BankThink

Digital Game Vendor Refuses to Store Payment Data

After multiple prominent online video game services disclosed payment-data breaches this year, one game vendor decided to commit to never storing that data in the first place.

GOG Ltd., which runs a computer-game site that specializes in selling "Good Old Games" rather than new releases, polled its customers to determine whether it should start storing payment data to speed up its website's checkout process, Ars Technica reported Monday. Eighty-five percent of respondents said they do not mind entering their payment details each time they visit the site. Sixty-eight percent said they did not want even the option to store such data with the site.

"You can't steal data that we don't have, after all," Trevor Longino, GOG's head of marketing, told Ars Technica.

In requiring that users enter their card details each time, GOG makes its checkout process more tedious than that of its rivals, and thus likely has to "eat a few lost sales" by customers who abandon their online shopping carts, the article said.

Last month, another online computer-game vendor, Valve Corp., disclosed that encrypted payment details and other user data were exposed in a breach of its online gaming storefront, Steam. In April, Sony Corp. reported that its PlayStation Network, the online gaming service and digital media store tied to its popular PlayStation 3 video-game console, suffered a breach.

Valve has 35 million users enrolled with Steam. Sony had 77 million users signed up for PSN at the time of its breach, though just 12 million cards were affected since many users do not pay money to use Sony's service.

For reprint and licensing requests for this article, click here.
MORE FROM AMERICAN BANKER