CAPTCHAs are over (in ticketing)

One option that I not see discussed in the blog post: Collecting user signals locally and using those access patterns (mouse movement, clicks, IP/site browsing history) to discriminate between "standard" site usage and bots; so like a "reCaptcha lite", not trained across many sites but trained specifically on the target.

For a ticket platform like pretix that can be run self-hosted alongside the main site, this should give you enough signals to discriminate between normal users and bots, unless they are specifically targeting that site, or am I mistaken? Even just pure web server access logs may be sufficient on smaller sites so this might work even without JS?

Unfortunately, the solution to something like this is more intense KYC and lawsuits.

You don't defend at the web, you defend in the courtroom and bank.

I assume it's too expensive or the ticket sellers don't actually care, they just want to think they care.

>Most organizers, including for-profit organizations, do not want to choose this option due to ethical concerns or concerns about community building.

The alternative is selling the tickets to scalpers which doesn't seem ethically better or better at community building as compared to directly selling it to fans.

Even if you assign tickets to IDs scalpers will sell access to bots instead to capture the delta between market price and the price the ticket is being sold for.

This seems pretty well covered by the post?

Doing any kind of access pattern analysis leaves you with the problem of handling false positives, and your proposal doesn't help with the accessibility problems.

IP addresses aren't a panacea here -- this is a high margin business where the attackers can switch to high cost / high quality proxies.

> unless they are specifically targeting that site

In this case the attackers would very specifically be targeting specific sites (ones selling tickets to events with more demand than supply).

Sell the tickets with a decreasing price - early tickets are very expensive, late tickets are not, and hold back between 10% and 20% until day of sale at the lowest price.

Make the scalping bastards choke on it, and break FOMO all at once.

you defend at the ID system. anonymous cert chain ID fixes this. the u.s is defined by its fraudulent business and therefore no one in power wants it.

What about limiting the number of tickets per card?

Or do what airlines do and you need to declare who is using the ticket. Maybe allow exchange for up to 50% of a party.

Then the scalpers can't win but there is still a DOS problem to solve.

Maybe a card auth -> reserve seats -> complete txn flow would help there. The card auth rate limits the amount of unbooked but temporary reserved tickets.

> What about limiting the number of tickets per card?

discussed in TFA

> Or do what airlines do and you need to declare who is using the ticket

ditto

I'd rather see bot resistance (important for everyone) and privacy (important for everyone) take precedence over accessibility (important for a small minority) and have laws change to reflect that.

How about: each user creates an account with their legal ID. Obviously unique so they can’t create multiple using the same ID. Before the sale, everyone signs up. Once the sale is started, tickets are distributed using a lottery system for the users who signed up (so refreshing like mad doesn’t give any advantage). Can only buy up to 2 tickets per person (their own and an anonymous companion). ID must be shown and would be verified at entrance.

If you wanna be even more strict: You could allow up to X companions, but they must not have signed up with their own account (so they don’t have an advantage for doing so). And they must provide their ID before the event as well and arrive as a single party.

I disagree that bot resistance is important to anyone, or even a reasonable goal for anyone at all. Bots are just users

When I was a lad we bought tickets at a booth.

Just saying ...

Bots are not just users in the battle against spam.

> So what’s left?

If the profit per successful abuse event is $200, the author's suggestion of limits on credit card numbers or phone numbers won't work either. Those are only effective against scaled abuse up to something like $1 / event. Bank accounts would almost certainly be more robust, but that seems quite hard to implement outside of a handful of countries where the online auth ecosystem is built around banks.

With generic abuse background, but not knowing anything about the ticketing abuse ecosystem, is doing the sales on a first-come-first-serve basis an absolute necessity from a business perspective? There would be a lot more tools available if the problem was reframed from "decide instantly whether to sell this buyer a ticket" to "decide which 10k of these 100k intents of purchase received during the first 24h to sell the tickets to". And by more tools, I mean offline analysis and clustering, not just a lottery.

(You'd still want to combine that with strongly personalized tickets though. It'd be how you address for bots-as-a-service, not how you address buying tickets to resell.)

