Many of those codes are readily available via legitimate means - indie games often get published in bundles and the codes get resold, GPU makers and developers often do giveaways with free game keys, etc. There are many cases in which the keys are obtained in perfectly legitimate ways.

I mean, it seems like they are removing games purchased fraudulently, Steam notifies you when one of your games is removed for this reason, yet despite many G2A purchases I'm yet to have a game removed, is there any evidence that this is actually as rampant as is claimed?

Reselling keys from bundles is also a problem. I don't have a link handy but I was reading just the other day some indie developer complaining that they're seeing more keys from Humble Bundle being redeemed many months after the bundle that had them than actual sales on Steam, and they claimed G2A was the cause (being a means by which people could sell their old bundle keys that they didn't want).

More specifically, they said this practice serves as a very strong discouragement from indie games ever participating in bundles again, because the bundle economics depend on many (most?) of the keys either not being redeemed, or being redeemed by people who would otherwise not purchase the actual game. But when people who want the game are able, many months later, to pay a fraction of the price for a key sourced from a bundle, this really hurts sales for the game and makes the bundle a net negative instead of the positive it's supposed to be.

> this practice serves as a very strong discouragement from indie games ever participating in bundles again, because the bundle economics depend on many (most?) of the keys either not being redeemed

This isn't exactly a compelling argument in favor of having the bundles around.

What do you mean? Bundle terms usually forbid redeeming of the keys by anyone other than the bundle purchaser, but that generally can't actually be tracked (I know Humble Bundle always tells me that the steam keys should only ever be redeemed by me, but ultimately they're just keys with no technical means of enforcing that restriction). The fact that people are breaking these terms and selling the keys doesn't mean the concept of bundles is flawed. In the absence of marketplaces like G2A key reselling isn't a big deal because you really need the marketplace to find someone else who's willing to pay for it.

The fact that people are breaking the terms of sale doesn't necessarily mean the concept of bundles is flawed. The fact that the economic viability of bundles depends on the bundled products being purchased almost exclusively by people who don't want them does indicate that the concept is flawed.

I'm not talking about like "buy Awesome FPS 2, get Awesome FPS 1 in a bundle for $1 more", I'm talking about bundles that collect a bunch of disparate games. People buy these bundles because they only want a few of the games. And then companies like Humble Bundle sell bundles where you don't even know what they contain until you buy them, so it's entirely possible to buy a bundle where you end up not playing any of the games in the bundle.

Not at all, I have bought a few bundles, I've no interest in playing all the games, just a subset of them.

That subset is going to be different for most purchasers.

Bundle operators and game developers engage with consumers on the grounds that the keys won't be resold individually. However, they have no way to control this. So they make reseller/G2A responsible for complying with terms of an unenforceable honor code. Seems a little arbitrary to me. It's akin to a grocery asking you not to sell eggs individually from a carton you just bought from them. (How are they gonna enforce it?... And as a consumer, are you even OK with not having full control over what is now your property?)

I think this is a problem with the business model, rather than the problem with "unethical" resellers. So you either give up on the business model, as many game devs are doing, or you find ways to enforce it. Either start suing users who resell keys, or partner with the likes of Steam to create a system in which keys can't be activated individually.

There are surprising legal precedents on keys resale:

https://www.gamesindustry.biz/articles/2013-10-09-digital-ri...

It seems that the situation is currently unclear (at least in certain parts of the world), but not obviously illegal.

The problem with resellers like G2A is there's no large legitimate source of keys to resell. They may not be responsible for stealing the keys / breaking terms of service on key sources themselves, but they are acting exactly like a fence for stolen goods, and they know the keys they're selling are almost certainly not legitimately allowed to be sold in this way.

If I bought that key in a bundle, I own it fair and square and I'll do what I want with it. If resellers are helping with that, I view that as a positive.

Except you don't. Every bundle I've been a part of says you can't resell the keys. That's kind of the whole point of the bundle; you're not expected to actively want to purchase every item in the bundle, but the value you get out of it is still worth more than you paid for it, and the developers of the software get to reach users that otherwise wouldn't have bought the game anyway, thus gaining a bit of money from those users and, hopefully, causing increased word-of-mouth sales, or for a multiplayer game causing the player numbers to go up and thus produce better network effects.

