G2A, the key reseller that isn't particularly liked by most game developers is having some time in the spotlight and as usual, it's not for good reasons.
They have a bit of a history with developers, something I've written about before and even the first comment on that article was about keys being revoked that were purchased from G2A. They're a very shady company and I shall continue to urge people to support developers and shop elsewhere. You would think after Gearbox pulled the plug on their deal with G2A, that lessons would have been learned but it appears not.
So why are they back in the spotlight now? G2A decided to take out sponsored adverts on Google so that they show above more legitimate sources, as noted by Mike Rose on Twitter from the publisher No More Robots. Rose urged people to just pirate the game instead of buying on G2A, as game developers see nothing from G2A. Developer RageSquid, who made Descenders (published by No More Robots) also jumped in to say the same on Twitter "Please torrent our games instead of buying them on G2A". The situation gets then even murkier when Rose goes on to explain (Twitter thread) how some games end up on G2A and it's not pretty but it boils down to this:
- Someone sells a copy of a game using dodgy links and "Steam Gifts", waits until the game is in their account and they're happy
- At that point, they have plenty of options regarding how to kill that key and not pay for it
They're not alone in this feeling. Rami Ismail of Vlambeer also mentioned on Twitter:
If you can't afford or don't want to buy our games full-price, please pirate them rather than buying them from a key reseller. These sites cost us so much potential dev time in customer service, investigating fake key requests, figuring out credit card chargebacks, and more.
Even Fork Parker, the Chief Financial Officer at Devolver Digital chimed in on Twitter to say:
G2A is getting a lot of flak lately but it’s important to keep in mind that it’s a garbage company.
Then we have Gwennaël Arbona, the developer of Helium Rain, who also jumped in to say:
Our game has never been offered on giveaway or wholesale, but you still did not take it down, despite our multiple demands.
Further Twitter posts from Arbona also note how they reached out to G2A back in November last year but are still waiting on responses. The list of developers complaining about G2A just goes on and on.
G2A has recently put up a blog post to claim they will bring in a "reputable and independent auditing company" who will look over claims of fraud. G2A also said they will pay developers "10 times the money they lost on chargebacks after their illegally obtained keys were sold on G2A". Their team also took to Twitter themselves, to say:
Let's say that petition goes and G2A decides to stop selling any indie game. "Nature abhors a vacuum". Sellers would move to the next platforms (there is like 20 of them) and then to Ebay and other marketplaces.
They're clearly aware there's an issue, but part of their argument seems to be that if they didn't offer this "service" someone else would. Not exactly a good foundation to an argument. Remember, this is the company that charges people every month, if they don't login to their account regularly! Yes, they still do that.
What's also brilliant is that G2A seem to be asking people to publish their "unbiased" article for payment, yet not mentioning that it's sponsored which is probably against some advertising laws, as well as being incredibly immoral and only continues to show how shady they are willing to be.
So now it has resulted in Rose from No More Robots creating a petition to ask game developers to sign their name to get G2A to stop selling indie games, since they're one of the most affected by it. The petition has so far managed to reach over three thousand signatures.
If you're wondering why things like the Humble Indie Bundle are a lot rarer now, websites like G2A are part of the reason. Too many developers worried about people mass-buying keys to sell on G2A, causing their games to be devalued over a very long time.
Updated after publishing, to add in a note about how G2A are trying to pay people to publish their article.
Article taken from GamingOnLinux.com.
Quoting: cprnHowever, this is where all that anti-G2A logic falls short because that's not the end of the story. I had a talk with several card association reps and apparently the real story begins after the keys get revoked. You see, people who bought stolen keys also make complaints to their card issuers.
G2A has their own countermeasures for the penalties. For example, remember that G2A users can opt-in for a purchase secure, so they get their money back (most of the time to their G2A wallet) without having to execute the chargeback.
As I said, the problem for indie devs is the chargeback they get because G2A simplifies the money laundering operation. And of course, G2A doesn't care about that... so that is the real complain from the indie devs.
Quoting: x_wingG2A has their own countermeasures [...] a purchase secure [...] without having to execute the chargeback. [...]
They have, but why do you think these countermeasures exist in the first place? Because G2A doesn't want their fraud rate to go up. And yes, some percentage of their customers does fall for that but most just pay with a card specifically so they could claim a chargeback in case they've been wronged. I work for one of the biggest IPSPs in Poland and G2A used to be our customer (they might still be, not sure, I don't deal with customers any more). When dealing with them fraud prevention was the most important subject while talking about any new payment channel.
I don't understand this. People don't expect eBuy to "clean their act" and take care of counterfeits or to check if every goods sold there are legit and not stolen. Why is it not the same when it comes to similar platforms but dealing with licence keys? How's that different?
