G2A has pledged to pay Factorio developer Wube Software nearly $40,000 for facilitating the sale of illegal game keys. G2A came under fire last year for allowing users to sell illegitimate keys. There are still Steam gifts of Factorio being sold on G2A, these are most likely 'legit', in that they were not purchased using stolen credit cards. The question is, where do these gifts come from? Obviously people would not be selling Factorio Steam gifts if it did not generate a profit. We have some ideas.

Share this article

Companies in this article

Online games marketplace G2A has reached a settlement with the first -- and so far only -- developer to take up its offer of paying ten times the chargeback fees for any illegally obtained game keys sold through its site.

Wube Software, the Czech-based indie behind management title Factorio, responded to G2A's offer back in July 2019.

The two companies have worked together on an internal audit and found that 198 of the 321 codes Wube queried were sold through G2A. According to the press release, 'both parties assumed that the remaining 123 illegitimate keys were sold via other marketplaces or online stores.'

The 321 keys were sold between March and June 2016.

GamesIndustry.biz understands from Wube that each order was approximately $20, putting the potential chargeback fees for the 321 keys at $6,420 -- slightly lower than the $6,600 Wube initially estimated last summer.

The tenfold settlement will be based on the 198 keys found to be sold through G2A, making for a final payment of $39,600 to Wube Software, which the company tells us it has received.

The offer of 10x chargebacks followed the latest series of accusations against G2A from developers, who take issue with their codes being sold via its marketplace.

The debate over the site was triggered by No More Robots founder Mike Rose, who claimed it was better for gamers to pirate titles than buy from G2A since 'devs don't see a penny either way.'

Vlambeer co-founder Rami Ismail agreed, adding: 'These sites cost us so much potential dev time in customer service, investigating fake key requests, figuring out credit card chargebacks, and more.'

As the discourse escalated into a petition to stop G2A from allowing the sale of indie games, the marketplace responded with its 10x chargeback offer in an attempt to address these concerns.

Wube reached out to the G2A Direct team last summer, encouraged by the promise of an independent auditor handling the case. However, what was a crucial promise from G2A at first became problematic.

Sound hijack. '[An independent auditor] was an important factor for us, because we wanted to have someone who was independent and can complete the audit to the satisfaction of both parties,' G2A CEO Bartosz Skwarczek tells GamesIndustry.biz. 'But at the end of the conversation with Wube, we decided that we could trust each other and we conducted this audit on our own.'

'I thought they probably wouldn't fake it, especially since it's still over half of the keys we sent. We are satisfied with the results'

Scott Klonan, Wube Software

Shortly after the original offer, PR boss Maceij Kuc told Polygon the firm hoped to work with the 'big four' -- PricewaterhouseCoopers, Ernst & Young, KMPG and Deloitte.

The two parties did negotiate with some auditors, but G2A claims the companies they spoke to would not allow them to publicly declare the results. GamesIndustry.biz has reached out to these firms and the National Audit Office to enquire whether this is a standard policy, but has yet to receive a response.

The inability to disclose the details of the audit pushed G2A and Wube to seek alternative options.

'If we could not say the result of the audit, it would be of no use to us,' a G2A spokesperson told us. 'So we talked to Wube about it, and they agreed it didn't make sense, so that's why we agreed to openly collaborate on an audit between ourselves. It was not only provided by us but also by them. We wanted to be as transparent as possible.'

Skwarczek emphasises that G2A was not aware of this limitation when it first offered an independent audit: 'Our feeling was that developers would like to have this great, independent, top of the industry auditor. We were trying to anticipate what they would want. On the other side, we're open to every solution. If they say we don't need an independent auditor, we're open to that dialogue.

'We didn't know we would have to choose between an auditor and doing it publicly, but I believe [the latter] is good. I believe in transparency, and we hope people appreciate that.'

The two parties did make headway with one auditor but after long conversations over the details, G2A reports this company later said it was not able to disclose the results either.

'At this point it had been over six months with no progress, and we did not really care about the whole process, so it was up to them to determine another way to fulfill their promise,' Wube's PR, community and support manager Scott Klonan tells us. 'They asked if an internal audit was okay, and I said 'Yes, sure.'

