DeMignon: There was another payment issue today, see here:
http://www.gog.com/forum/general/failed_payment_via_paysafecard_got_charged_no_games Maybe it's a more general problem, but if so, I'm sure GOG staff is giving their best to solve it.
If you consider how many layers the system has to use, and how many of them could go wrong...
GoG/Site side: Separation of the PHP website and the Database that holds all the information. This includes plenty of issues, like how to handle cookies, sessions, javascript...
Payment system: Gog transfers you to another site to finish your transaction. Well i've used paypal, so i know a bit of their payment system. If all goes well, Paypal sends a receipt to GoG which includes some personal information of yours, as well as how much was sent, code numbers, etc. The transaction number is likely most important along with amount transferred. If that fails to get there (
TCP/IP isn't infallible, but it is pretty good).
Paypal: Paypal balance is it's internal management of funds and probably the simplest to handle. However if you don't have the funds, it has to contact a credit card, bank, or other source and do a credit transaction. If there's sufficient delay or refused funds, then that's it's own bit. Don't forget Paypal and other sites also have their own site/database separation as well...
SSL: At any point SSL is probably involved sharing public keys as a outside 'trusted' source. Failing to transfer keys or respond can kill any one of the previously mentioned steps.
If you look at it that way, there's probably a minimum of 7 layers that all have to complete successfully for the system to work. Could be much higher depending on how much background stuff and verification is being done, or other technologies used.
However as long as they can confirm they got money, duplicates can be refunded easily enough... and adjusting a few entries in the DB is all it takes to enable your games, so it's just a matter of filtering through the data...
