Filed under: Analysis / Opinion, Gaming, Hardware, Software, Apple, Security, Developer, iPhone, iPod touch
Blizzard releasing Mobile Authenticator for iPhone, iPod touch
Blizzard is one of the biggest software developers in the world -- they're behind some of the most popular games of all time, including the Diablo series, and of course their legendary MMO World of Warcraft (full disclosure: I'm a senior editor over on TUAW's sister site about that game, WoW Insider). And they've always been Apple friendly -- while other developers complained that it wasn't worth porting their software to the Mac, Blizzard has always released both Mac and PC versions of their games on the same disc, and made sure there was quality on both sides. But they've never dipped their toes in iPhone development -- until now.
WoW Insider has found a posting over on Blizzard's site that suggests they're planning to release an app called Mobile Authenticator. They've released a piece of hardware called the Authenticator before -- it pushes out a code according to an algorithm that keeps players' accounts secure when they sign into the online game. And this app will serve the same purpose, but it'll likely run on your iPhone or iPod touch.
Nothing's appeared on the App Store yet, and this app hasn't even been officially announced (so no word on price or release date -- the hardware authenticator runs $6.50, but obviously there are material costs involved there). But Blizzard has been looking for ways to make their games and players more secure, and it looks like they're turning to Apple's iPhone and other mobile devices to do it.
WoW Insider has found a posting over on Blizzard's site that suggests they're planning to release an app called Mobile Authenticator. They've released a piece of hardware called the Authenticator before -- it pushes out a code according to an algorithm that keeps players' accounts secure when they sign into the online game. And this app will serve the same purpose, but it'll likely run on your iPhone or iPod touch.
Nothing's appeared on the App Store yet, and this app hasn't even been officially announced (so no word on price or release date -- the hardware authenticator runs $6.50, but obviously there are material costs involved there). But Blizzard has been looking for ways to make their games and players more secure, and it looks like they're turning to Apple's iPhone and other mobile devices to do it.
![TUAW [Cafepress]](http://www.blogsmithmedia.com/www.tuaw.com/media/tuaw-cafepress-promo.png)
Reader Comments (Page 1 of 1)
msingletary said 9:24PM on 3-19-2009
This is a pretty sweet idea for those that don't already have the authenticator. I still use the one I got at BlizzCon 08 in the goodie bag, but might consider buying/downloading this to use instead.
Reply
Roberto said 9:42PM on 3-19-2009
This is less secure than a hardware authenticator, as it is software and can be reverse engineered.
Not less secure than using a password alone.
Reply
ViRGE said 2:26AM on 3-20-2009
The fundamental secret in a RSA SecurID and all other derivatives is not the formula, it's the seed number. Reverse engineering the program in general won't do you any good, because you'd still need someone's seed. That means you'd need to reverse engineer the copy from their iPhone OS device, and if you have access to that then you don't really need to reverse engineer anything in the first place since you can just use it. It's no different than the hardware token in that respect; once you've lost it all bets are off.
Now it's possible that a keylogger could dig through your device backup and try to extract the necessary info from that, which would severely compromise the security of the device. However without more details of how this would work, it's premature to say that such a vulnerability exists.
The more practical problem here is that iPhones aren't nearly as durable as a hardware token. The tokens are simple devices that don't break programatically (i.e. software), and physically they're well built and there it little that can actually break. There are going to be a lot of annoyed WoW players when their phones go kaput and have to be sent back to Apple, and meanwhile they can't play WoW because they don't have access to the authenticator application on their iPhone. The token would be a better choice, in this respect.
Hurk said 10:59PM on 3-19-2009
This would be just awesome!!!!
I always wanted to get Blizz Authenticator but it's quite hard to find, plus its just makes extra hassle of carrying this thing around everywhere. But I always have my iPhone with me.
Cant wait to get it!!!! And Blizz, how about making an official Armory App for iPhone too?
Reply
Gisch said 11:46PM on 3-19-2009
Just as a note, they haven't ALWAYS done both on one disk. I believe it was about a year or so after Starcraft's initial release before it was available on the same disk. I can't recall if the Mac version was available at the same as the PC version upon initial release though.
Reply
ehjay said 12:43AM on 3-20-2009
StarCraft was released on the Mac a year after the PC version.
Every game from them since then has been a simultaneous release on cross-platform discs.
Reply
Gisch said 1:06AM on 3-20-2009
Thank you. I couldn't remember that part for sure, but I knew that the statement in the first paragraph was incorrect, as a friend had to borrow my PC laptop to try it out when it first released.
Well, that, and Riven.
Frank said 9:43AM on 3-20-2009
i think this is their answer to the constant demand for the authenticators. they are always sold out.
but MY question is: what if you already have an authenticator, and want to get the iphone app for convenience sake? can you have two authentication systems for one account? can you use one or the other, depending on which is closer when you log in?
Reply
SaintStryfe said 12:47PM on 3-20-2009
No. One authenticator or Authenticator app, not two.
I have an Authenticator, so I'm in the air right now if I want to move to my iPhone or keep the hardware key. I feel safer with the hardware key, but I always have my iPhone with me.
My work productivity probably would prefer keeping the hardware key. It stays next to my desktop.
Noah said 10:10AM on 3-20-2009
I am assuming yes, Frank.
The other reason Blizzard wants to encourage people to use the Authenticator hardware/software is to stop people from sharing accounts.
I can't give a guildmate access to my L80 Priest for a late night raid.
I can't have a family member help me level up when the next expansion comes out.
I can't pay/ask/have anyone to do anything on my account when I'm not around to give him or her the authentication code.
It's a win/win for Blizzard, but on occasion a win/lose for the consumer.
Reply
jwyles said 10:44AM on 3-20-2009
Ya, I feel the same way as what Noah is explaining. I think the abillity to use other accounts benefits everyone in the long run, especially when it's a core role like healing or tanking and you don't have that on your account.
Still, can't deny the obvious security benefits from two factor authentication.
Reply
Ayle said 5:34PM on 3-29-2009
Startegy games are one of the types that work well on a touchscreen. They should port the first starcraft on the iphone.
Reply