Sell at the economic equilibrium price (determined by auction) and whoever actually enters the venue receives the difference between the auction price and the desired price by the organizer in cash or maybe in form of a coupon for their next concert.

We just need better human verification, that’s all, and the web depends on it

I think you just described something similar to the Japanese system

The option that strikes me as missing, is making users pay a cost before they are randomly entered in a lottery for the ticket.

So, for example, everyone pays $0.01 on their credit card, or does a holding charge on their credit card, or registers their identity. All in a 5 minute (or 1 day!) window. And then after the window, tickets are randomly distributed amongst every card which so registered.

You could check multiple things - phone and card and Government ID if necessary (lowering the privacy).

This also feels fairer and less stressful - instead of a lottery based on your internet access, or ability to run lots of browsers at once.

This feels harder for scalpers to do to me, as they need more fake identities, but I'd be curious about the actual ratios when trying it. What goes wrong?

Another one I predict is that you can't buy digitally. For examples, the Lewes fireworks display you have to buy tickets in person in a bookshop in Lewes. Doesn't help if you make a digital ticketing system though!

That results in unbounded offers.

Bots are users, but they aren't human users. I think it's fair to say that most web sites/apps value human users over bots (maybe that's wrong though?). But I think an argument can definitely be made the bot resistance is valuable/important to most people on the web.

To fight economics is to wage war on reality itself.

Locking tickets to customers is hard, especially for venues with seats. The venue and artist want people in those seats — it looks better and they spend money on concessions, merch, and often parking. You can resell at the door, maybe, but then you’re turning away paying customers who get stuck in traffic and show up late.

I’m not convinced cards are a significant barrier. People already get tons of credit cards for the signup bonuses and perks, and you can get prepaid cards pretty easily. Temporary card numbers are a thing too. There are logistical challenges in getting a lot of cards in the buying pool but I don’t think they’re insurmountable.

A few months back I built a cryptographic alternative to CAPTCHAs called Ghost Keys[1] that uses a small donation as proof-of-humanity. For donating you get an anonymous keypair that works across services without repeated CAPTCHAs. The economic friction doesn't scale for bot operators, and donations fund our non-profit[2].

[1] https://freenet.org/ghostkey/

[2] https://freenet.org/

The reality now is the ticket sellers and bands are the main scalpers and everyone else are now secondary scalpers.

Now that tickets are all electronic and the ticket sellers operate secondary markets there is no "face value" anymore and pricing is dynamic. Not all tickets are released at once and many are offered at "platinum" prices at first.

All through the 60's, 70's, 80's, 90's and 00's concert tickets were around $40-$50 in 2025 dollars, now that is just the service charge. Just go on eBay and look at some ticket stubs then put the price / date into the CPI calculator.

It turns out that the bands couldn't beat the scalpers so they became the scalpers, charging outrageous prices with the assistance of the ticketing companies.

So stopping bots isn't as important as it was when CAPTCHAs were effective, since there is a lot less money on the table for professional scalpers to capture.

Sounds like an interesting situation! But I do see the flaw in my proposal now. It will select for the top-n richest customers, which kind of undermines the point of selling at a fixed price.

Just sell paper tickets at specific type of shops: convenience stores and such. Use an ID.

Concerts that are struggling with numbers shouldn't have a scalper problem though. If you want more people through the door, there are presumably base price tickets still for sale.

This problem mostly exists in the Swift concerts that sell out in four minutes before the internet explodes with people complaining the website never loaded for them. I'm sure "might harm sales" really won't be a problem for those concerts.

In my opinion the web is in dire need of a system of proof of humanity. This, together with a mixed system, could solve this sort of problem.

For example, there could be an API for e-mail providers to tell services that an address belongs to a human. The provider would need to implement methods to verify the user's humanity, so you wouldn't need to give every online service your personal info, only your humanity provider that vouches for you. Something like SSL certificate hierarchies could be used to ensure that smaller providers aren't vouching for bots, i.e. you have a root CA that signs their certificates, and if it's found that they don't actually do what they are supposed to do, the certificate isn't renewed. This added with some actual costs to get those certificates would give them an incentive not to lie.

