G2A is a site where people sell game keys. You've probably heard of it thanks to YouTubers/streamers who cut juicy sponsorship deals to promote it. However, the site's also received widespread criticism for lax security, fraud, and making money at developers' expense. G2A recently tried to hold an AMA. It did not go well.
People lobbed every question they could think of at G2A, and they didn't skimp on the hostilities. Questions asked included, "Are you or are not not aware of how much harm you've done to the gaming industry?", "If G2A is a legitimate company with legitimate keys and resellers, why can't you offer buyer protection for free to your customers?", and my personal favourite, "Which one of you thought that an AMA would go well on reddit, where so many people hate you?" G2A's answers got downvoted so far that they had to tell users to change comment sorting in order to see them.
G2A tried to argue that developers don't get hurt by their practices, and they have a strict verification process in place to maintain that. "Let's clear that up. If the key is on G2A, that means that it came from the developer, which means they have already been paid," G2A wrote. "If you want to buy that game on our marketplace, they won't receive any additional money out of that (actually they could with G2A Direct, but let's [not] go into that here)."
They also said they take the possibility of stolen keys (ones that are, for instance, purchased with stolen credit cards, after which developers get hit with charge-backs) very seriously.
"We have special departments in G2A (over 100 people) dedicated to protecting our marketplace," G2A wrote. "We can't disclose exactly how we search for these shady people, or what triggers our suspicions, because that would be giving them a possible roadmap as to how to try and get away with something. The problem is that sometimes the issue (unfortunately) starts on the developers' own site, which can sometimes lack security. And in those situations, if the developer is not willing to work with us it gets a little complicated. In some situations, if a key was not reported to us as stolen and we weren't told it was blacklisted or shown any proof, then there is little we can do."
One user, however, went after G2A for that comment, seemingly contradicting G2A's claims of difficult-to-bypass security entirely. They pointed out that getting a key verified isn't difficult at all, and if you've done it before, you're set indefinitely, meaning you could easily sell a few legit keys, then switch to selling non-legit ones. On top of that, keys seem to go up for sale immediately. G2A countered that the verification process happens behind the curtain, because they want it to be convenient.
The user, however, then shared a screen of a key getting purchased almost immediately after it went up, before it received "verified" status. They then added a fake listing, which quickly passed the verification process, to drive the point home. Instead of saying, "Oh shit, we should really patch up those holes," like a reasonable service might, G2A responded by tracking down the user's account and subjecting them to "stricter verification procedures."
What does this mean in practice? According to the user, "They blocked my ability to buy anything on G2A, basically when trying to purchase anything with my G2A wallet I receive 'Transaction failed, user blocked' and they also blocked my ability to pay out my money, basically they just stole all the money I have in my G2A wallet."
Needless to say, other folks participating in the AMA didn't love that. If you want to check out the full AMA, that's here. Suffice it to say, G2A's responses to concerns over illegitimate aspects of their business aren't super convincing. We've heard about (and reported on) all sorts of fishiness wafting from G2A's general direction, so probably steer clear for now.