G2A Offers Royalties To Developers

[vanished]

28 minutes ago, Shahnewaz said:

-

32 minutes ago, Energycore said:

-

Not that I'm trying to compare G2A to this at all, but it's just a useful example/analogy:

 

It's like if you just opened up a "store" and sold games you had pirated, and then you started sending the devs a certain percent of your profits... that's just not how it works.  If you are a real retailer, you work with the devs/publisher to get a contract to do things a certain way - you don't just do your own thing and tell them what they are getting!  

[Energycore]

1 minute ago, Ryan_Vickers said:

Not that I'm trying to compare G2A to this at all, but it's just a useful example/analogy:

 

It's like if you just opened up a "store" and sold games you had pirated, and then you started sending the devs a certain percent of your profits... that's just not how it works.  If you are a real retailer, you work with the devs/publisher to get a contract to do things a certain way - you don't just do your own thing and tell them what they are getting!  

That makes sense. They're still grey market at best even if they do what they promised.

[DXMember]

5 hours ago, Ryan_Vickers said:

Doesn't it strike anyone as odd that G2A is just now deciding to offer a certain percentage to these devs?  One would think that any legit retailer would already have a well thought out deal/contract in place with the devs that dictates what the terms will be when selling keys...

when I sell my old SEGA cartriges to my neighbor, I don' t give cut to the devs, should I? the devs already got their cut when they initially sold me the game... you can't, you shouldn't profit from the same product twice in the same way as you can't tax organizations twice...

 

4 hours ago, Ryan_Vickers said:

Not that I'm trying to compare G2A to this at all, but it's just a useful example/analogy:

 

It's like if you just opened up a "store" and sold games you had pirated, and then you started sending the devs a certain percent of your profits... that's just not how it works.  If you are a real retailer, you work with the devs/publisher to get a contract to do things a certain way - you don't just do your own thing and tell them what they are getting!  

they're not a retailer - they're a marketplace

in the same way as players in WoW aren't NPC vendors, when they sell stuff in /tradechat even though they are in Ogrimmar

[UnknownEngineer]

Why are there still people defending G2A? The stolen keys and credit cards have been brought up before, yet G2A is only doing something about it now that it being talked about more widely.

 

Not to mention putting the responsibility retailers who get scammed by stolen credit cards, or even putting the responsibility on banks. There is absolutely no way they can tell who is the person punching in the numbers, the thieves already have all the numbers the actual owned of the card would have in his/her mind. Unless you want a physical confirmation (fingerprint for an example) then the only counter against this is a charge-back.

 

Now it becomes an accounting problem, and there are many accounting solutions out there. And out of all that I have seen, they all need a person at some point, the accounting isn't done by some central AI of the bank for free, transaction fees apply. Especially when you are buying stuff from abroad, even though the item is digital and "free" to transport, there is still money moving, moving money also costs, and reversing that money flow does too. 

 

It takes time to trace back every charge back to a purchase, and then a key.

 

Here is an ideal situation: A charge back request goes from the initial victim, to the bank, then possibly to another bank, then to the retailer (who ends up paying for the charge back), then further to original source of the product. By the time the people who made the product know of a key being "stolen" from the retailer, it has already likely been purchased by another customer.

 

Then the original source of the product has a choice, disable the key if they can (not all games use DRM, see The Witcher 3 as an example) and get complaints from the end customer (see what happened to ubi), or just leave the key be. Disable it or not, the fees that hit the retailer will not go away, and there is technically no trace of the criminal.

 

But how does G2A and the people who sell the stolen keys come out of the end with a profit? The reason is G2A's store policy, no refunds, and even with a shield you just get another stolen key. They only sold a defective product, and the receipt of the end customer doesn't indicate that the key is stolen, nothing can enforce them to give the money back as there is no evidence of anything illegal happening.

 

The legit retailer who is complying with consumer laws cannot just avoid the fees of the charge back, see they have a stolen credit card on their hands, not an unhappy consumer. G2A just denies the customer from getting money back, this is fine in many places, especially if no evidence of a crime is there. The legit retailer is dealing with their bank, they cannot just deny the bank from getting money.

