• jayandp@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    9
    ·
    1 year ago

    They buy keys from the devs/publishers directly or legit wholesalers who are known to get the keys from the devs/publishers. Wholesalers themselves don’t popup on consumers’ radar since they only buy and sell in bulk.

    • xantoxis@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      Who do the wholesalers buy FROM, then? It seems clear that the dev, in this case, wants no part of this. Is the publisher enabling this crap?

      • OskarAxolotl@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        ·
        edit-2
        1 year ago

        Yes, only the publisher/developer can generate keys. That’s where all key sites get their keys from. You cannot obtain them through the Steam store. And that’s also why games that simply do not sell keys to wholesalers don’t have this issue. Just look at Factorio. They don’t do sales, they don’t do bundles, and they don’t sell keys. You can get it on key sites but only as a gift and for the same price it’s being listed on for on Steam.

      • jayandp@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        Wholesalers get them from the devs and publishers, like I said. But they’re not the key sites.

        Key Resell Sites, like G2A, don’t often get them from wholesalers. They operate like eBay. The sellers buy them from whatever legitimate source they can use their stolen credit card info at, and then they slap their essentially free key on the Resell Site for pure profit. Some sellers on sites like G2A might be legitimate, buying keys from wholesalers, but too often they aren’t. With a site system like that it’s near impossible to police for stolen goods, as there is no way to verify a key’s origin. Sites like Swappa, which facilitate selling mobile devices, can use things like a phone’s IMEI to check if it’s marked stolen or not. But Valve, for example, provides no way to check a key without redeeming it, and hence there’s also no mechanism for anybody to report a stolen key short of telling the dev/publisher and having them revoke the key which has likely already been used by some unwitting consumer.