It seems that you're using an outdated browser. Some things may not work as they should (or don't work at all).
We suggest you upgrade newer and better browser like: Chrome, Firefox, Internet Explorer or Opera

×
Community
General discussionStore Your Card For Later Use(230 posts)(230 posts)
(230 posts)
Pages:
1
5
9
10
11
12
13
16
This is my favourite topic
Posted March 17, 2016
You can now store your card for later use.

When making any purchase with a credit or debit card, you can now select the option to save your card for later use.



If your payment is successful, that card will be remembered for later use. You'll be able to select it during your next checkout without retyping the info every time. Simple, straightforward, and probably very familiar.


We're taking advantage of tried and tested industry-standard solutions used across the world today. Among other things, this means your entered payment data isn't actually kept anywhere on GOG.com. Once your bank approves the purchase, your entered card number is replaced with a unique, encrypted token that can be used only by us to process your future payments, and which cannot be reverse engineered to resolve your card number and data. From time to time, we'll also ask you to verify your information based on a number of security factors, like if you haven't used that card in a long time.

While it's not required, we also strongly recommend enabling Two-Step Login before saving your payment details.

Keep in mind that you can easily remove your saved payment method through the My Account / Orders section. We'll also automatically invalidate all payment tokens for any account that hasn't been used in a long time.


We hope the feature turns out to be particularly useful soon, when you may just feel compelled to click really, really fast.
Posted March 17, 2016
Thanks for keeping things optional, GOG.
Posted March 17, 2016
Guys, guys! The secret to credit card security is keeping it maxed out!
Posted March 17, 2016
low rated
Nothing is fool proof.
Posted March 17, 2016
avatar
Lostinablock: I don't see a problem with it as long as:
1. It is optional.
2. That box stays off by default.
3. No shenanigans to trick people to click that box.
This.

I think this is useful for people who can use virtual accounts that a physical limit to how much money can be drained (and doesn't link back to the owner of the card) but also desperately want a game now, accessing purchase option that is already pre-approved (is that how it works?). I would prefer store credit instead, that way no numbers involved whatsoever and I would never add more money that I'm willing to lose anyway.
Posted March 17, 2016
high rated
avatar
BKGaming: Just because you believe it's more of a risk doesn't make it a fact either. I think you better look at what a "fact" is. Providing data to other instances (ie hashed passwords) of hacking or credit card theft that have nothing do with this token based system is not a fact about the risk factor of this system which is not the same. So unless you can provide data where this same token based system was compromised and it lead to major issues. What your saying is not fact, it's mere speculation on your part.
avatar
Martek: Storing something in some fashion results in a higher risk of it being able to be "taken" than if it isn't stored at all.

Simple logic. Fact.
A semblance of knowledge is more dangerous than an admission of ignorance. You're mistaken about how the communication between Gog and the CC company happens.

What you're not getting is that CC companies have placed a validation on their end. Suppose a hacker somehow gets a hold of the GOGtoken. That hacker tries to use it to purchase something or transfer your money to themselves. Now Visa/Mastercard checks: is the transaction coming from GOG's IP? Is the destination GOG's account? Unless both answers are "YES" the transaction is downright rejected. No matter how deeply compromised you assume Gog had been, there's nothing the hackers could do to fool the validation that happens at the CC company.

Now theoretically, a hacker could use your card to send your money to GOG. Hell if I know why they would do that, because it wouldn't benefit them at all.

Or, GOG could in theory abuse your token to make a payment you never intended them to do. It is possible. But if you feel them to be that "evil" I wonder how you'd think you'd be more secure by entering your CC info every single time, because they would be able to abuse that just the same.
Posted March 17, 2016
high rated
avatar
mistermumbles: Thanks, but no thanks, GOG. I like to not have my CC info stored in any form or shape.
But... GOG isn't storing it!

They're going to store ANOTHER number that can't be used to discover your real card number and is going to be a validation between them and the CC Company.

Now of course there is someone out there storing your credit card info. It's either Visa, Mastercard, American Express... etc. I suppose you'll have to let them store your actual number tho because you can't have a credit card otherwise.
Post edited March 17, 2016 by joppo
Posted March 17, 2016
avatar
Gilozard: [..] But feeling betrayed and upset and like GOG sold out because of them...
Personally, I'm generally satisfied with the direction the things are going regarding GOG: website/ account security has gotten to another level recently (which is the most important for me given the recent problems), a lot of good games are getting released plus the occasional surprise (although I would love more classic games too), support (at least in my case) proved helpful, EDIT, a new feature called InDev that maybe don't appeal to me however lots of folks seem to like it plus it serves as a nice indication that a specific game will be released here "when it is ready".

Of course there are many things that could get improved plus some other "grey" things that it's better not to mention (regional pricing for example or the fact that some features should have been worked out before they started Galaxy) but generally I feel GOG is on the right track right now. Let's see what they can achieve in one year from now!
Post edited March 17, 2016 by Vythonaut
Posted March 17, 2016
Hmm...

"We hope the feature turns out to be particularly useful soon, when you may just feel compelled to click really, really fast."

I really hope not sale is so anal that PayPall won't be fast enough for you. :-\
Posted March 17, 2016
avatar
Johny.: Believe me - it's safe as f***. :)
Why was this not in the news post?? "... From time to time, we'll also ask you to verify your information based on a number of security factors, like if you haven't used that card in a long time. Believe us -- it's Safe As Fuck™!" Seriously, that has a ring to it. :)
Posted March 17, 2016
low rated
...hahaha...HAHAHAHAHA!!

No thanks. I prefer not to store my information. A little bit of security goes a long way. I'd rather take the time each time to enter my information in instead of having it easily usable and open to stealing. This is going to make attacks on the site happen quite often now because of what is now at stake.
Posted March 17, 2016
avatar
Arinielle: This is going to make attacks on the site happen quite often now because of what is now at stake.
You mean buying stuff on GOG? Because there's no stored CC number, and the token cannot be used to buy stuff in other stores.
But yes, fraudulently buying GOG games does seem to be on the rise.
Post edited March 17, 2016 by JMich
Posted March 17, 2016
avatar
Kristian: WOW...I just (accidentaly.. since I didn't expect it to work) bought Dying Light using my card, what gives? This is the first time in like a year or two that has worked.
LOL, you couldn't have chosen a less expensive game to "test" with? :D
Posted March 17, 2016
avatar
Johny.: Believe me - it's safe as f***. :)
avatar
HunchBluntley: Why was this not in the news post?? "... From time to time, we'll also ask you to verify your information based on a number of security factors, like if you haven't used that card in a long time. Believe us -- it's Safe As Fuck™!" Seriously, that has a ring to it. :)
Because - believe me - it's politically incorrect! :P
Posted March 17, 2016
avatar
budejovice: YOU made me learn my card number gog. And I'll wager my encryption is better. :)
...at least until the hackers figure out how to GET INTO YOUR BRAIN!!!!!
Posted March 17, 2016
About damn time.
Post edited March 17, 2016 by Necronaut
Pages:
1
5
9
10
11
12
13
16
This is my favourite topic
Community
General discussionStore Your Card For Later Use(230 posts)(230 posts)
(230 posts)