Authenticators back in stock, and available overseas


The Blizzard Authenticators are back in stock, at least as of last night.

Prices for the Authenticator as listed in the Blizzard store are unchanged. $6.50 each, able to purchase more than one (but you can associate multiple accounts with one Authenticator if you want to), all nice and smooth.

Purchased from the store for delivery in the United States, free shipping is standard… you just get charged sales tax. Sales tax for an order of two is .88 cents.

They can be purchased for delivery in European countries here, and for Korea (and presumably China) from the Korean store here.

You can also purchase them from the store for delivery in Canada, Australia, New Zealand, Argentina, Brazil, Chile, Colombia, Ecuador, Mexico, Paraguay, Peru, Singapore, or Uruguay. The price per unit is unchanged, $6.50 each. 

The shipping, however. The shipping is not free.

I have heard reports from friends that shipping costs for the Authenticator to countries overseas are staggering.

Our friend and guildie Dangirl, for example, tried to order one for delivery to Australia, and says the shipping charges came to an astounding $77. 

By way of comparison, she says that for her to ship an item airmail from Australia to Blizzards’ offices would cost her $10. So, as you can imagine, she passed on that opportunity.

Now, call me a rebel if you wish, but I’m personally trying to help how I can by offering to purchase them for my overseas guildies so long as they are in stock in the US store, and when I get them I’ll mail them direct myself. I think I can beat $77. Call me crazy, but I imagine a padded envelope from Minnesota, USA to Australia ain’t gonna set me back $77.

Since they are for use on the same US servers, and they are not tied to an account or name at the time of ordering (like Blizzcon tickets are), this should not present any kind of problem.

However, I just wanted to give you a heads up that if your guild is in the same situation, where you have friends that are overseas that would really like one but don’t want to spend that kind of cash in shipping costs, I’ll be letting you know if we experience any problems at all in getting Dangirl her Authenticators and getting them set to her account.

Thank you to the kindly heads up on the Authenticator restock to Lenaiya of Earthen Ring! Much obliged!


9 thoughts on “Authenticators back in stock, and available overseas

  1. Just a heads-up — I hear rumor that the reason shipping to many countries is so high is because the authenticators are considered to be cryptographic technologies (or some other thing that’s highly sensitive, I’m too tired to get it right off the top of my head) and exporting them is highly tariffed. If true and you ship them overseas without declaring it, you could be committing a federal crime.


  2. and then you’ll see that the shipping cost is ten times the price of the token itself.

    I wanted to get one for myself, shipping cost made it so expensive I opted not to buy one.

    Heck it would cost less to buy one from the euro store, have it shipped overseas and pay for the exchange rate… no nothing is broken here


  3. @ Cy

    not the 1st time I hear that. What bugs me is that we use those same kind of tokens at work and the IT department says it costs them around 6 $ per unit, and they get their supply from a US based vendor.


  4. Cy, that would sound reasonable, because of the knowledge that they are part of a system designed to prevent unauthorized access to a system.

    However, I do not believe that the Authenticators fulfill the requirement of being considered a true cryptographic device, because they do not actually encrypt data. They do not take one set of data, and perform a transformation using an internally stored algorithym to encrypt it into another form.

    Instead, they generate a number based off of a single ‘seed’ number as modified by a variable time value in a random number generator. Every computer has the capability to do this.

    You cannot reverse engineer the cryptography, because it serves the same functionality as one time use substitution pads. You need the same value at both the generator and user to have a match. You can reverse engineer the process of any Authenticator all you wish; without knowing the seed of the device that is associated with the account you are trying to hack, it does you no good.

    Now, that doesn’t mean that they might not just have some ‘cryptography’ label placed on it by an ignorant person in US customs. Ignorant people trying to classify things they don’t understand tend to err on the cautious side, and just ban it anyway.

    But I would be seriously surprised to learn that this qualified.

    Also, if it were a covered device… why would just paying a higher fee to ship overseas make it okay? I thought the point was to BLOCK transfers of cryptographic electronics, not just make people in foreign countries pay more to get their hands on them. That seems siily.

    Again, I’m not saying it’s not possible… just saying it’s silly.


  5. Cryptographic export control seems to be placed almost arbitrarily.

    Ever since the rise of the PC, the whole “banned because it’s cryptographic in nature” has applied to everything from weapons to even descriptions of cryptographic systems.

    It does seem silly, to be sure. In general, the entire system around controlling cryptography methods has become extremely lax, so it seems surprising that this would be the cause of such a cost.

    More than likely, it’s not on the American side of things. Almost all other countries have tighter control over products/programs/code/etc relating to cryptography than the US does.


  6. Instead, they generate a number based off of a single ’seed’ number as modified by a variable time value in a random number generator.

    This particular authenticator doesn’t seem to be time based, from what I read on the web site of the manufacturer. It simply puts out a new pseudoRandom number each time the button is pressed. The keys from RSA and others made by this company are time based

    As for crypto use, it could be used for encryption – you use the token as the seed for an algorithm and you’ve just got a 1 time pad crypto system. Dang hard to break.


  7. BBB, yeah I agree it’s pretty dumb, but the laws on this kind of stuff definitely lag behind the times and how fast things change in this technological world, so I wouldn’t be surprised if the authenticator still qualifies under current law for export control.

    Which is odd, since I’m guessing this stuff was made outside of the US anyway, meaning we imported the technology and then charging folks to export it back out.

    Silly, silly laws.


Comments are closed.