The recent resignation of Alibaba’s CEO due to insufficient fraud controls put the management of every online market on notice. An increase in electronic ticketing and online ticket purchases, paired with more advanced online fraudsters, puts the ticket industry in a more precarious situation than ever before. Tactics for new fraud prevention is now a mounting concern for brokers and networks alike.
While today’s ticket fraud can significantly impact networks through damage to their brands, customers engaging in fraudulent activity through stolen credit cards ultimately impact brokers as well. Preventative measures must be taken to avoid issues associated with fraudsters circumventing the system and engaging in fraudulent activity — which has potential to negatively affect the tickets industry from multiple perspectives.
So how is fraud prevention changing within the ticket industry? Let’s take a look at three primary sectors: events, movies and transportation.
Event Ticketing and Fraud
Not too long ago, one of the biggest issues in the ticket industry was scalpers hand-delivering tickets. As technology advances, however, online ticket fraud will continue to become a larger problem. The industry has already seen a fundamental shift, primarily with the introduction of paperless tickets. Tickets have transitioned to a true digital good.
Event ticketing deals with two primary fraud-related scenarios today:
1. Networks are trying to protect themselves from those who attempt to collect tickets from stolen or even valid credit cards. With fraudsters purchasing bulk tickets, it causes other customers to be denied access to events and/or best seating options. These networks still get paid no matter how their tickets sell, however, with it actually being in their best interest to quickly sell inventory. This can backfire, though. If the average consumer can’t buy tickets directly from them it can ultimately damage their reputation and brand and willingness for prospective customers to frequent their site in the future.
2. More brokers are turning to automated bots, or software applications that run automated tasks over the Internet, to book out tickets for large-scale concerts today. This prohibits the general public access to tickets. Smaller brokers, greatly impacted financially by chargebacks associated with some of these fraudulent transactions, are more often turning to networks like TND. With brokers acting as middlemen, maintaining loyalties to both consumers and networks, they must consider how fraudulent activities will impact all relationships.
Transportation Ticketing and Fraud
Transportation ticketing – trains, air travel and busses – is another industry that encounters an immense amount of fraud situations on a daily basis. In many countries, boarding a train does not even require a photo ID. Because of this, it can encourage thieves and fraudsters to participate in illegal activities such as trafficking. In this case, anybody can claim to be anybody.
Airline companies are also evolving, as many are now offering mobile tickets. A traveler can simply scan their mobile phone at a kiosk or desk, as an alternative to waiting in line to acquire their ticket. While arguably the use of mobile does provide opportunities for making a transaction potentially more secure, it also opens a Pandora’s Box in terms of security and privacy that are not yet well understood.
Movie Ticketing and Fraud
Companies that specialize in movie tickets have also recently reported increasing amounts of fraud, namely with fraudsters who purchase and resell their tickets and movie gift certificates.
These companies typically see two types of recurring fraud: in one instance, they see chargebacks due to fraudsters using stolen credit cards to purchase tickets and then seeking cash refunds at movie theatres. The other fraud scenario usually involves fraudsters using stolen credit cards to purchase items like movie gift certificates. The fraudsters then go onto eBay or Craigslist and sell them at a discount.
So What Can Networks and Brokers Do to Combat Fraud?
To prevent online ticket fraud, companies should be leveraging solutions that can identify the origin of a transaction (particularly through device identification as opposed to personally identifiable information), establish real-time screening, as well as support dynamic business requirements. Integrating multi-faceted solutions like this will assist both networks and brokers in combating even the savviest fraudsters out there.
Networks need to ensure quality of service as well as fair access to inventory. Controlling abuse of automated attempts at mass ticket purchase can be a hurdle, unless they’re equipped with the right fraud prevention technology. While many companies try to identify recurring fraudsters (who are looking to profit from buying tickets in bulk and reselling them) through their IP address, this approach is outdated with today’s fraudsters who use botnets to hide their true IP address. Cookies and Flash can be deleted or suppressed, so a solution is required that can bypass the hidden proxy’s IP address and detect the true IP proxy address — thus revealing where that computer is really located. For more sophisticated attacks that use scripts to randomize browser attributes and automatically solve visual word puzzles, look for technology that can perform intelligent device matching using both browser and packet attributes.
Brokers, like online merchants (or any digital good), need a system that in real-time can identify fraudulent activity. Manual review is outdated and time-consuming. Being able to instantly score the likelihood of something being a fraudulent transaction is something brokers need to consider as fraudsters become more advanced. It ultimately comes down to reducing chargebacks. Unlike coordinated attacks aimed at Networks that largely use valid but aggregated credit card lists, brokers will be challenged with determining a good customer from a stolen identity. The most effective technology to do this is by using computer information in the transaction. Many payment gateways and fraud prevention solutions include Device Fingerprinting as standard.
Alisdair Faulkner heads products and services for ThreatMetrix and is a noted industry expert in issues relating to online fraud, device identification, cybercrime, identity theft, information security and networking technology. He is also a frequent industry speaker appearing before such industry forums as the Anti-Phishing Working Group,CyberSource Payment Summit and Experian Vision Conference.