It seems that you're using an outdated browser. Some things may not work as they should (or don't work at all).
We suggest you upgrade newer and better browser like: Chrome, Firefox, Internet Explorer or Opera

×
Community
General discussionStore Your Card For Later Use(230 posts)(230 posts)
(230 posts)
Pages:
1
2
3
4
5
10
16
This is my favourite topic
Posted March 17, 2016
You can now store your card for later use.

When making any purchase with a credit or debit card, you can now select the option to save your card for later use.



If your payment is successful, that card will be remembered for later use. You'll be able to select it during your next checkout without retyping the info every time. Simple, straightforward, and probably very familiar.


We're taking advantage of tried and tested industry-standard solutions used across the world today. Among other things, this means your entered payment data isn't actually kept anywhere on GOG.com. Once your bank approves the purchase, your entered card number is replaced with a unique, encrypted token that can be used only by us to process your future payments, and which cannot be reverse engineered to resolve your card number and data. From time to time, we'll also ask you to verify your information based on a number of security factors, like if you haven't used that card in a long time.

While it's not required, we also strongly recommend enabling Two-Step Login before saving your payment details.

Keep in mind that you can easily remove your saved payment method through the My Account / Orders section. We'll also automatically invalidate all payment tokens for any account that hasn't been used in a long time.


We hope the feature turns out to be particularly useful soon, when you may just feel compelled to click really, really fast.
Posted March 17, 2016
Great, another security risk. Already have this rubbish on Paypall, in that you have to be very careful to check boxes to not store you card details, very annoying. If your that bothered about typing a few characters once in a while, just post your Credit card/Debit card details to this post, and we will enter them for you.

Edit, has anyone lost money on their hijacked accounts yet? I mean those accounts who can't use the new security features as they are broken for anyone security conscious enough to remove cookies all the time?
Post edited March 17, 2016 by nightcraw1er.488
Posted March 17, 2016
I use Paypal, so this doesn't affect me .
Posted March 17, 2016
avatar
haydenaurion: Uh thanks but no thanks, I prefer not to make it easier for hackers to steal my cash which is why I never save card info anywhere.
avatar
Gersen: Technically the card number is not saved, it's similar to the "payment agreement" (not sure 100% how it is called) you can do with Paypal.

Basically the first time you do it it tells your bank "I authorized Gog to make purchases using my credit card" and the bank send to Gog a unique token representing this transaction. After that the next time you make a purchase on Gog, instead of sending your credit card information for validation, Gog only send this token to the bank.

In the worse case scenario if Gog is compromised, the only thing hackers can obtain is this token; this token can only be used for purchase on Gog and normally only Gog can use it (it only works for a specific IP address, you need Gog's certificates, etc...)

In the end it's a lot safer than "recording" you Credit card number like it is done on Amazon or other similar shops. Some peoples say it's safer than entering your credit card number every time as you number is only type and transmitted once.
Yes, but then you are giving GOG free access to take money from you via PayPal whenever they want 24/7 with no questions asked ... Even if it's not to purchase a game. It's the same as giving somebody your debit card and PIN number. It can easily be abused and is unsafe. Hackers would love you for that too.
Post edited March 17, 2016 by Antoni_Fox
Posted March 17, 2016
high rated
Good thing it is optional, so people who want to use it can be happy and I still can go on not saving anything :D
Posted March 17, 2016
high rated
avatar
de_Monteynard: I seem to distinctly remember a bluetext saying that GOG will never implement such as system, as it would be too much of a security risk.
avatar
Johny.: Believe me - it's safe as f***. :)
considering how unsafe f***ing is, that is not saying alot....
Posted March 17, 2016
avatar
Antoni_Fox: Yes, but then you are giving GOG free access to take money from you whenever they want 24/7 ... Even if it's not to purchase a game. It's the same as giving somebody your debit card and PIN number. It can easily be abused and is unsafe.
Well it's the same as giving your card number to Paypal, Amazon, or any other online shop that record it; the only difference is that it's safer as your card number number is not actually recorded.
Posted March 17, 2016
high rated
avatar
de_Monteynard: I seem to distinctly remember a bluetext saying that GOG will never implement such as system, as it would be too much of a security risk.
avatar
Johny.: Believe me - it's safe as f***. :)
So you say it may be pretty risky at times? :P
Posted March 17, 2016
avatar
Celton88: Worry not my brothers, when sleep flees and funds deplete, our mighty savior will save us with an undying flame from within.

All praise to Keane!
When our saviour arrives we can finally rest and have Keane dreams
Posted March 17, 2016
avatar
Johny.: Believe me - it's safe as f***. :)
avatar
amok: considering how unsafe f***ing is, that is not saying alot....
Right?
Posted March 17, 2016
avatar
GOG.com: We hope the feature turns out to be particularly useful soon, when you may just feel compelled to click really, really fast.
Everything but limited quantity sales, please. *looks worried*
Posted March 17, 2016
avatar
Johny.: Believe me - it's safe as f***. :)
avatar
amok: considering how unsafe f***ing is, that is not saying alot....
Well, some f*** think f***ing is perfectly safe, and they are f*** to f*** as much as they want, that's perfectly f*** as far as I'm concerned.
Posted March 17, 2016
I'll just keep it safe and potentially miss out on that "amazing" sale that's being hinted.
Posted March 17, 2016
Based on the praise GOG has gotten for NOT storing this info in the past, I assumed there'd be more frustration in the comments. But I guess the fact that this is optional remains key, like with 2-Step security and (sort of) Galaxy.
Posted March 17, 2016
avatar
Smannesman: I'll just keep it safe and potentially miss out on that "amazing" sale that's being hinted.
submit, resistance is futile.
avatar
omega64: Don't worry, you'll be fine without sleep.
avatar
Celton88: Worry not my brothers, when sleep flees and funds deplete, our mighty savior will save us with an undying flame from within.

All praise to Keane!
Praise be, I shall have faith in Keane.
Post edited March 17, 2016 by omega64
Posted March 17, 2016
high rated
I'm generally one to never store card details on the site. Paypal is risk enough for me.

That said you've explained the token based system with the bank. I've heard of this before and the security behind the concept is good. Banks can revoke the token without revoking the card itself while the token can only be used by the store front it is associated with.

I'm glad you have this system for storing payment information, rather than the card data itself.

Reading through the posts however it seems a lot of people don't get it, don't understand and still think you are storing credit card info.

Maybe a diagram is the way to explain it. Maybe people are just not reading the post well enough.

Maybe because I've had the system described to me before that I'm more comfortable with the approach.
Pages:
1
2
3
4
5
10
16
This is my favourite topic
Community
General discussionStore Your Card For Later Use(230 posts)(230 posts)
(230 posts)