Every site I use, from Steam, Amazon and sometimes even small indy devs, they let you save your credit card so when you buy things it is just one or 2 clicks. But for some reason GoG makes me enter everything in every time.

Why not allow this? They can even make me reenter the security code every time if they are really worried about safety. It just seems like a hassle to have to re-enter my info every time I want to buy something....especially since there are many other places to buy games easier.

Because should passwords be brute force cracked (which can happen), the site gets hacked, or you accidentally leave your browser open at work with GoG logged in, it's always good to have your credit card information within easy reach so someone can write it down and use it for their own personal gain while leaving the owner of the card in potential life-long debt or just lacking the chance to eat the 100 pizzas and 6 Alien ware computers that were ordered using the card...

Plus porn, gotta buy porn...

edit: Wow! Totally coincidental topic popup! https://www.gog.com/forum/general/steam_accounts_getting_hacked

Well.. yeah. For the security of customer them selves. It is comfortable to buy something without enter CC details anymore (because it is saved), but once the account hijacked, the customer also in risk of CC stealing case. Instead, GOG make customer enter CC details every time to make it safer for the customer themselves just in case a hijacking is occur (and it has occurred in GOG).

It is a tradeoff between "security" and "comfortability"... and it seems GOG take the approach of security.

This site doesn't even have two factor auth, saving CC Details would be a disastrous thing.

They need to prove themselves capable of securing their own property first before taking people's financial info.

Unless your buying 100s oc games a week why should it matter, 20 or so button presses I what you want to save, whilst letting someone else hold your financial information. Up to you, but I think that is daft, why not just post the information here, I will type it in if your that lazy.

I'd be surprised if any of those sites that save your CC info actually *show* your CC info fully after doing so to be honest. The common thing is to only show the last 3 letters of your CC. Which means at best you can make purchases on their account.

The main risk of it being saved (which you also mentioned) is the company being 'hacked' in some way.

Gog still doesn't have proper security feature and also few days ago some accounts started to get hacked. So I think its good thing that payment details don't get saved.
It will be implemented as soon as two factor verification gets implemented or security gets better.

True, actually i think it's 4 digits... But with the first 4 digits being pretty much fixed depending on who issued the card, that leaves a mere 8 digits in uncertainty... If you dislike entering your CC that much and won't use paypal (or something), i can write a quick script that will let you enter your credit card and appropriate information with a single hotkey... Which can also be enabled only on certain programs/pages so you don't accidentally activate it say in a public chat or something.

So... Interested? Of course if you don't want to install the script program that runs it (AHK in this case) then i can compile it as a program, but at that point i'd need personal information to compile it... Or have you enter it in a text file that it reads...

I thought the security code was never saved, as there's a 1:1000 chance of it getting guessed... and thankfully people can't choose the code, otherwise it would 75% of the time be 007... (There was a bank that did a 3 digit code and quit it when that happened :P)

Still... I suppose if you can't steal the credit card information, they could still buy games and either redeem it on another profile, or sell them via unscrupulous key selling sites....

Ummmm.....okay.

Keeping all info but the one on the back of the card should be safe, but how do steam and amazon not worry about saving the info? They do ask if you want to save it, so if you are at work or don't want to save it then it won't.

Personally for me entering it is a minor inconvenience. For many customers they might choose a competing site to buy from...and regardless of your stance on the security issues, GoG will lose sales, maybe for stupid reasons, but a sale is a sale no matter how dump of a reason.

And for those worried about hacks, my credit card company watches out for fraud and has issued many new cards when they even think someone may have got my info. Also most hackers will get sale data and not my saved data, so if GoG got hacked we'd all be screwed anyway...since GoG has a record of out purchase somewhere.

I don't think they should save CC info, but I do think they should allow you to buy store credit to use though in bulk. Puts most of the risk on GOG to keep there site secure but also isn't as much of a big deal as losing someone's CC number to a hacker.

Actually, because GOG doesn't store CC info, they don't store any actual record of the card number in the sale data, they just have record that you used a credit card and that it was approved. At best there is a transaction reference number somewhere that could lead back to your card issuer, but nothing that could be used to commit fraud. Even so, relying on your card issuer alone to protect you from fraud is stupid. They only catch fraud after it has already happened, which can be too late in cases that lead to full-on identity theft. Simple unauthorized transactions are only a tiny threat when it comes to fraud, the real threat is someone gaining enough access to ruin your credit before the fraud is caught. That cannot be corrected by simply re-issuing the compromised card. GOG's method proactively protects you from that kind of threat and should be the standard, not the exception.

With all due respect, does GOG want clients who are too lazy to enter a number and their name? :P

Oh wait, almost forgot about that expiration date part. That's some difficult shit! XD