If you resell the keys, you're breaking the bundle's terms of service and actively harming the developers involved.

Imagine if they sent you each game on a separate CD and told you "but don't sell the ones you don't want", you'd think that was ridiculous, right?

That's exactly how stupid this idea is. I own the products I purchased, just because it's not a physical copy doesn't mean I have any less rights to it. I highly doubt their ToS would hold up, I consider it highly immoral to attempt to deny people the rights to sell or trade their own purchases.

> just because it's not a physical copy doesn't mean I have any less rights to it

It actually does.

It seems odd that there's no way to track this, seems a trivial thing for steam to add.

Even something as simple as a checksum of the game key needing to match the last digit of your steam id would solve the problem, and would be trivial for humble/steam to implement. Every time someone requests a key from their bundle, the bundler just had to find a remaining key that matches.

Edit: I originally speculated that perhaps it wasn't in Steam's interest to support this, but thinking about it, they're losing their cut of these dodgy sales.

For a short while, you could only redeem games on steam by linking your account with Humble Bundle. They would redeem the key with a server side API. This didn't last long, though, and they reverted back to just giving you the keys manually.

> Reselling keys from bundles is also a problem. I don't have a link handy but I was reading just the other day some indie developer complaining that they're seeing more keys from Humble Bundle being redeemed many months after the bundle that had them than actual sales on Steam, and they claimed G2A was the cause (being a means by which people could sell their old bundle keys that they didn't want).

The thing is, there's no guarantee that that is the case. I still have unredeemed keys from (year) old bundles that I intend to redeem, I just haven't got around to it because there are more important things to do with my time.

The responsibility for that one lies solely on the developer deciding to put the game in a bundle. Indeed I'd say that was a bad decision on their part.

It's not supposed to be a bad decision. Bundle economics actually work¹ in the absence of key reselling. Bundle keys are not allowed to be resold by the terms of any bundle I've ever looked at, so it hardly seems fair to blame the developers when the users are the ones breaking the ToS, and marketplaces like G2A are actively soliciting this behavior.

¹For the most part. It's not always good for 100% of the people involved, but on the balance it's supposed to be a good deal for everyone.

So basically, bundle economics work if you ignore the existence of the market for those games.

Yeah, that sounds about right.

You would never cut a software developer slack for putting "no reverse engineering, no exploitation" in the ToS and then being surprised when vulnerabilities are discovered, business people need to consider basic stuff like this too. Markets for things exist outside of yours.

Additionally, I never even agreed to a ToS buying the early Humble Bundles at least and a hidden ToS is unenforceable at best.

A lot of those game bundles intentionally underpromote the bundles so that they get maybe 100 sales, then they resell the keys for higher margins with no cash going to the dev.

If a bundle company asks for 10000 keys and their bundles are clearly only selling 200 units each, their bundles are just a front for the real money. Legit operations return all unused keys. Dirty operations (the vast majority of bundles) will block your emails the minute you mention returning keys.

Why do devs do business with a huge number of fly by night minor bundlers with no reputation?

Because a lot of them have reputations for having released successful bundles in the past. That's precisely why you shouldn't trust them. :)

But unlike stealing the TV, if somebody stole a bunch of codes, isn't it the same as pirating the game? However the devs claim it's actually worse than pirating - it actually costs them more when codes are resold. Why? Where the additional cost is coming from?

If I use a stolen credit card to buy a code for your game, eventually there is likely to be a chargeback/refund processed when the credit card owner/company realizes that it was fraudulent. Chargebacks/refunds can sometimes be things that have real penalties associated with them and that can require time investment from you the developer to deal with.

Another, less concrete cost is that of incentivizing bad behavior. If I cannot sufficiently move a certain type of stolen goods, I'm less likely to attempt to steal that type of good again in the future. However, if people choose to pirate a game instead, the bad actor is not rewarded and might realize that he can no longer move that type of product.

