One common theme we've been seeing in customer feedback about the Steam review system is that it isn't always easy to tell what the current experience is like in a game months after release. This new set of changes released today is designed to better describe the current customer experience in those games. We do this by better exposing the newly posted reviews and by calculating a summary of those recent reviews.

Visibility For Recently Posted Reviews

While there are plenty of new reviews posted every day, we saw that it was often difficult for newer reviews to be seen and voted on enough to become listed as most helpful. As a result, the most helpful reviews presented on a store page would often describe an outdated view of a game that might have changed dramatically over the course of Early Access or post-release development. By listing recently posted reviews more prominently and by defaulting to recent helpful reviews, Steam can now show a more current idea of what it's like to play the game now.

Recent Review Score

Another problem we identified was that review score that appears at the top of a product page didn't always reflect the dynamic nature of the game. For that review score, we'd previously only been compiling an overall score using a simple calculation of the percentage of all reviews that were positive. This let us be really transparent in how the score was being calculated, but didn't accommodate cases when a game has changed a lot (for better or worse) over time.

To address that, we've now added a Recent review score that calculates the positive percentage of reviews within the past 30 days (as long as there are enough reviews posted within those 30 days and as long as the game has been available on Steam for at least 45 days). The overall score is still present as well in case you still find that information helpful.

Other Review Updates

In addition to the above updates, we've made a few other changes:

• The customer review section on a game's store page has a new "Summary" tab that focuses on recent helpful reviews and recently posted reviews. You can still find overall most help reviews by selecting "Most Helpful" tab.
  
• There's a new checkbox when writing a review to more easily disclose if you received the copy of the game for free.
  
• You can now view all reviews regardless of language by selecting "All Languages" from the language dropdown in the reviews tab of the Community Hub for the game.
  

If you have questions, feedback, or find bugs in the review system, please let us know in the Steam discussions: http://steamcommunity.com/discussions/forum/0/

One common theme we've been seeing in customer feedback about the Steam review system is that it isn't always easy to tell what the current experience is like in a game months after release. This new set of changes released today is designed to better describe the current customer experience in those games. We do this by better exposing the newly posted reviews and by calculating a summary of those recent reviews.

Visibility For Recently Posted Reviews

While there are plenty of new reviews posted every day, we saw that it was often difficult for newer reviews to be seen and voted on enough to become listed as most helpful. As a result, the most helpful reviews presented on a store page would often describe an outdated view of a game that might have changed dramatically over the course of Early Access or post-release development. By listing recently posted reviews more prominently and by defaulting to recent helpful reviews, Steam can now show a more current idea of what it's like to play the game now.

Recent Review Score

Another problem we identified was that review score that appears at the top of a product page didn't always reflect the dynamic nature of the game. For that review score, we'd previously only been compiling an overall score using a simple calculation of the percentage of all reviews that were positive. This let us be really transparent in how the score was being calculated, but didn't accommodate cases when a game has changed a lot (for better or worse) over time.

To address that, we've now added a Recent review score that calculates the positive percentage of reviews within the past 30 days (as long as there are enough reviews posted within those 30 days and as long as the game has been available on Steam for at least 45 days). The overall score is still present as well in case you still find that information helpful.

Other Review Updates

In addition to the above updates, we've made a few other changes:

• The customer review section on a game's store page has a new "Summary" tab that focuses on recent helpful reviews and recently posted reviews. You can still find overall most help reviews by selecting "Most Helpful" tab.
  
• There's a new checkbox when writing a review to more easily disclose if you received the copy of the game for free.
  
• You can now view all reviews regardless of language by selecting "All Languages" from the language dropdown in the reviews tab of the Community Hub for the game.
  

If you have questions, feedback, or find bugs in the review system, please let us know in the Steam discussions: http://steamcommunity.com/discussions/forum/0/

For a number of years we’ve had a system in place to notify you when a game on your Steam Wishlist goes on a certain type of sale such as Midweek Madness or Daily Deal. Then about a year and a half ago, we began also sending notifications for the release of popular games to people with that game on their Steam Wishlist. This has expanded over time to include more releasing titles, but we haven’t been ready to turn it on for all new releases until now.

As of today, there are now more opportunities for you to receive e-mail notifications about the games on Steam you are interested in and more options for you to opt out of specific kinds of notifications you are not interested in. Here are the new options:

1. More Discount Types
   If a game is on your Steam Wishlist, we’ll now send you an e-mail if any type of discount is applied on that game. This includes Midweek Madness, Weekend Deal, Daily Deal, and now Weeklong Deals (which start on Mondays and run for a week) as well as any custom configured discounts which developers can define to start and end on other days of the week.


