton Hammer that he would like to see the system put
into action soon, but declined to indicate a firm time frame.
"Everything is in place for it to happen if we decide to, though," he
said.
