Recent figures released in the UK shine a light on the extent of ticketing fraud taking place in the industry. According to London Police, sales of counterfeit and non-existent tickets cost Britons £5.3m in the 12 months leading up to October 2015. Assuming this is typical globally, and there is no reason to suppose otherwise, it is a frightening statistic that risks undermining overall confidence in online ticket sales.
Further to this, the number does not include the number of real tickets sold by ticketing companies that were purchased with stolen credentials, nor the tickets bought by unscrupulous secondary sellers using bots and other techniques to game the system.
Ticketing companies therefore need to take every precaution and technological advance to fight back against the clear lead that fraudsters have established. Through our work in the ticketing industry and analysis via our graph networks, we have seen and been able to visualise a number of key trends in ticketing fraud and what to do to fight back.
Scalpers and Touts
Profile: usually use bots and other techniques. They are on the hunt for high-demand tickets for re-sale. These are a scourge of both the promoter, the artist and the public.
Giveaway: multiple accounts and credit cards across a limited number of devices but no chargebacks.
Ravelin advice: use graph visualisation to clearly identify these actors. It is then a policy choice about what to do as they aren’t necessarily doing anything illegal (although that is changing) but might be acting against ‘fair use’ terms of service.
Profile: using stolen card details, they like to buy (read: steal) multiples of easily resellable or transferable tickets, e.g. cinema or theme park passes. They will also attempt one-off purchases of high-value tickets for re-sale.
Giveaway: multiple inactive accounts with no payment methods attached, multiple chargebacks on connected accounts and/or multiple phone numbers that are usually disposable.
Ravelin Advice: every confirmed chargeback that comes into the business should uncover dozens and sometimes hundreds of inactive or dormant connected accounts. Ravelin sniffs out connections via shared devices, phone numbers, email addresses, and card numbers so you can see connected accounts instantly. These accounts should be blocked from making further purchases without giving this information to the fraudster.
Our graph network, based on a single actor, has picked up 247 connected card numbers, 33 connected chargebacks, 53 connected phone numbers and 163 connected emails accounts. This network could cripple a ticketing company if unchecked - read more about this here.
Profile: these guys are out for a good time on someone else’s dime. They are often looking for luxury experiences and will even defraud multiple companies in one night to get it. This means tickets for the game, same day hotel, limitless taxi-rides and take-out food delivered to the hotel - all on stolen card details.
Giveaway: higher than normal transaction value, newly created account, multiple payment attempts, suspicious email address, disposable phone number.
Ravelin Advice: this is where machine learning can pick up any anomalies in a new purchaser compared to your usual buyer. You’ve spent a lot to secure the right to sell these tickets, so you need to be sure that that you are selling to a legitimate card-holder without ruining the customer experience in so doing.
We don’t believe the picture needs to be bleak for ticketing companies. While it is certainly true that precautions need to be taken and vigilance kept high, using a smarter approach can balance the scales back towards the merchant.
Nor is trying to deal with fraud order-by-order in the hope of getting it right every time. Analysis of your existing data using the right tools is the fastest way to expose and eliminate a great deal of your risk exposure. Therefore, for ticketing companies it is essential to be able to manage fraud attacks at the front door with a tool that can scale, adapt to new types of attacks and that can act faster than the bots to keep your business secure and your customers happy.