2. More New Releases
   If a game is on your Steam Wishlist, we’ll now send you an e-mail when that game has released or transitioned out of Early Access. If you browse through upcoming releases or if you’ve happened to find an upcoming title you’re interested in and added it to your wishlist, we’ll send you an e-mail when that game becomes playable on Steam. Also, we’ll let you know if a game on your wishlist transitions from Early Access to fully-released.


3. Games You’ve Followed or Favorited in Greenlight
   If you’ve participated in voting on Games in Steam Greenlight and opted to Follow or Favorite one of those games, we’ll now let you know when that game becomes playable on Steam.

Managing E-mail Preferences
We know that not everyone may want these e-mail notifications, so we’ve made it easy to opt out of specific types of notifications or all e-mails entirely. Just follow this link to manage your preferences: https://store.steampowered.com/account/emailoptout. You can also find this link on the bottom of any official Steam marketing e-mail you receive.

Do you want more types of e-mail notifications? Have feedback on notifications in general? Let us know in the Steam Suggestions forums.

For a number of years we’ve had a system in place to notify you when a game on your Steam Wishlist goes on a certain type of sale such as Midweek Madness or Daily Deal. Then about a year and a half ago, we began also sending notifications for the release of popular games to people with that game on their Steam Wishlist. This has expanded over time to include more releasing titles, but we haven’t been ready to turn it on for all new releases until now.

As of today, there are now more opportunities for you to receive e-mail notifications about the games on Steam you are interested in and more options for you to opt out of specific kinds of notifications you are not interested in. Here are the new options:

1. More Discount Types
   If a game is on your Steam Wishlist, we’ll now send you an e-mail if any type of discount is applied on that game. This includes Midweek Madness, Weekend Deal, Daily Deal, and now Weeklong Deals (which start on Mondays and run for a week) as well as any custom configured discounts which developers can define to start and end on other days of the week.


2. More New Releases
   If a game is on your Steam Wishlist, we’ll now send you an e-mail when that game has released or transitioned out of Early Access. If you browse through upcoming releases or if you’ve happened to find an upcoming title you’re interested in and added it to your wishlist, we’ll send you an e-mail when that game becomes playable on Steam. Also, we’ll let you know if a game on your wishlist transitions from Early Access to fully-released.


3. Games You’ve Followed or Favorited in Greenlight
   If you’ve participated in voting on Games in Steam Greenlight and opted to Follow or Favorite one of those games, we’ll now let you know when that game becomes playable on Steam.

Managing E-mail Preferences
We know that not everyone may want these e-mail notifications, so we’ve made it easy to opt out of specific types of notifications or all e-mails entirely. Just follow this link to manage your preferences: https://store.steampowered.com/account/emailoptout. You can also find this link on the bottom of any official Steam marketing e-mail you receive.

Do you want more types of e-mail notifications? Have feedback on notifications in general? Let us know in the Steam Suggestions forums.

Recently we walked through our thinking on account security and trading http://store.steampowered.com/news/19618/, and introduced some new tools for users to protect their accounts. Now that we've had some time to gather data, we'll be making a few more changes to account security, market transactions, and our account restoration process.

Below are the changes that will take place on March 9th. If you are already protected by the Steam Guard Mobile Authenticator (or if you add the security feature to your account today), the first two points below will not impact you:

• Trade hold duration will be increased to 15 days (for long-time Steam friends the duration will remain 1 day)


• Listing on the Steam Community Market will have a hold of 15 days before an item can be sold


• Steam Support will no longer restore items that have left accounts following a successful trade or market transaction (a process that previously created duplicates of original items)

To help understand these changes, we wanted to walk you through the results we've seen so far and our reasoning behind these next steps.

First, it's worth revisiting our goals behind the two main ways customers interact with in-game economies on Steam: Trading and the Steam Community Market. Our primary goal for Trading is to allow customers to easily exchange items with their friends. Our goal for the Steam Community Market is to provide customers with a way to sell any unwanted goods to other players. Both systems work well for these purposes, but they can be a source of pain if the security of your account is ever compromised.

Account and Item Theft

In December we took steps to improve account security by adding more security features, including the Steam Guard Mobile Authenticator and trade holds.

