joppo: Opinions and criticism are welcome.
Lin545: Hm, what about implementing two modes:
- active mode
- passive mode
...
This is a decent suggestion at first, but the devil is in the details. The one thing I am not convinced is a good idea — at least from this description — is the buying limit in passive mode. At first I could see it being used as a limitation to the GogWallet™ , but not to credit cards/paypal. But then again, the
very amount you have put in your wallet is a buying limitation, so in this scenario the restriction is completely useless.
But why not put that limitation to the credit cards too? Because it would be very annoying for the individual average user.
Please allow me to explain. First when we're setting the limit we need to make a
decent guess. Psychologic studies (
citation needed, but bear with me) show that we (humans in a broad sense) are terrible at that. That's problem number one.
Now, if the guess is going to be off the mark what side would we err for? Since it's about money everybody is going to
underguess; the focus is to control damage in case of a hacker break-in after all. This leads to the second problem: the regular user will be constantly pestered by this feature because their guess was too low.
There would be another factor leading to the system constantly harassing us: as far as I can tell, most users have irregular shopping habits, i.e. they spend a little now and then, and suddenly a better sale comes up and they have a reason to make a big purchase. When setting the limit they would be thinking of the lower-spending weeks (which certainly are by far more frequent than the high-expenditure times). Which would obviously trigger the limit every time a decent sale comes up.
So we would have the system constantly harassing us for going above our own thresholds. This would cause lots of annoyed users to go to the other extreme: set a limit of one billion dollars or something like that. That would be the problem number three: people defeating the system's purpose for the sake of restoring their convenience. Whenever there's a clash between security and convenience we might put up with an inconvenience for short time, but we tend to choose convenience in the long run unless the inconvenience is too trivial for a decent improvement in security.
Also, there's another problem with this proposal. It clashes with GOG's own goals. Simply put, the more hoops we have to jump through to spend our money here the worse it is for them. They're not going to implement your suggestion unless there's no other alternative.