 

I couldn't seriously believe that G2A's creator(s) could be stupid enough to not realize how much of a golden opportunity they are creating for fraud, not to mention they they are smart enough to come up with a business where they make money, while separating themselves of the crime that is happening. The idea of the store is to sell products for less than what they actual creator asks, if they weren't making a profit they would automatically be giving away money. 

[UnknownEngineer]

6 minutes ago, DXMember said:

when I sell my old SEGA cartriges to my neighbor, I don' t give cut to the devs, should I? the devs already got their cut when they initially sold me the game... you can't, you shouldn't profit from the same product twice in the same way as you can't tax organizations twice...

 

they're not a retailer - they're a marketplace

in the same way as players in WoW aren't NPC vendors, when they sell stuff in /tradechat even though they are in Ogrimmar

Read my previous post, they are a marketplace that directly caters to people who use stolen credit cards to turn a profit.

[DXMember]

4 hours ago, Energycore said:

I'm trying to put emphasis in the fact that G2A already knew the keys they were selling were stolen

there is no way for them to know keys are stolen in the same way Tiny Build didn't know the credit cards used to authorize transactions and get the keys in the first place were stolen

G2A is not selling the things in the same way E-Bay doesn't sell things

 

it's really easy to point fingers and blame G2A for that, but it's not  the right thing to do, they should instead focus their resources to persuade the banks that authorized the transactions that enabled the keys to be stolen in the first place

[UnknownEngineer]

10 minutes ago, DXMember said:

there is no way for them to know keys are stolen in the same way Tiny Build didn't know the credit cards used to authorize transactions and get the keys in the first place were stolen

G2A is not selling the things in the same way E-Bay doesn't sell things

 

it's really easy to point fingers and blame G2A for that, but it's not  the right thing to do, they should instead focus their resources to persuade the banks that authorized the transactions that enabled the keys to be stolen in the first place

Please, some up with a method that the banks could feasibly use to determine a legit purchase, from a purchase done with a stolen credit card. BEFORE the money is actually transferred, before the product is already "moved".

 

Optionally, remove G2A from the equation, this means you disallow the criminals from using a marketplace that doesn't require any form of ID to be used. Then see if you could, as a criminal, still make a profit from stolen credit cards.

[DXMember]

27 minutes ago, UnknownEngineer said:

Not to mention putting the responsibility retailers who get scammed by stolen credit cards, or even putting the responsibility on banks. There is absolutely no way they can tell who is the person punching in the numbers,

if you can't guarantee a completely secure authentication, eat the risks or don't offer it at all

It's the bank's risk as much as a failed hardware within a warranty period is manufacturers risk and responsibility

 

I'm not sure how your end does the secure credit card transaction online... I've see places where all the numbers you need are on the credit card itself - like the number and CVC with expiration date,

here on our end the banks carrying VISA have a control panel online where you have to first register the card for online transaction, and then set an additional factor authentication with a secret question - the question part is know by you and the bank, the bank keeps it secret, the answer part is known by you, kept secret and validated by the bank

 

the question part is a proof that there has been made a connection to the bank you trust, prevents credit cards from being stolen in the first place

the answer part is a proof for the bank that it is indeed you and allows the transaction to be processed

 

as far as I know, most of the USA still uses chip-less magnetic credit cards ... so yeah they're like 20 years behind and it is most definitely bank's risk and responsibility for carrying out online credit card transactions - if they can't keep it secure then nobody else but them should be held responsible for frauds

[DXMember]

9 minutes ago, UnknownEngineer said:

Please, some up with a method that the banks could feasibly use to determine a legit purchase, from a purchase done with a stolen credit card. BEFORE the money is actually transferred, before the product is already "moved".

I think my previous post answers that, didn't really come up with it myself, as I said, that's what our banks provide

[MilkJugg24]

This doesn't change my standing on buying keys that could potentially be fraudulent.