Since then, we've seen lots of users adopting the Steam Guard Mobile Authenticator (two-factor authentication) for trade and market confirmations, and now roughly 95% of daily trades use the mobile authenticator, with trade volumes as high as ever. The authenticator is the best tool that users have to protect their accounts, and the fastest and most secure way to trade items.

Trade Holds

For users who have yet to transition to the Steam Guard Mobile Authenticator, trade holds provide a way to continue to exchange items. Items in a trade hold are held by Steam for a period of time before delivery. This allows users whose accounts have been compromised to quickly cancel any fraudulent trades to recover their items. Trade holds are effective, but unfortunately the current three-day hold fails to protect users who log in less frequently and who need more time to identify a problem. So we'll be adjusting the system to accommodate the majority of customers by increasing trade holds to 15 days.

If you're exchanging items with a friend, and you've been friends for more than a year, don't worry - the trade hold duration is still one day.

Market Holds

Trade holds have been successful, but until now they've been limited to trades. If the Steam Guard Mobile Authenticator was not enabled on a user's account, it was still possible for a hacker to quickly liquidate a user's inventory through the Steam Community Market. To further protect users who haven't enabled the authenticator, holds will now also apply when you list items on the Steam Community Market. Market listing (like trades) will still be instantaneous if you're using the Steam Guard Mobile Authenticator.

Item Duplication

Since the last account security update, we've made significant progress in protecting accounts. In addition to significantly increasing the size of Steam Support to improve response times, individual accounts protected by the Steam Guard Mobile Authenticator on a separate device turned out to be even more effective than we'd hoped. For customers who have yet to add the Steam Guard Mobile Authenticator, trade holds have been helpful in keeping items secure, and we expect that the added duration and extension of holds to the Steam Community Market will further improve security.

Our work isn't finished, but we've seen enough progress in account security to finally address an old problem: item duplication. Currently, if an account is compromised and items have been lost through a successful trade or market transaction, we would manually restore the items, creating duplicates of the original items in the process. That process of manual restoration and duplication has the negative side effect of changing an item's scarcity - as more copies of the item are created, the value of every other similar item is reduced. In addition, it created a method by which users could be rewarded for faking account hijacks.

While we'll continue to assist users with the recovery of their account if they encounter an issue, beginning March 9th we will no longer be manually restoring items that have left the account due to a successful trade or market transaction.

Balance

There's a delicate balance between account security and the convenience of interacting with the market or trade. Any time we make changes, there's the risk of significant disruption. We recognize that today's changes will be inconvenient for users who have yet (or are unable) to use the Steam Guard Mobile Authenticator. But if you're a high volume trader (who our data shows is likely using the authenticator already), or a trader who likes to exchange items with friends, these changes won't really affect you at all. We believe these steps are necessary to ensure that accounts are made more secure, that users are empowered to identify and solve problems, and that the economic systems enjoyed by millions of customers are not compromised by people with malicious intent.

Account security is an issue that affects everyone, and we hope this post has helped to explain our goals and reasoning as we move forward. Please continue to provide your feedback and account security ideas in the Steam forums and elsewhere on the web.

Recently we walked through our thinking on account security and trading http://store.steampowered.com/news/19618/, and introduced some new tools for users to protect their accounts. Now that we've had some time to gather data, we'll be making a few more changes to account security, market transactions, and our account restoration process.

Below are the changes that will take place on March 9th. If you are already protected by the Steam Guard Mobile Authenticator (or if you add the security feature to your account today), the first two points below will not impact you:

• Trade hold duration will be increased to 15 days (for long-time Steam friends the duration will remain 1 day)


• Listing on the Steam Community Market will have a hold of 15 days before an item can be sold


• Steam Support will no longer restore items that have left accounts following a successful trade or market transaction (a process that previously created duplicates of original items)

To help understand these changes, we wanted to walk you through the results we've seen so far and our reasoning behind these next steps.

First, it's worth revisiting our goals behind the two main ways customers interact with in-game economies on Steam: Trading and the Steam Community Market. Our primary goal for Trading is to allow customers to easily exchange items with their friends. Our goal for the Steam Community Market is to provide customers with a way to sell any unwanted goods to other players. Both systems work well for these purposes, but they can be a source of pain if the security of your account is ever compromised.

Account and Item Theft

In December we took steps to improve account security by adding more security features, including the Steam Guard Mobile Authenticator and trade holds.

Since then, we've seen lots of users adopting the Steam Guard Mobile Authenticator (two-factor authentication) for trade and market confirmations, and now roughly 95% of daily trades use the mobile authenticator, with trade volumes as high as ever. The authenticator is the best tool that users have to protect their accounts, and the fastest and most secure way to trade items.