Yeah true but the problem with chargeback happens regardless of whether somebody bought the codes or not - unless they bought the codes with stolen credit card, and then the store selling it, not the developer, gets the chargeback. So I don't think this scenario applies here. Developers usually have publishers to deal with things like credit card charges.

But paying the people who steal the cards can only encourage them.

Aside from the cost of credit card charge backs, consider that these are (mostly) customers who think they are buying the game legitimately and just getting a good deal. That money is going straight to g2a instead of the devs/publishers.

Maybe a customer wouldn't buy the game at the full price, but since they're not pirating from the get-go, that shows they are a customer willing to spend money. Maybe they wouldn't buy the same game or as many games, but it's possible they'd still be spending some money on games through legal (but more expensive) means if they knew g2a was just piracy with more steps.

Probably because banks will do chargebacks for those stolen credit card purchases and developers will have to deal with that.

Many years ago I experienced something like that with Paypal where someone bought a license for my software and then immediately made a chargeback claim. And on Paypal unless it is a physical delivery with a tracking number, buyer always wins. I lost some time while communicating with Paypal about the chargeback.

I thought the reason platforms such as Steam collect an outrageous cut of 30% is in at least covering the costs of this fraud, which is in any case still a tiny fraction of that percentage.

Steam itselt dont sell keys to end users at all and ability to sell gifts is really limited. Though game developers / publishers can generate any reasonable amount of Steam keys for free and sell them outside of Steam where Steam itself get absolutely nothing.

This is where most of fraud take place and game developers lose a lot of money on it.

Another unmentioned cost to the developer is the support costs of dealing with someone who believed oneself to be a legitimate customer by obtaining and using a "legit" code previously obtained through not-so-"legit" means. With traditional piracy, the pirates know full well that they're on their own and can expect close to zero support (and in fact outright hostility) from both the original developer and the broader community.

In addition to the points about chargebacks, there's the additive factor of validating purchases on G2A. Consumer A has a successful purchase on G2A, which results in a transaction where they paid money and got a product. They had a positive experience (getting a game for cheaper than what they would pay for it elsewhere), which causes Consumer A to talk to potential consumers n both about a place where they can get the game for cheap, and to disparate the developer for charging so much when someone else will sell it for cheaper.

It damages their brand (vs. piracy, which unless you're using invasive DRM is net neutral at worst, and positive at best), generates negative sales additively (vs. net neutral to positive sales based on word of mouth advertising), and drains the development house's emotional and fiscal capital as they deal with the fallout.

> They had a positive experience (getting a game for cheaper than what they would pay for it elsewhere), which causes Consumer A to talk to potential consumers n both about a place where they can get the game for cheap, and to disparate the developer for charging so much when someone else will sell it for cheaper.

I don't exactly see how this is worse than piracy. isn't it basically the same as "Customer A gets a game for free of {torrent site}. they tell all their friends about {torrent site} and their favorite bittorrent client."? the only way it's different is if most consumers have some moral objection to torrents. in my experience, very few people who work outside of software (or other IP-based industries) really care. they only pay if it's less trouble than torrents.

The argument that I find most persuasive, and that as a fellow game developer resonates with me the most, is that marketplaces like G2A that traffic in stolen goods erodes the perception of value for games. Why would a consumer pay full price for your $25 indie game when they can purchase it for half that on launch day? At best G2A and its partners are exploiting an arbitrage opportunity around regional pricing. More likely and I suspect most often, they are front for money laundering operations that exploit credit card fraud victims, developers, and game enthusiasts who might have their keys revoked.

The chargeback thing, plus most games are fiddly and complicated to pirate these days. (And many multiplayer games can't be pirated at all if you want to play online.) IMO, the #1 reason for the decline of PC game piracy is that Steam makes it so much easier to just buy the game.

But buying a G2A code is almost as easy as buying from Steam. And a lot of people who wouldn't pirate for ethical reasons don't realize it's not legit. So G2A turns loses you sales from people who would otherwise have bought the game legitimately.

I'm sure there is at least some time costs dealing with fraud claims or chargebacks from their payment processor.