'They produced quite a detailed report of the keys, who sold them, what dates and times they were sold. I thought they probably wouldn't fake it, especially since it's still over half of the keys we sent. We are satisfied with the results.'

Overall, Skwarczek says the process is 'something I'm genuinely proud of.'

Mac os x leopard for pc. The findings still show that 61% of the illicit keys sold over the space of a couple of months were sold through G2A.

GamesIndustry.biz requested the total number of Factorio codes sold through the site to date, including those obtained legally, but G2A declined as it does not share individual games sales data.

During our interview, Skwarczek tried to present this in a broader data perspective.

'Data and facts massively confirmed what we were sure about -- that out of over 10 million transactions annually, we only have 198 [illegally obtained] keys sold through our site,' he says. 'That's like zero point zero zero zero something per cent. That's exactly what we wanted to prove, that this is a super safe and transparent platform.'

He adds that even Amazon and eBay -- marketplaces G2A has previously compared itself to -- have a similarly small number of issues like this, and that it's 'normal in every industry.'

However, he did not address the fact that more than half the illicit codes in this audit were sold through his site, nor is his calculation accurate without data on how many Factorio keys have been sold there in total.

'We didn't know we would have to choose between an auditor and doing it publicly, but I believe [the latter] is good'

Bartosz Skwarczek, G2A

Lack of response has frequently been an issue for G2A. To date, Factorio remains the only studio to challenge the firm's offer of 10x chargebacks, and when G2A suggested a potential keyblocker tool for developers, only 19 companies registered interest.

Klonan acknowledges Wube's role in how G2A sellers were able to obtain codes for Factorio. These codes were purchased through the game's official website, which was previously less secure than the likes of Steam or Itch.io, although did give Wube detailed records of purchases and chargebacks it could compare with G2A's audit.

The company also offers a free Steam key with website purchases, many of which are 'probably flipped on G2A', although as these are obtained legally it becomes harder to challenge these transactions.

Klonan notes that after Wube switched to using Humble's widget on its site and refraining from 'giving out tons of keys for giveaways to dodgy, often fake, influencers,' the fraudulent purchases 'stopped completely.'

'In the end, contacting G2A is treating a symptom of people stealing keys,' he says. 'The best way to combat that is to cut it at the source.

He adds: 'For us, if the offer was not 10x the chargeback, and had some precedence setting for the rest of the game developers, I don't think we would have reached out. The amount of time it takes and administrative dealings to get this refund, it's probably not worth the monetary compensation if it was not 10x.

'G2A was helpful and we got to the end after all, but I don't think many developers will be in the same situation as us.'

Time will tell whether the settlement has the positive impact on G2A's reputation that the marketplace hopes, or whether more developers will come forward in the hopes of a similar payment.

The 198 illegally obtained Factorio keys may be 'zero point zero zero zero something per cent' of the site's 10 million annual transactions, but so far the only concrete conclusion is that more than half of the codes queried from a four-month period in 2016 were in fact sold through G2A.

After years of controversy, gray-market game key marketplace G2A has admitted to what it has long been accused of by angry game developers: profiting from the sale of illegitimate download keys—at least in one specific instance.

In a blog post yesterday, G2A confirmed that 198 copies of Factorio sold on G2A in early 2016 were indeed obtained illegitimately. G2A says it will pay Factorio developer Wube 10 times the 'bank-initiated refund costs' it incurred for those fraudulent purchases, or roughly $40,000.

But the discovery and confirmation of the fraudulent keys in this one specific case come only after years of controversy and argument over the role of the marketplace.

A long history of alleged fraud

G2A allows its users to take game keys obtained from outside sources—such as bundles or third-party online stores—and resell them for a price they set themselves. But developers have long said that many of those games' keys come from purchases made on other platforms with stolen credit cards.

These users then allegedly use G2A to sell those keys for cash (usually at well below the going rate), effectively laundering the purchases before the illicit charges are discovered. While G2A pockets a portion of these illegitimate sales, the original developer is stuck paying for the credit card 'chargeback' fees associated with them.