 

My first purchase from G2A was a fraud and if I hadn't paid their dumb fee for shield (which should be free anyways) I would have been out $30 bucks.

 

Unless you're penny pinching or desperate to save money, avoid G2A like the plague.

[UnknownEngineer]

35 minutes ago, DXMember said:

if you can't guarantee a completely secure authentication, eat the risks or don't offer it at all

It's the bank's risk as much as a failed hardware within a warranty period is manufacturers risk and responsibility

 

I'm not sure how your end does the secure credit card transaction online... I've see places where all the numbers you need are on the credit card itself - like the number and CVC with expiration date,

here on our end the banks carrying VISA have a control panel online where you have to first register the card for online transaction, and then set an additional factor authentication with a secret question - the question part is know by you and the bank, the bank keeps it secret, the answer part is known by you, kept secret and validated by the bank

 

the question part is a proof that there has been made a connection to the bank you trust, prevents credit cards from being stolen in the first place

the answer part is a proof for the bank that it is indeed you and allows the transaction to be processed

 

as far as I know, most of the USA still uses chip-less magnetic credit cards ... so yeah they're like 20 years behind and it is most definitely bank's risk and responsibility for carrying out online credit card transactions - if they can't keep it secure then nobody else but them should be held responsible for frauds

That "password that only you and the bank knows of" isn't going to work. Your credit card could be charged without it.

Here is an example, you put your card in, you take some money out of the ATM. Meanwhile someone gets all the data he needs to charge your account in an identical way. There are many ways for people to use their credit cards, as there are many ways for people to access their bank account without the card being used at all. To defeat the password that is only stored in the users head the thieves only need to listen in when the use makes a transaction. Man in the middle, attacks are not uncommon.

 

While a password like you suggest would reduce the likelihood of data being stolen and used, it isn't infallible. And to implement it in every method that the user has available to access his/hers online funds is not exactly feasible. Not to mention that if there is one place where it isn't used, there is a hole for the thieves to use.

 

G2A in it self is a bottleneck of sorts, behind it game keys are being "stolen", there are so many ways to get to the point of owning a stolen game key to sell that it is easier to just find another weakness in the chain. The weak link in the chain is G2A, remove it and trading stolen game keys just gets much much harder, as there is not "store front" for the thieves to use.

 

G2A knows that there isn't going to be a magical solution that will suddenly stop credit cads from being exploited, this is what they are banking on (hah).

 

This is what I also asked previously, but you said you didn't need to answer it. I would like to insist that you try.

Quote

Optionally, remove G2A from the equation, this means you disallow the criminals from using a marketplace that doesn't require any form of ID to be used. Then see if you could, as a criminal, still make a profit from stolen credit cards.

 

[DXMember]

This is what I also asked previously, but you said you didn't need to answer it. I would like to insist that you try.

Quote

Optionally, remove G2A from the equation, this means you disallow the criminals from using a marketplace that doesn't require any form of ID to be used. Then see if you could, as a criminal, still make a profit from stolen credit cards.

 

oddly none of the top hits has G2A mentioned in them...

[DXMember]

4 hours ago, UnknownEngineer said:

Your credit card could be charged without it.

 

that thing as you say in the hood "skimms" the magnetic part of the credit card

chip-less credit cards should be obsolete and illegal, any unauthorized transactions done with a chip-less credit card should be the problem of the bank, once again, they provide the means of you accessing the money that they store, they want as many transactions as possible so they make stuff to increase the convenience of you spending the money, because they make profit on the transactions

 

where I live the chip-less credit cards have been obsolete for like 10 years minimum, and they are not accepted if foreigners come with chip-less cards

 

like we say in the hood:

 

there are ways to do credit card transaction the modern way and in a more secure fashion,

if the bank cannot provide complete security they should take responsibility on the risk, if they are not willing to take the risk then they should not be providing such means.

