Postal Devs ask fans to pirate games instead of using key resellers, giving explicit permission to fans

DaSaw, 11 months ago

Reminds me of the days when you would buy a physical copy on Ebay and get a pirate copy with black and white photocopied manuals and even cd art, only it’s worse: the dev is actually getting charged for selling to credit card theives.

actsukrit, 11 months ago

I swear everyone here is missing the point.

The issue is scammers buy keys with stolen or fraudulent credit card info, then they sell those keys via key resellers like G2A to make money.

Meanwhile the original sale gets disputed, and the sellers are hit with a chargeback, which means not only do the developers have to pay back the money they made, but they also LOSE money because of chargeback fees that credit card companies levy on them for the disputed transaction.

It doesn’t matter that they can void the key that was fraudulently purchased, they still lost money on that sale. That’s why they’re saying “please at least pirate it”, because in that case, while they’re not making a sale, they’re at least not losing money on the transaction.

suddenlythequietrose, 11 months ago

Also, when the devs blacklist the key, the customer gets angry at the devs instead of the scammer, turning away future customers.

alehel, 11 months ago

How does this work? How are the keysellers able to make keys that cost the developer money?

Bazz, 11 months ago

They buy keys with stolen credit card credentials. Owner of the card blocks the payment, devs have no money and in addition have to pay for the chargeback.

freundTech, 11 months ago

Many of the keys sold on key reselling sites are bought with stolen credit cards. It usually works like this:

1. Someone obtains stolen credit card data (can be easily bought on the dark web)
2. The stolen credit card data is used to buy keys from official key sellers (or directly from the developer of they offer them)
3. Those keys are then sold on key reselling sites
4. The credit card owner notices that his credit card data was stolen, contacts his credit card company and does a charge back. 5.The official key seller has to pay back the money + a charge back fee.

alehel, 11 months ago

Oh. Now I feel bad. I've bought keys a few times from such sites assuming they just bought them in bulk for resale ☹️

Crotaro, 11 months ago (edited 11 months ago)

You and me both. Maybe it has changed since then, but when I found out about this, I was told that there are a handful stores that operate legally. Apparently the ones that are listed on isthereanydeal.com are legally operating businesses?

Other than that, Humble Bundle is also working legally.

ByteSorcerer, 11 months ago

There are several those keys can be obtained, and most of them don't involve fraud:

• Purchasing keys in a region where they're cheaper, and reselling them in regions where the game is more expensive
• Purchasing keys during a sale, and reselling them after the sale
• Claiming keys from giveaways and selling those when the giveaway is over
• Buying a bundle (such as Humble Bundle) and selling the keys you aren't interested in or you already have
• Buying games with stolen credit card and reselling those keys

Only the last one is illegal and costs the developers money. Digital storefronts have made it harder to obtain raw, transferrable keys and have introduced region locks to try to combat those top 3 methods, but they all were very common in the past.

Key resellers like G2A are pretty much just an eBay for keys. It's not an illegal organisation, they just provide platforms on which people can sell their game keys, but they don't know (and probably don't care) how those keys are actually obtained. The majority of keys on those platforms are actually legit (iirc by far the biggest category is games purchased out of region).

HOWEVER,

The legally obtained keys sold on the platform are all obtained in such a way that the developers get little to no money from it, so chargeback fees from a few fraudulent purchases easily outweighs the small amount of money they get from the legit keys there. So even though the majority of keys sold on such platforms are not illegal, the few illegal keys that do exist are enough to make the developers still lose money on average with keys sold there.

ram, 11 months ago

If I steal your credit card and buy a key to the new FNAF that costs $60, I can sell that key on G2A. Let’s say I make $50. That $50 is mine, the third person has the key and thus the game, the developers have your $60.

But your CC was stolen. You shouldn’t pay for that. So you contact your financial institution and are like “hey wtf I don’t wanna pay for this.” They respond “yes sir/ma’am, sorry sir/ma’am” and return the funds to your credit card.

Now your financial institution isn’t just gonna take the hit. So they’re like “well, this money is with the weird dude who made FNAF, so let’s take that money back.” They issue what’s called a chargeback, reclaiming the $60. But that’s not enough, right? Because “We don’t want them putting their products in sketchy places that might make us do this more, so we’re gonna add a punitive fee.” These punitive fees range from $30 to $100 depending on your institution.

So now, I have the G2A user’s $50, you have your $60 back, the third person has the key, and the FNAF developers? They had $60, but after the chargeback that turned to $0, and then there was a punitive fee. They now have -$30.