Trade Holds

For users who have yet to transition to the Steam Guard Mobile Authenticator, trade holds provide a way to continue to exchange items. Items in a trade hold are held by Steam for a period of time before delivery. This allows users whose accounts have been compromised to quickly cancel any fraudulent trades to recover their items. Trade holds are effective, but unfortunately the current three-day hold fails to protect users who log in less frequently and who need more time to identify a problem. So we'll be adjusting the system to accommodate the majority of customers by increasing trade holds to 15 days.

If you're exchanging items with a friend, and you've been friends for more than a year, don't worry - the trade hold duration is still one day.

Market Holds

Trade holds have been successful, but until now they've been limited to trades. If the Steam Guard Mobile Authenticator was not enabled on a user's account, it was still possible for a hacker to quickly liquidate a user's inventory through the Steam Community Market. To further protect users who haven't enabled the authenticator, holds will now also apply when you list items on the Steam Community Market. Market listing (like trades) will still be instantaneous if you're using the Steam Guard Mobile Authenticator.

Item Duplication

Since the last account security update, we've made significant progress in protecting accounts. In addition to significantly increasing the size of Steam Support to improve response times, individual accounts protected by the Steam Guard Mobile Authenticator on a separate device turned out to be even more effective than we'd hoped. For customers who have yet to add the Steam Guard Mobile Authenticator, trade holds have been helpful in keeping items secure, and we expect that the added duration and extension of holds to the Steam Community Market will further improve security.

Our work isn't finished, but we've seen enough progress in account security to finally address an old problem: item duplication. Currently, if an account is compromised and items have been lost through a successful trade or market transaction, we would manually restore the items, creating duplicates of the original items in the process. That process of manual restoration and duplication has the negative side effect of changing an item's scarcity - as more copies of the item are created, the value of every other similar item is reduced. In addition, it created a method by which users could be rewarded for faking account hijacks.

While we'll continue to assist users with the recovery of their account if they encounter an issue, beginning March 9th we will no longer be manually restoring items that have left the account due to a successful trade or market transaction.

Balance

There's a delicate balance between account security and the convenience of interacting with the market or trade. Any time we make changes, there's the risk of significant disruption. We recognize that today's changes will be inconvenient for users who have yet (or are unable) to use the Steam Guard Mobile Authenticator. But if you're a high volume trader (who our data shows is likely using the authenticator already), or a trader who likes to exchange items with friends, these changes won't really affect you at all. We believe these steps are necessary to ensure that accounts are made more secure, that users are empowered to identify and solve problems, and that the economic systems enjoyed by millions of customers are not compromised by people with malicious intent.

Account security is an issue that affects everyone, and we hope this post has helped to explain our goals and reasoning as we move forward. Please continue to provide your feedback and account security ideas in the Steam forums and elsewhere on the web.

The Steam Subscriber Agreement (http://store.steampowered.com/subscriber_agreement/) has some updates for the new year.

The biggest change relates to Valve now selling hardware in the European Union (EU), specifically the Steam Controller and Link. Going forward, our hardware distribution in Europe will be the primary responsibility of our Luxembourg subsidiary, known as Valve SARL. Meanwhile digital content and services in Europe move back under our US company, Valve Corp., just as they were before the Luxembourg office opened in July 2012.

In practice, this changes nothing for our European customers. We will continue to operate with respect to relevant European laws, such as local data and consumer protection, and we'll continue to provide the same services we have for years.

Those who simply want to keep playing their games and are not making a purchase at this time are free to simply ignore the SSA update for now. It only takes effect for users who explicitly confirm it, usually during a new purchase.

A full copy of the updated 2016 SSA is available for viewing here: http://store.steampowered.com/subscriber_agreement/

The Steam Subscriber Agreement (http://store.steampowered.com/subscriber_agreement/) has some updates for the new year.

The biggest change relates to Valve now selling hardware in the European Union (EU), specifically the Steam Controller and Link. Going forward, our hardware distribution in Europe will be the primary responsibility of our Luxembourg subsidiary, known as Valve SARL. Meanwhile digital content and services in Europe move back under our US company, Valve Corp., just as they were before the Luxembourg office opened in July 2012.

In practice, this changes nothing for our European customers. We will continue to operate with respect to relevant European laws, such as local data and consumer protection, and we'll continue to provide the same services we have for years.

Those who simply want to keep playing their games and are not making a purchase at this time are free to simply ignore the SSA update for now. It only takes effect for users who explicitly confirm it, usually during a new purchase.