With taking risk means either they eat the loss and suck it up, or they raise a criminal offence and the police deals with the criminals - neither the account owner nor the involved 3rd parties should be at loss

 

If I come to the bank impersonating you and asking to withdraw cash from your account, and the bank doesn't properly check my credentials and successfully authenticates and authorizes me to withdraw cash, and I get out of the bank with your cash - is that G2A's fault?

Who takes fault on bank robberies - G2A ?? didn't think so...

 

[vanished]

5 hours ago, DXMember said:

when I sell my old SEGA cartriges to my neighbor, I don' t give cut to the devs, should I? the devs already got their cut when they initially sold me the game... you can't, you shouldn't profit from the same product twice in the same way as you can't tax organizations twice...

 

That's different.  The product was already legitimately purchased once.  What happens to it after that, in terms of changing hands, doesn't matter (to the devs).

5 hours ago, DXMember said:

they're not a retailer - they're a marketplace

in the same way as players in WoW aren't NPC vendors, when they sell stuff in /tradechat even though they are in Ogrimmar

I didn't realize that's how this worked.  If they basically function as a means to accomplish trades like you said in your first quote, then it's no different than ebay - Buyer beware, and you'r at the mercy of whoever you're buying from.  G2A is not likely to blame for anything directly, unless they are acting as one of the sellers on their own site.

[UnknownEngineer]

38 minutes ago, DXMember said:

that thing as you say in the hood "skimms" the magnetic part of the credit card

chip-less credit cards should be obsolete and illegal, any unauthorized transactions done with a chip-less credit card should be the problem of the bank, once again, they provide the means of you accessing the money that they store, they want as many transactions as possible so they make stuff to increase the convenience of you spending the money, because they make profit on the transactions

 

where I live the chip-less credit cards have been obsolete for like 10 years minimum, and they are not accepted if foreigners come with chip-less cards

 

like we say in the hood:

 

there are ways to do credit card transaction the modern way and in a more secure fashion,

if the bank cannot provide complete security they should take responsibility on the risk, if they are not willing to take the risk then they should not be providing such means.

With taking risk means either they eat the loss and suck it up, or they raise a criminal offence and the police deals with the criminals - neither the account owner nor the involved 3rd parties should be at loss

 

If I come to the bank impersonating you and asking to withdraw cash from your account, and the bank doesn't properly check my credentials and successfully authenticates and authorizes me to withdraw cash, and I get out of the bank with your cash - is that G2A's fault?

Who takes fault on bank robberies - G2A ?? didn't think so...

 

My point is that the thieves use methods similar to the one in the video. I never said they require the victim to use outdated tech exclusively.

 

My point is that there are countless methods for stealing a credit card, or the data required to charge one. Would you rather try to plug every single way for misuse to happen, individually, for every user and bank. Or would you rather remove a marketplace or change the way it works to remove a possible way to profit off ANY breach.

 

Removing/changing the marketplace affects the entire problem, trying to prevent every single way for a thief to use another persons money only affects that method of thievery. Why bother spending countless resources on several issues that practically cannot be solved, when you could just remove the reason anyone tries to exploit them.

 

I am not going to write anything long from here on out, as you have seemingly just skipped most of what I wrote before anyway. 

[vanished]

4 minutes ago, UnknownEngineer said:

My point is that there are countless methods for stealing a credit card, or the data required to charge one. Would you rather try to plug every single way for misuse to happen, individually, for every user and bank. Or would you rather remove a marketplace or change the way it works to remove a possible way to profit off ANY breach.

 

Removing/changing the marketplace affects the entire problem, trying to prevent every single way for a thief to use another persons money only affects that method of thievery. Why bother spending countless resources on several issues that practically cannot be solved, when you could just remove the reason anyone tries to exploit them.

I feel like there would just be another one, and another one, and so on... then it's the same game of "chase down every last option spending tons to do it", but instead of credit card security holes, you're chasing marketplaces.

[typographie]

10 hours ago, Energycore said:

I mean, I still see it as a step in the right direction for G2A, if they deliver on it. Otherwise it was just an announcement that they made so that the masses calmed and they could continue their shady workings.