Epilogue:

After losing the money, and in fact paying for someone else to have the game consider their options. They’d be right to revoke the key as the person who used it didn’t actually pay them for it. But if they did, they’d get bad reviews, the G2A customer might be mad at the FNAF devs, and you may just go and buy another key from G2A. So in all likelihood they just cut their losses and let you keep the game as it causes less problems that way.

ouigol, 11 months ago

It’s interesting how scared some people are of pirating when the amount of people charged for downloading/streaming is so few it’s barely significant.

Cinner, 11 months ago

I used to pirate games and software. Then came the ransomware, and the crypto stealers.

So I'm afraid of pirating certain things, but not because of the IP issues.

Deestan, 11 months ago

Just finding a bittorrent client without giving my machine digital herpes gutworms is non-trivial these days.

Faydaikin, 11 months ago

Let's be honest. Your machine likely already has digital herpes thanks to it's OS.

Cinner, 11 months ago

qBittorrent is what I've been using since uTorrent went to shit. Well there was a brief period where I used Transmission but it's so feature-limited.

Deestan, 11 months ago

Thanks! It's a hassle to figure out which client is the sane one every 5 years when I setup a new PC.

Edc3, 11 months ago

I suggest downloading it from ninite so you can be sure you are getting a good copy of it

Underwaterbob, 11 months ago

Tixati has served me well for a long time now.

boonhet, 11 months ago

Deluge and Transmission have been good to me. I don't need all the additional features of qBittorrent personally.

If you live in a country where VPNs are needed in order to avoid fines, you may want to use qBittorrent for its ability to bind itself to a VPN though.

I believe Deluge has the option too, but not as convenient as qBittorrent? I'm not sure.

Micromot, 11 months ago

I heard i2p is also good can always recommend the piracy community on lemmy/kbin

EddyBot, 11 months ago

Get an open source client like qBittorrent, kTorrent, rTorrent or Transmission

OmnipotentEntity, 11 months ago (edited 11 months ago)

Which is why when I made a game once upon a time I released checksums for the official files. I wish Running With Scissors would consider doing so as well.

Grimpen, 11 months ago

Me and my kids love playing Starbound! It's a great game.

OmnipotentEntity, 11 months ago

I appreciate it!

spen, 11 months ago

It’d be nice if software license ownership/reselling could be secure and decentralized. Here’s an idea on using distributed ledger (blockchain) for that: https://techcrunch.com/2019/06/06/is-there-potential-for-blockchain-in-copyright-and-licensing-applications/?guccounter=1 Monkey NFTs are stupid, but there are other assets, like software or other copyright licenses that could be bought and sold as smart contracts.

Ullallulloo, 11 months ago

The problem is rather the opposite. The keys are secure and their sale is decentralized, which gives limited control over them. People generate the keys with stolen credit cards, and then resell them. The postal devs are basically admitting they are giving up trying to actually go after the thieves, but it is genuinely hard to figure out which keys are legit and which are stolen. All your proposing is to make it impossible to revoke a key even if you know it's illegal.

The actual way to prevent this theft would be to forbid merchants from generating keys at all, and go to a fully centralized model like Steam and Epic generally use.

Dymonika, 11 months ago

What? Steam generates keys, does it not?

Also, what if usage of keys was required to be publicly declared on the chain? That would instantly stop all of this.

Ullallulloo, 11 months ago

As of 8½ years ago, you can't buy keys from Steam, although they still allow developers to generate keys for use on other sites that still use them.

How would requiring keys to be declared help? The people using the keys are all innocent (or at least largely ignorant) buyers. Steam can already see who those are, but that doesn't stop the sale or say who sold them.

Leone, 11 months ago

Hold on a minute. Developers need to generate the keys so third parties can resell them. And they can revoke or disable them if they were obtained fraudulently.

What is the point of all this? Just disable the keys and fuck the scammers.

ram, 11 months ago

They don't know the keys on G2A and the like unless they buy them themselves. And these unauthorized key sellers aren't in the business to cooperate with them, since the money laundering is their bread and butter.

Leone, 11 months ago

They don't know the keys on G2A

But they should. Someone at RWS generated those keys and then sold them to resellers. Even if they don't personally keep track of the keys, Steam probably does.

I guess they don't want to affect users who already paid for a key even though they have the right to do so.

Honestly, I've had keys revoked from my account before, and it sucks to waste money on scammers, but any rational person would understand that's not their fault.

ram, 11 months ago

How would they know which keys are on G2A? They're bought through an intermediary before being resold on G2A.