Last edited by cprn on 13 July 2019 at 10:58 am UTC
Quoting: cprnI don't understand this. People don't expect eBuy to "clean their act" and take care of counterfeits or to check if every goods sold there are legit and not stolen. Why is it not the same when it comes to similar platforms but dealing with licence keys? How's that different?
I would not make a parallel between software and physical products. There are some big difference that keeps users away from something with a fishy origin when it's a physical good (many ethical and security reasons).
As I said, the difference is the speed. G2A gives a fast way to sell your keys without caring about keys origin. So, here what it's important: The way they handle the market affects developers and they don't care. The "I don't care" behavior they have completely justifies the devs statements in this case.
By the way, I don't think that opinions will change between platforms that have the same or a similar behavior. If G2A is getting all the attention that's just because they are the big fish.
Quoting: razing32So what makes more sense ? Sell 90$ game to a few who will buy it or sell 60-40$ game to many more people ?
I cannot really tell what a game should cost, I never saw the numbers of a game producer (and couldn't evaluate them anyway). I got the feeling of a middle ground breaking away (or beeing bought away), something between indie and AAA, but I'm not sure about that either. What I see (in the Steam forums mainly) is people complaining about the price of 20$ indie games threatening to just download them, which I find quite ugly.
It would seem that the fix for Dev/Pubs would be to either stop issuing keys or expect that they'll need to spend X dollars/euros/etc each year in determining whether a key is fraudulent or not and then rolling that into the asking price of the game.
If the devs want to sell games through their own site to individuals then they could sell actual digital downloads only---wouldn't that remove them from the key market entirely?
If someone like Humble Bundle wanted to sell the dev's game, then Humble would license the right from the devs to also sell actual downloads. If Humble wanted to sell versions of a game that could be downloaded within Steam, then similarly they would need to take that up with Steam in addition to obtaining the right to do so from the dev/publisher.
Maybe we're seeing the beginning of the end of the key reseller market entirely. A system that sprung up to fill a niche until another (largely criminal) system obsolesced it.
But like I said, I don't understand this whole thing very well. This is just what I'm able to glean from what little online reading I did before writing this.
Last edited by Nanobang on 10 July 2019 at 2:00 pm UTC
Quoting: NanobangIf I understand how this all works (and that's a mighty big "IF") it seems to me that the core of the problem lies in the keys themselves.
It would seem that the fix for Dev/Pubs would be to either stop issuing keys or expect that they'll need to spend X dollars/euros/etc each year in determining whether a key is fraudulent or not and then rolling that into the asking price of the game.
If the devs want to sell games through their own site to individuals then they could sell actual digital downloads only---wouldn't that remove them from the key market entirely?
The first thing to note is that all this has a cost. With Steam keys Valve absorbs all of it. You go on your own and it's your costs.
The second thing to note is that... it won't solve the issue! It will just force you to handle it directly! Say you run your own site to sell your copies. How do you identify your copies? With a string? Then G2A will sell your key instead of a steam key. You link the copy to username and password. Then Username and password are sold. you link it to an email? Then a bot will create an email address and that will be sold (yeah, you can ban addresses that don't come from trusted providers, but then it's again it's more work for you and you risk to keep out buyers). Facebook accounts? These can be faked too.
The thing is that as long as payment circuits work as they do now, digital goods will always be exploitable for money laundry. So either you sell your copies only on stores that absorbs the costs and hassles of this issue by themselves (and ofc you give them the cut they want) or you save the cut but you have to dedicate resources to handle this. Avoiding humble bundles is for sure a first reasonable step to mitigate the issue (unfortunately for us).
The issue with G2A though is not its business. It's true that if they don't somebody else will. It's hypocritical to say the opposite. The issue is they don't contribute to fight it. The example in the tweet with that user selling like 200 keys in a day you don't need a multi million dollar AI algorithm to catch that. If you don't fight even these obvious abuses, you are partner in crime. You're not contributing to fight the issue, you're making it worse with the intent of profit from it.
Quoting: NanobangIf I understand how this all works (and that's a mighty big "IF") it seems to me that the core of the problem lies in the keys themselves.
It would seem that the fix for Dev/Pubs would be to either stop issuing keys or expect that they'll need to spend X dollars/euros/etc each year in determining whether a key is fraudulent or not and then rolling that into the asking price of the game.
If the devs want to sell games through their own site to individuals then they could sell actual digital downloads only---wouldn't that remove them from the key market entirely?
If someone like Humble Bundle wanted to sell the dev's game, then Humble would license the right from the devs to also sell actual downloads. If Humble wanted to sell versions of a game that could be downloaded within Steam, then similarly they would need to take that up with Steam in addition to obtaining the right to do so from the dev/publisher.
Maybe we're seeing the beginning of the end of the key reseller market entirely. A system that sprung up to fill a niche until another (largely criminal) system obsolesced it.