Sharing royalties with developers requires those developers to work with G2A, whom they have been given every reason not to trust. They may not be able to deliver on it, because they may have trouble finding publishers willing to put it on the record that they deal with G2A.

 

Steps in the right direction would be to allow publishers to set their own minimum prices, require verification of seller accounts, and (!!!) to stop selling insurance against the goods being sold through their own service.

[DXMember]

30 minutes ago, UnknownEngineer said:

My point is that the thieves use methods similar to the one in the video. I never said they require the victim to use outdated tech exclusively.

 

My point is that there are countless methods for stealing a credit card, or the data required to charge one. Would you rather try to plug every single way for misuse to happen, individually, for every user and bank. Or would you rather remove a marketplace or change the way it works to remove a possible way to profit off ANY breach.

 

Removing/changing the marketplace affects the entire problem, trying to prevent every single way for a thief to use another persons money only affects that method of thievery. Why bother spending countless resources on several issues that practically cannot be solved, when you could just remove the reason anyone tries to exploit them.

 

I am not going to write anything long from here on out, as you have seemingly just skipped most of what I wrote before anyway. 

with a stolen credit card you just as well go to the grocery store and buy a feast for the weekend, should we remove grocery stores remove a possible way to profit off ANY breach. or should we rather punish criminals breaching??

stealing is illegal, you can't make buying stolen stuff illegal as those people buying it have no way to validate the purchase unlike the bank has with the credit card info

[UnknownEngineer]

8 minutes ago, DXMember said:

with a stolen credit card you just as well go to the grocery store and buy a feast for the weekend, should we remove grocery stores remove a possible way to profit off ANY breach. or should we rather punish criminals breaching??

stealing is illegal, you can't make buying stolen stuff illegal as those people buying it have no way to validate the purchase unlike the bank has with the credit card info

With that specific example the criminal is incredibly easy to track down, it gives investigators a place, time, possibly camera footage, witnesses and so on.

EDIT: Also, how does banks taking responsibility equal punishing criminals?

 

37 minutes ago, Ryan_Vickers said:

I feel like there would just be another one, and another one, and so on... then it's the same game of "chase down every last option spending tons to do it", but instead of credit card security holes, you're chasing marketplaces.

Another marketplace could, and would likely pop up. But then again it would take allot of time for it to become known to it's target audience. Removing the stolen keys, or just removing a very well known marketplace has a large impact, and the effect lasts quite long. It is a similar cat and mouse game, but I think with this approach it would be much more effective at killing the mice.

[Energycore]

44 minutes ago, DXMember said:

with a stolen credit card you just as well go to the grocery store and buy a feast for the weekend, should we remove grocery stores remove a possible way to profit off ANY breach. or should we rather punish criminals breaching??

stealing is illegal, you can't make buying stolen stuff illegal as those people buying it have no way to validate the purchase unlike the bank has with the credit card info

I guess you can make selling stolen stuff (knowingly) illegal. As for how one determines whether it's knowingly, I don't know. Leaked emails?

[DXMember]

2 hours ago, UnknownEngineer said:

Another marketplace could, and would likely pop up. But then again it would take allot of time for it to become known to it's target audience. Removing the stolen keys, or just removing a very well known marketplace has a large impact, and the effect lasts quite long.

yeah... all that taking down piratebay lasted very long and very hard for those sony entertainments and stuff...

[DXMember]

1 hour ago, Energycore said:

I guess you can make selling stolen stuff (knowingly) illegal. As for how one determines whether it's knowingly, I don't know. Leaked emails?

it is too complicated or even impossible to know,

you have to cut the problem at the root - the flawed banking system in US and the thieves

stop chasing the leaves that are floating in the wind

[DXMember]

2 hours ago, UnknownEngineer said:

EDIT: Also, how does banks taking responsibility equal punishing criminals?

technically the credit card is still the property of the bank (they just issue the card to individuals for personal use, you can turn the back side of your credit card and read the fine print on it), so if someone steals a credit card, they steal banks property - what do you do when someone steals your property - you go to the police and make a claim