Leone, 11 months ago

The keys were given in plain text to this intermediary at some point. A copy of said text should exist.

The Steamworks Documentation explicitly recommends tagging the keys to keep track of them and potentially prevent this kind of issues.

ram, 11 months ago

Yes they were given to an intermediary like green man gaming who then sold it to what they believed was a customer but was actually a credit card scammer laundering money

Moonrise2473, 11 months ago

I checked better because they mentioned chargebacks.

The "reseller" on g2a is actually a scammer who is using stolen credit cards for purchasing steam keys from the developers website, so even if they void it, they will incur a $30 chargebacks fee from each "sale"

Hellsadvocate, 11 months ago

Correct. Once the charge ack occurs however, the key is revoked. The key is revoked and the customer goes to g2a who refuses refunds (unless you pay an extra cover charge fee now I think).

Moonrise2473, 11 months ago

False positives. If some of them are legitimate customers

Afaik you can't disable individual keys but the whole batch

Send_me_nude_girls, 11 months ago

Aside of what was already said, there's also no gain for revoking the key. Say you do, the owner will be pissed and likely just pirate the game, maybe even give a bad rating/review in frustration. To believe they buy the game again for full prices is, humbly, naive.

megahbite, 11 months ago

If it were that easy then G2A wouldn’t exist. Use some common sense.

lowleveldata, 11 months ago

I hate these guys just tell you to "use common sense" without explaining any shits. Your comment does not contribute to the discussion at all.

megahbite, 11 months ago

If it were so simple to revoke these keys as OP is implying, why would the game publishers be telling people to literally steal their games instead of buying on one of these key resellers?

AndrasKrigare, 11 months ago

Yeah... I hadn't heard of G2A before now, but after reading up a bit, it seems like a bit of a convenient scapegoat for developers.

https://www.gamesindustry.biz/g2a-and-wube-software-settle-usd40-000-chargeback-dispute

Some quotes

The debate over the site was triggered by No More Robots founder Mike Rose, who claimed it was better for gamers to pirate titles than buy from G2A since "devs don't see a penny either way."

Vlambeer co-founder Rami Ismail agreed, adding: "These sites cost us so much potential dev time in customer service, investigating fake key requests, figuring out credit card chargebacks, and more."

As the discourse escalated into a petition to stop G2A from allowing the sale of indie games, the marketplace responded with its 10x chargeback offer in an attempt to address these concerns.

Lack of response has frequently been an issue for G2A. To date, Factorio remains the only studio to challenge the firm's offer of 10x chargebacks, and when G2A suggested a potential keyblocker tool for developers, only 19 companies registered interest.

Klonan acknowledges Wube's role in how G2A sellers were able to obtain codes for Factorio. These codes were purchased through the game's official website, which was previously less secure than the likes of Steam or Itch.io, although did give Wube detailed records of purchases and chargebacks it could compare with G2A's audit.

The company also offers a free Steam key with website purchases, many of which are "probably flipped on G2A", although as these are obtained legally it becomes harder to challenge these transactions.

Klonan notes that after Wube switched to using Humble's widget on its site and refraining from "giving out tons of keys for giveaways to dodgy, often fake, influencers," the fraudulent purchases "stopped completely."

"In the end, contacting G2A is treating a symptom of people stealing keys," he says. "The best way to combat that is to cut it at the source.

Steeve, 11 months ago

Sounds like G2A has tried to be accommodating and the overall dev response was just refusing to work with them entirely

dog, 11 months ago

Ain't as simple as "just disable them". G2A acquires keys through buy-one-get-two deals, using stolen credit cards, money laundering, stolen keys (mass mailing the devs for "preview" keys, which they then flip on G2A) etc.

So there's no way to know the origin of keys in G2A. By the time you know it's stolen keys, they've been sold out, and G2A has a notorious history of not giving a fuck about the situation.

You could just arbitrarily disable all keys, but you'd affect >90% legitimate customers.

actsukrit, 11 months ago

No that’s not the issue. That’s not why they’re saying pirate the game. The issue is they’re also getting hit by chargeback fees from those fraudulent sales.

See this comment

NightOwl, 11 months ago

What is the reason some don't sell their games only through Steam, GOG, Itch, Ubisoft, Origin, or Epic instead of generating keys? Seems like that way games purchased would at least be tied to accounts or rely on gifting to people within their region.

megahbite, 11 months ago

What G2A is selling is usually Steam keys. They’re not always stolen through credit card fraud but also through pretending to be game media for review copies.

Tatiana, 11 months ago

also a way to cash out on giftcard scams