After years of controversy, G2A’s gray market game keys marketplace has admitted what it has long been accused of by angry game developers: profiting from the sale of illegitimate download keys — at least in one specific case.
In a blog post yesterday, G2A confirmed that 198 copies of Factorio that were sold on G2A in early 2016 were indeed obtained illegally. G2A says it will pay Factorio developer Wube 10 times the “bank-initiated refund fee” he incurred for those fraudulent purchases, or about $40,000.
But the discovery and confirmation of the fraudulent keys in this one particular case come only after years of controversy and arguing over the role of the market.
A long history of alleged fraud
G2A allows its users to take game keys obtained from third-party sources such as bundles or third-party online stores and resell them at a price that they set themselves. But developers have long said that many of the keys to those games come from purchases made on other platforms using stolen credit cards.
These users would then use G2A to sell those keys for cash (usually well below the going price), effectively laundering the purchases before the illegal charges are discovered. While G2A is raking in some of these illegal sales, the original developer has to pay for the credit card chargeback fees that come with it.
The issue of reselling stolen keys began to gain prominence in the industry in 2016, when indie game developer TinyBuild said it had lost $450,000 in sales to fraudsters assisted by G2A. “Websites like G2A are facilitating a fraud-driven economy in which key resellers are affected by tons of stolen credit card transactions and these websites are now growing rapidly due to the low prices of game keys,” wrote TinyBuild CEO Alex Nichiporchik at the time.
G2A responded strongly, asking Tiny Build to provide “the list of keys they deemed stolen without any verification.” But TinyBuild said it would “take a lot of time to micromanage this” to separate all illegal keys from legitimate keys bought through bundles and giveaways. And Nichiporchik said he didn’t trust G2A enough to work with them on the case after all.
“Everyone knows his reputation,” he told Polygon in 2016. “Why would anyone even consider giving them a list of keys to ‘verify’? I guess they just resell those keys and make more money from them.” That reputation was a big part of why Gearbox ended its partnership with G2A in 2017.
If you can’t afford or don’t want to buy our games at full price, you can use them piracy instead of buying them from a major reseller. These sites cost us so much potential development time in customer service, investigating fake key requests, sorting out credit card chargebacks, and more. https://t.co/25NWxrj8f8
— Rami Ismail (@tha_rami) June 30, 2019
Vlambeer founder Rami Ismail summarized the general industry consensus around G2A a tweet from 2019“If you can’t afford or don’t want to buy our games at full price, please piracy instead of buying them from a major reseller,” he wrote. “These sites cost us so much potential development time in customer service, investigating fake key requests, sorting out credit card chargebacks, and more.”
Wube “satisfied with the results”
In the years since TinyBuild’s impeachment, G2A has provided some potential solutions for developers to address alleged fraud issues. These include G2A Direct – a program that gives developers additional control options and a 10% discount on every sale – and G2A Pay – a merchant-audited payment processor that offers ‘chargeback protection’. But these solutions have gained little traction with developers who still don’t trust the site and are wary of working more closely with it (and giving it credibility) just to be protected from fraud.
So we come to last year, when G2A made a temporary offer that it said, “[putting] all the cards on the table. We pay developers 10 times the money they lost in chargebacks after their illegally obtained keys were sold on G2A. The idea is simple: developers just need to prove that something like this actually happened in their stores.”
Factorio developer Wube was the only company G2A took up that offer, the retailer said. And while G2A initially offered to pay the full cost for a “reputable and independent audit firm” to conduct that investigation, it eventually decided to conduct the investigation itself after none of the auditors it approached “met our agreed-upon requirements.” “.
“Grand auditors, as a matter of general policy, are unwilling to publicly communicate the findings of their private audits,” G2A said in a statement to Kotaku. “It was clear that both G2A and Wube had to make the results of this research public. In order to find a solution as quickly as possible, we therefore offered to conduct the research ourselves.”
Wube, for his part, told GamesIndustry.biz that it was happy with the process. “They produced a pretty detailed report of the keys, who sold them, what dates and times they were sold,” Wube PR, Community and Support Manager Scott Klonan told the site. “I thought they probably wouldn’t fake it, especially since it’s still more than half of the keys we sent out. We’re happy with the results.”
That said, Klonan said going through such a cumbersome audit process was only worth it because of the temporary tenfold multiplier G2A offered last year for such confirmed fraud. “The amount of time it takes and the administrative work to get this refund, it probably isn’t worth the monetary compensation if it wasn’t 10x,” he said.
Wube also had his own role in the fraudulent sales to GI.biz, saying direct sales through his site in 2016 were less secure than those on other platforms. Since Wube switched to using the Humble Store widget for its direct sales and started limiting its once-prolific key giveaways, Klonan said fraudulent sales on G2A “have completely stopped.”
“Ultimately, contacting G2A is treating a symptom of people stealing keys,” he says. “The best way to combat that is to cut it at the source.”