A full copy of the updated 2016 SSA is available for viewing here: http://store.steampowered.com/subscriber_agreement/

We'd like to follow up with more information regarding Steam's troubled Christmas.

What happened

On December 25th, a configuration error resulted in some users seeing Steam Store pages generated for other users. Between 11:50 PST and 13:20 PST store page requests for about 34k users, which contained sensitive personal information, may have been returned and seen by other users.

The content of these requests varied by page, but some pages included a Steam user’s billing address, the last four digits of their Steam Guard phone number, their purchase history, the last two digits of their credit card number, and/or their email address. These cached requests did not include full credit card numbers, user passwords, or enough data to allow logging in as or completing a transaction as another user.

If you did not browse a Steam Store page with your personal information (such as your account page or a checkout page) in this time frame, that information could not have been shown to another user.

Valve is currently working with our web caching partner to identify users whose information was served to other users, and will be contacting those affected once they have been identified. As no unauthorized actions were allowed on accounts beyond the viewing of cached page information, no additional action is required by users.

How it happened

Early Christmas morning (Pacific Standard Time), the Steam Store was the target of a DoS attack which prevented the serving of store pages to users. Attacks against the Steam Store, and Steam in general, are a regular occurrence that Valve handles both directly and with the help of partner companies, and typically do not impact Steam users. During the Christmas attack, traffic to the Steam store increased 2000% over the average traffic during the Steam Sale.

In response to this specific attack, caching rules managed by a Steam web caching partner were deployed in order to both minimize the impact on Steam Store servers and continue to route legitimate user traffic. During the second wave of this attack, a second caching configuration was deployed that incorrectly cached web traffic for authenticated users. This configuration error resulted in some users seeing Steam Store responses which were generated for other users. Incorrect Store responses varied from users seeing the front page of the Store displayed in the wrong language, to seeing the account page of another user.

Once this error was identified, the Steam Store was shut down and a new caching configuration was deployed. The Steam Store remained down until we had reviewed all caching configurations, and we received confirmation that the latest configurations had been deployed to all partner servers and that all cached data on edge servers had been purged.

We will continue to work with our web caching partner to identify affected users and to improve the process used to set caching rules going forward. We apologize to everyone whose personal information was exposed by this error, and for interruption of Steam Store service.

We'd like to follow up with more information regarding Steam's troubled Christmas.

What happened

On December 25th, a configuration error resulted in some users seeing Steam Store pages generated for other users. Between 11:50 PST and 13:20 PST store page requests for about 34k users, which contained sensitive personal information, may have been returned and seen by other users.

The content of these requests varied by page, but some pages included a Steam user’s billing address, the last four digits of their Steam Guard phone number, their purchase history, the last two digits of their credit card number, and/or their email address. These cached requests did not include full credit card numbers, user passwords, or enough data to allow logging in as or completing a transaction as another user.

If you did not browse a Steam Store page with your personal information (such as your account page or a checkout page) in this time frame, that information could not have been shown to another user.

Valve is currently working with our web caching partner to identify users whose information was served to other users, and will be contacting those affected once they have been identified. As no unauthorized actions were allowed on accounts beyond the viewing of cached page information, no additional action is required by users.

How it happened

Early Christmas morning (Pacific Standard Time), the Steam Store was the target of a DoS attack which prevented the serving of store pages to users. Attacks against the Steam Store, and Steam in general, are a regular occurrence that Valve handles both directly and with the help of partner companies, and typically do not impact Steam users. During the Christmas attack, traffic to the Steam store increased 2000% over the average traffic during the Steam Sale.

In response to this specific attack, caching rules managed by a Steam web caching partner were deployed in order to both minimize the impact on Steam Store servers and continue to route legitimate user traffic. During the second wave of this attack, a second caching configuration was deployed that incorrectly cached web traffic for authenticated users. This configuration error resulted in some users seeing Steam Store responses which were generated for other users. Incorrect Store responses varied from users seeing the front page of the Store displayed in the wrong language, to seeing the account page of another user.

Once this error was identified, the Steam Store was shut down and a new caching configuration was deployed. The Steam Store remained down until we had reviewed all caching configurations, and we received confirmation that the latest configurations had been deployed to all partner servers and that all cached data on edge servers had been purged.

We will continue to work with our web caching partner to identify affected users and to improve the process used to set caching rules going forward. We apologize to everyone whose personal information was exposed by this error, and for interruption of Steam Store service.