I know some people complain about this not being "private," but let's be real. If you purchase anything from any online website, they have your home address, your phone number, your real name as printed on your credit card, and there is a non-zero chance that some moron stored your credit card number in plain text in a MySQL database. It's always going to be safer to trust PayPal than some random website with this information. Why not do the same with human identity?

Finally, if you can't sign up with any humanity provider for some reason, just make the process extremely annoying and limited. For example, if you have 100 tickets to sell, reserve 90 for people that can prove they are human and leave only 10 for potential bots, then implement a lengthy process for those users so that's not worth it for the bots. If 90% of the tickets are already purchased by people, it will be less profitable for scrapers already.

how about on-device biometrics?

most of traffic is from mobile devices anyways. they have biometrics (e.g. Apple FaceID, fingerprint). they also have DeviceCheck (Apple Hardware + Apple servers) integrity checks of device/binary that is making requests. it is also free and private.

why using this technology is not part of conversation? seems like utmost strongest guarantees and perfect fit?

A lot of overwrought digital solutions here and not the obvious one:

Stop selling online.

Sell the tickets at a small number of locations near and including the venue, with cashiers empowered to deny suspicious transactions.

Could someone put together a small army of smurfs to buy up all the tickets in major cities? Sure. Could someone have someone on the inside sell them a block of tickets against policy? Sure. We can handle these cases on a locale by locale basis with a convenience trade off that seems appropriate to the place.

Don't let perfect be the enemy of the good, and even worse, don't let overwrought privacy-invading and non-accessible digital solutions (that create a playing field tilted towards bad actors equipped with AI tools) be the enemy of a dead simple analog real-world one that leverages our best reputation management system: ourselves.

I'm asked for ID on MercadoLivre and PayPal already, but I think it's for tax purposes. Never tried to create two accounts with the same tax ID.

> The naive economic solution to the problem would be raising ticket prices step by step until it is no longer attractive for scalpers to resell your ticket

You can also just do like The Cure did and destroy the secondary market entirely: you can sell tickets through the platform and only for what you paid for them.

The Savannah Bananas do that. You have to enter a lottery to buy tickets.

And if your ID doesn't match the ticket, you don't get in.

It's successful in keeping tickets in the hands of families and fans instead of resale.

I suspect the key thing is that the industry really wants scalpers, but must appear to act against them.

I could see an issue with that since most people are going to be going to events in a group, and won't want to go unless everyone gets their ticket. If I wanted to go with three people, do you lottery us as a group or individually? If I want to go with 5 people and there's a lottery, the best thing to do would be have multiple people buy 5 tickets each, multiply that by every group and you have a lot of people buying tickets who don't actully want them and people who only put one order in get shafted

how does this prevent the scalper communicating with the buyer to demand an out-of-band payment?

> The economic friction doesn't scale for bot operators

Does the number of keys need to scale? If $1 buys a key for life, and signing can be easily automated why would it stop bots?

> I suspect the key thing is that the industry really wants scalpers

Why?

Keys embed approximate timestamps, so services can set age limits. The system was designed for Freenet integration where reputation can be attached to keys - repeat abuse would degrade a key's public reputation over time.

The naïve economic solution is auctioning off all the tickets.

Require the intent to include ticket holder names/id and check it on entry to the venue, multiple intents for the same group can be deduplicated

I am unsympathetic when people insist on selling things for the wrong price and then come up with these elaborate schemes for fixing the problems they themselves caused.

If they would simply sell tickets for the prices people are willing to pay in the first place then they wouldn't need to invade privacy or any of this stuff. I've heard the arguments they use to justify why they don't and they're all hogwash.

i love the number of people who are wholly bought into this idea that capitalisms tokens warp reality itself. its the end of history too aint it?

which is just such a lack of imagination for what we are capable of, both in terms of progress and irrationality.

Well at least one possible reason is that for live events, the company that has an effective monopoly is Live Nation. And they also own at least one of the platforms where scalpers sell their tickets; Ticketmaster.