The issue of stolen-key reselling started gaining prominence in the industry in 2016, when indie game developer TinyBuild said it had lost $450,000 in sales to fraudsters abetted by G2A. 'Websites like G2A are facilitating a fraud-fueled economy where key resellers are being hit with tons of stolen credit card transactions and these websites are now growing rapidly due to low pricing of game keys,' TinyBuild CEO Alex Nichiporchik wrote at the time.

G2A responded strongly, asking Tiny Build to provide 'the list of the keys they deemed without any verification as stolen.' But TinyBuild said it would take 'a ton of time on micromanaging this' to separate out all the illicit keys from legitimate keys purchased through bundles and giveaways. And Nichiporchik said he didn't trust G2A enough to work with them on the case anyway.

'Everybody knows their reputation,' he told Polygon in 2016. 'Why would anyone even consider giving them a list of keys to ‘verify’? I believe they'd just resell those keys and make more money off of it.' That reputation was a big part of the reason Gearbox ended its partnership with G2A in 2017.

If you can't afford or don't want to buy our games full-price, please pirate them rather than buying them from a key reseller. These sites cost us so much potential dev time in customer service, investigating fake key requests, figuring out credit card chargebacks, and more. https://t.co/25NWxrj8f8

— Rami Ismail (@tha_rami) June 30, 2019

Factorio Cheap Key

Vlambeer founder Rami Ismail summed up the general industry consensus around G2A in a 2019 tweet: 'If you can't afford or don't want to buy our games full-price, please pirate them rather than buying them from a key reseller,' he wrote. 'These sites cost us so much potential dev time in customer service, investigating fake key requests, figuring out credit card chargebacks, and more.'

Wube “satisfied with the results”

In the years since TinyBuild's accusation, G2A has offered a few potential solutions for developers to deal with alleged fraud problems. These include G2A Direct—a program that gives developers additional monitoring capabilities and a 10% cut of each sale—and G2A Pay—a retailer-controlled payment processor that offers 'chargeback protection.' But these solutions have gotten little traction with developers who still don't trust the site and are wary to work with it more closely (and offer it credibility) just to be protected from fraud.

So we come to last year, when G2A made a limited time offer that it said was '[putting] all cards on the table. We will pay developers 10 times the money they lost on chargebacks after their illegally obtained keys were sold on G2A. The idea is simple: developers just need to prove such a thing actually happened on their stores.'

Factorio developer Wube was the only company to take G2A up on that offer, the retailer said. And though G2A initially offered to pay the full costs for a 'reputable and independent auditing company' to conduct that investigation, it eventually decided to conduct the investigation itself after none of the auditors it approached 'would meet our agreed requirements.'

'Major auditors, as a matter of general policy, are unwilling to communicate the findings of their private audits in public,' G2A said in a statement to Kotaku. 'Clearly, it was imperative for both G2A and Wube to make the results of this investigation public. Therefore, in the interests of reaching a resolution as quickly as possible, we offered to conduct the investigation ourselves.'

Factorio Cd Key

Wube, for its part, told GamesIndustry.biz that it was happy with the process. 'They produced quite a detailed report of the keys, who sold them, what dates and times they were sold,' Wube PR, Community and Support Manager Scott Klonan told the site. 'I thought they probably wouldn't fake it, especially since it's still over half of the keys we sent. We are satisfied with the results.'

That said, Klonan said going through such a cumbersome audit process was only worth it because of the temporary ten-times multiplier G2A offered for such confirmed fraud last year. 'The amount of time it takes and administrative dealings to get this refund, it's probably not worth the monetary compensation if it was not 10x,' he said.

Wube also owned up to its own role in the fraudulent sales to GI.biz, saying that direct sales through its site in 2016 were less secure than those on other platforms. Since Wube switched to using the Humble Store widget for its direct sales and started restricting its once-prolific key giveaways, Klonan said fraudulent sales on G2A 'stopped completely.'

Factorio Steam

'In the end, contacting G2A is treating a symptom of people stealing keys,' he says. 'The best way to combat that is to cut it at the source.'