Actually, no… it’s telling you that it thinks it’s not a legal copy. The company doesn’t actually know. It’s not like they sit down and write out by hand every key that is created. Those keys are generated by some algorithm. The company can identify if an algorithm was compromised (either the generation method identified or a significant portion of keys from said algorithm being used without them having been generated by the company), or they surmise that a chunk of codes, that had been previously generated for distribution, were nabbed when a number of them start to get activated without the company seeing a corresponding increase in sales. They more than likely do not have an exact list of which codes were stolen, just an assumption.
Here’s an example for ya… Company gives Legit LTD a set of codes to sell. Unfortunately, the thieves seal hack into Legit LTD’s systems and are able to copy a chunk of those codes. Legit LTD does not realize the breach for a day, or a week, and sells those codes to customers. At the same time, the thieves setup a seeming legit web store and started selling their ill gotten codes on that site. Two different customers are looking for Company’s software. One buys a code from Legit LTD. The other buys from thieves seemingly legit store. Just so happens that both stores sold the same code. Now two people have a copy of the same code. Both customers, in this case, believed they were buying a legit code. Both believe their code is valid. Before either can activate those codes, however, Legit LTD realizes they’ve been hacked and tell Company. Company, not knowing exactly which codes were stolen, decides to invalidate the batch… but there are legit customers in the wild that have codes from that batch and there’s no way for Company to tell who bought from who. BOTH customers, at this point, go to activate their code and both are told they’re running a pirated code. Neither of them really pirated, however. The thief did, but the thief isn’t the run using the code.
As such, no… Company and Legit LTD would find it very difficult, if not impossible, to determine who bought legitimately. Most companies, when this happens, would say, fuck’em and let both customers suffer. This company chooses to tell them they’re running suspected pirated codes (though, they don’t know for sure), and, regardless, neither customer would be pirating because both believe they purchased legit codes all above board.
Welcome to software, my friend. :D
To start with, you’re right. Digital distribution in general is volatile for consumers. While I will say that Steam, at present, is leagues better in that you must download the game purchase in order to play it (meaning, you have a direct copy of the game on your hard drive, which will remain there even if the game is removed from the Steam store), it is not outside the realm of possibility that this could change in the future.
That said, publishers having their own launchers, I’m sorry to say, has absolutely nothing to do with their fears over “the valve guy” retiring (his name is Gabe Newell, by the way), and significantly more to do with making more money. These publishers figure if they can get you, the consumer, to buy their games directly from them, they can make 100%+ of the money, instead of having to pay Steam a percentage for any transaction. Due to the limited scope of these Publisher-run launchers, purchasing a game from them is even more volatile than purchasing from Steam (at least in the current climate), in such that if the Publisher suddenly finds their launcher is not bringing in customers (which, on average, compared to the draw of Steam at present, they generally don’t) publishers could simply drop their launchers and the catalog of games you, the customer, may have purchased from that launcher would go with them… again, yes, this could happen if Steam went down, but presently, pound for pound, the publisher’s launchers are far more likely to fall than Steam will.
Also… for any of these services (Steam or publisher launchers), you have to download the game locally in order to run them. The games are not streaming as most movie and music content is. As such, once you install a game, you could crack them to remove any DRM attached to them (barring any game that’s strictly online), then, yeah, you can self-host/store these games yourself all you want. If you buy games from GOG they make this even easier for you.