So the controversy surrounding game reseller G2A is mounting. Anyone who doesn’t know what I’m talking about should count themselves lucky. For those not in the know, G2A is a site infamous for reselling digital keys for PC games. The firm found itself in hot water recently as they were hit with sweeping accusations that amounted to some indie developers arguing you should pirate games rather than buy them on G2A.
A big underpinning point for this argument centered on credit card fraud, a major issue which costs consumers billions every year. And now G2A has responded directly in a massive post on their website.
The gaming company is making an attempt to waylay some concerns over credit card fraud, mostly by offering a limited-use auditing service to hunt down fraud.
Let’s lay all cards on the table. We will pay developers 10 times the money they lost on chargebacks after their illegally obtained keys were sold on G2A. The idea is simple: developers just need to prove such a thing actually happened on their stores. To assure honesty and transparency, we will ask a reputable and independent auditing company to make an unbiased examination of both sides – the developer’s store and G2A Marketplace. The cost of the first three audits is on us, every next one will be split 50/50.
The auditing company will check if any game keys sold on G2A were obtained using stolen credit cards on a developer’s store compliant with card scheme rules from Visa and Master Card/payment provider rules. If so, G2A guarantees it’ll pay all the money the developer lost on chargebacks… multiplied by 10.
So while this seems useful on the surface there are some obvious issues with the process. The auditing company, which isn’t disclosed, could miss some important detail. We’ve all had to deal with big companies and obscure enforcement policies. Think PayPal chargebacks, how often does a seller lose out on those even when the buyer is in the wrong? And that’s just one example. There will obviously be instances where developers can’t prove fraud occurred, even when it does, should they lose out on that purchase?
Then there’s the deeper issue of this process not addressing other loopholes that dubious sellers exploit. Indie games often appear in bundles, which are bought in massive amounts then resold. And even though G2A has a policy against this, it isn’t seemingly well-enforced. Buy any of the random Steam key bundles on G2A or Ebay, and you’re likely to get games that featured in bundles from Fanatical, Indiegala and more. This is of course less prevalent as Humble Bundle and other services introduced account verification to cut down on reselling, but now fraudsters found a new way around the problem, either gifting Steam games or just selling whole Steam accounts.
There are of course other official sources that are abused by hucksters. One popular example of software being resold is Windows keys, which if you search on Ebay, you’ll uncover hundreds of listings for keys at a huge discount of 90% or more. This is done by using official sources like the MSDN to create keys, and then reselling the keys. And similar things happen for games, with giveaways and review codes often being exploited for reselling. The auditing process G2A has outlined seems specifically targeted to shutting down illegal or “carded” keys, not those gained from official sources by exploiting price differences and the like.
In the response article the company sent out to the press, G2A outlined what they see key fraud as, as well as reselling of indie games. And in essence, they claim it’s a minor issue.
Before its official release, 226 keys were available on our marketplace. An increased number of keys in that timeframe may have been related (but didn’t have to be) to several different giveaways. Anyway, even taking all 231 keys into account, they only make up 0,72% (SteamSpy estimation) or 0.46% of owned copies (based on Jake Birkett’s formula), or even less, if more copies were distributed. So, what does that mean? Two things, actually:
The company also explained that they have a system in place to stop credit card fraud or other abuse, and that all developers have to do is point the problem out.
“If any developer suspects there are keys on the marketplace that shouldn’t be there, there’s a quick and easy way to report it,” the firm wrote. “All it takes is to contact us. If any key was illegally obtained, we’ll remove it, block the seller and provide their personal data to the proper authorities”
They also go into deeper detail about credit card fraud and how they also view it as too difficult to be a major issue. This is factually inaccurate. Cybercrime is incredibly easy these days. A stolen credit card, PayPal account, bank login, or other financial details can be bought online for as little as $1-$2 a pop. A simple Google search can unveil a rabbit hole of easily accessible cybercrime, it isn’t as hard as G2A thinks it is.
They are correct in that most scammers wouldn’t waste their time on trying to scam a handful of cheap indie games, but if a scammer can find a store selling AAA Steam keys and manages to use a stolen credit card against it, you can bet those games will end up on sites like G2A.
The company also claims the article they posted, which is lengthy and contains direct attempts to respond to Mike Rose, is not just a response to his Tweets nor the controversy they helped start. Take that for what you will dear reader. I strongly encourage you to take the time to read their full post. Be warned though, being incredibly long and meandering in style, it can be a slog to get through.
Mike Rose on the other hand, wasn’t sitting idly by, he began circulating a petition demanding that G2A stops selling indie games.