But like I said, I don't understand this whole thing very well. This is just what I'm able to glean from what little online reading I did before writing this.
Yes, keys aren't the best solution to distribute digital licenses. API to add license directly exists, though. SEGA's website games2gether.com is using it for example. You log in with your Steam account and press "Redeem" - voila, you have the game in your Steam library. No need to deal with keys at all.
The real issue, though, are card payments. Whole world is dumping them for better payment methods but US unfortunately doesn't. Americans were fed with ads about how convenient and safe cards are until they believed it but the truth is cards are unsecure by design. It's so unfixable card associations invented insurance in form of chargebacks. It's as simple as that.
Quoting: cprnIt's so unfixable card associations invented insurance in form of chargebacks. It's as simple as that.
Chargebacks just charge sellers with the responsibility of identifying the buyer. Which makes also sense in the real world. You can ask for an ID card or something to identify the card holder. It's easy, fast, cheap.
But the evil is when lawmakers use real world common sense to regulate the digital one. Clearly you can't ask sellers to do something even large multi nationals have issues to do. Common sense is that the payment circuit identifies who is taking advantage of its credit service.
That and eliminating seller commissions would create the conditions to solve the issue in few years.
Quoting: EikeQuoting: razing32So what makes more sense ? Sell 90$ game to a few who will buy it or sell 60-40$ game to many more people ?
I cannot really tell what a game should cost, I never saw the numbers of a game producer (and couldn't evaluate them anyway). I got the feeling of a middle ground breaking away (or beeing bought away), something between indie and AAA, but I'm not sure about that either. What I see (in the Steam forums mainly) is people complaining about the price of 20$ indie games threatening to just download them, which I find quite ugly.
I think what you are referring to is AA.
Games that have some budget and a bigger team than 3 indie devs in a debroom but nowhere near the millions of AAA with teams of a hundered+ people.
20$ for an indie game is fair. In my personal opinion it depends on the mileage you get from it.
Terraria , Minecraft etc with huge replay value would deserver 20$ easy.
As for threatening to pirate games , on the steam forum of all places seems the stupidest thing possible.
Might as well post in all caps "please ban my account"
Quoting: MalQuoting: cprnIt's so unfixable card associations invented insurance in form of chargebacks. It's as simple as that.
Chargebacks just charge sellers with the responsibility of identifying the buyer. Which makes also sense in the real world. You can ask for an ID card or something to identify the card holder. It's easy, fast, cheap.
But the evil is when lawmakers use real world common sense to regulate the digital one. Clearly you can't ask sellers to do something even large multi nationals have issues to do. Common sense is that the payment circuit identifies who is taking advantage of its credit service.
That and eliminating seller commissions would create the conditions to solve the issue in few years.
Clearly, you can. Showing ID in a physical world is nothing more but using a 2nd trusted factor. In cards world it's called a 3DSecure gateway - using 3rd party API (in this case the bank or card issuer's API) to 2nd factor the authentication between two endpoints (i.e. buyer's browser and seller's website). But banks dictate the cost of each 3DS request and it's not cheap so small publishers skim on it (as well as other risk management services). This is the reality of what's going on and the true cause of the issue. Cards are flawed. Extra security to mitigate responsibility for those flaws costs money. Publishers don't like to spend money so they don't buy it. They get burned with chargebacks.
What's more, it's not enough to integrate and pay for 3DSecure. G2A has that integration but over 95% of US cards doesn't have 3DS active. At least a year ago you had to call your bank and specifically ask them to activate it! If you do, you'll be bothered with 2nd factor every time you make a payment but at least nobody else is able to use your card (in theory). Still, people don't want it because if the 2nd factor is used during transaction, your card issuer can't claim a chargeback from the seller - 3DS cedes all the responsibility onto you.
Do e-commerce platforms have an alternative way of securing card payments? Sure they do! And it's almost free! I remember G2A once made a survey about adding extra security to card payments on their website and it came out very negative. It was rumoured they'll do it anyway and that's how Kinguin came to life, BTW. All they wanted to do is what Steam does now: one time 2nd factor authentication of each new payment method (e.g. new card) by charging a small random amount they later refund, and you have to tell them what amount it was proving you have access to the card's statement (i.e. you have credentials to your online banking). According to that survey (numbers are from the top of my head, it was years ago) G2A would loose around 50% of their card payments, realistically maybe up to 20%, but they are a big platform that lets people sell licenses for many many different games - not 10, out of which 7 are outdated. While people might feel incentivised to register their account and jump through hoops to add their card to that big platform, they wouldn't feel the same about a small publisher. Small publisher would probably loose about 70-80% of sales this way.
It's better than loosing 95% but still too much. So card payments security remains unfixed.
Last edited by cprn on 13 July 2019 at 10:57 am UTC
Patreon
PayPal
See more from me