Hatsaver: Steam Stymying Hijackers With Trade Holds
Bit of a faff
Scammers! They're everywhere nowadays. Cheats! Hackers! Frauds! Phoneys! These rogues and more want your precious wizard hats and shark guns, to plunder your Steam account of its cosmetic goodies and steal them away for their own nefarious ends. CS: GO guns and Dota 2 wizard hats can be worth a lot of money, you know. Valve are sick of folks doing this, and probably sick of the headaches it creates for their support department. To reduce this, they're soon adding trade holds that'll hold things up by a few days - unless both parties are using the Steam app's Mobile Authenticator.
What tends to happen is a blaggard gets control of an account, then quickly trades all the cosmetic items away to a mule account. By the time you've regained control of your account, everything's gone - and you can't necessarily get it back, or it might take a while given how slow Steam support can be.
Trade holds will go into effect on December 9th. As the CS:GO blog explains, trades will by default be held for three days, during which folks can hop on and cancel all pending trades. If both folks are using the Steam Mobile Authenticator (and have been for at least a week), then can confirm the trade in the app to send it through instantly.
A bit of faff for everyone, then, and probably a bigger bummer for folks who don't have an appy device or whose phones aren't supported by the Authenticator app.
This all helps Valve too, of course. More people using the Authenticator means fewer folks getting scammed (though social engineering knows no bounds), which means fewer people annoyed about Steam and fewer cases for Steam's customer support. That last part is probably important. Valve say they're really trying to make their rubbish customer support less rubbish, and part of their approach has been to reduce the number of potential problems.
Oh, and to celebrate all this, Valve are offering a 5-33% discount on items in the Steam Community Market until December 16th for folks using the Mobile Authenticator. They'd really like for you to use the Mobile Authenticator.