I also imagine that as an event promoter, being able to say some variation of "Another sold out show", or "Tickets sold out within seconds" creates pressure for buying early for all future events.

It also takes active planned work to implement these solutions. And if they have a monopoly, they have no incentive to do that work.

This addresses some of the hassle around buying multiple tickets, but does not address the inherent privacy issues. But there are still some problems.

First of all, this remains a hassle in most countries, since handling a national identity number (if such a number exists at all) is restricted by law. Even in some countries that do not legally restrict collection or storage of identity numbers (AFAIK the US does not restrict private sector usage of SSNs), there is rarely wide acceptance of providing your identity number for any purpose other than official government services and financial institutions. This means that in most cases, the event organizer has to resort to more traditional methods of KYC: Requesting some personal details (e.g. full name and birth date) and requiring to present an identity document that carries the details above. Verifying the identity document adds slows down entrance lines and increases the cost.

The other issue with this method is privacy. You're still not breaking the suggested BAP (Bots-resistance/Accessibility/Privacy) theorem suggested by the article. Additional personal information has to be collected and stored until the time of the event.

But I believe there is a way out of this. You can still create a limited resource that is more restricted than phone numbers or credit card numbers, and can be optionally verified at the venue cheaply. The only problem is that would require cooperation from the government (and a great deal of effort if you want to make it perfect). The government needs to already have an online digital KYC method that is bound to your digital ID or an online government account. Then the government can use that method to provide an anonymous federated login that provides a unique ID that cannot be traced back to any national identity number. This is essentially how Sign in with Apple works with "Hide My Email" selected: No personally identifying claims are included in the Open ID Connect ID Token and "sub" is unique (per Apple user + 3rd party service combination), but not traceable back to the the original Apple identity. Unique identities can also become ad-hoc per-event (instead of per ticket provider), which makes them completely private (ticket providers cannot track users across multiple events).

At described above, this service still only provides a limited resource akin to phone numbers. For events where the profit margin from ticket scalping exceeds $100, you could still get some scalpers who'd convince collaborators to identify in with their government account and buy tickets for the scalper for $20 per ticket. If you can get 5 tickets per ID, that's $100 of easy money for 5 minutes of work. You can add simple and fast verification at the venue by requiring the users to generate a QR code that is tied to their unique ID at the venue in order to enter. The QR code cannot be generated in advance and is based on a challenge QR that is presented at the venue. This requires collaborators would have to physically come to the venue or be available at the time the scalper's agents come to redeem the paper tickets at the venue. With a QR code generation and check directly at the gate, scalping is completely impossible (at the cost of longer lines and less entrance flexibility). With printed tickets the scalper needs to send agents to physically collect the tickets and communicate with the collaborators (who need to be available at the day of the event to generate the QR codes remotely) — which greatly inflates the cost of scalping.

Even when you get governments to cooperate with this approach, there are still some holes with this approach. The first issue is that eKYC needs to become popular enough to avoid a large loss in sales. The second issue is raising awareness with regards to privacy-preserving eKYC vs. regular eKYC. This two services look very similar (you log-in with your government account or ID to prove your identity), but the scope of the information shared couldn't be more different. Normalizing eKYC carries the risk of people becoming careless about divulging private information. Luckily, this could easily be solved by governments restricting private sector parties to which full eKYC is provided based on their callback domain names and registered credentials (like OAuth client ID and client secret).

The last problem is the probably the most complex one to tackle: how would you accommodate tourists? After all a lot of the venues sell a large share (or even the majority) of their tickets to tourists. I can think of two possible answers.

The first approach is to fall back to a manual passport-based KYC process for tourists. Tourist ticket buyers would have to enter their name and passport number in advance and the passports would be verified in person at the venue. This can be slightly sped up with automatic passport scanners if the venue has a high volume of visitors that warrants the costs. This approach seems to be where China is going: the resident ID card is used for entrance to many places and even for buying railway tickets, but tourists just use their passports. This works well when the percentage of tourists is low, but at a venue which expects a high number of tourists you'll run into all the issues I've described above.

The other option is probably more of a pipe dream, but it would be nice if countries could issue a temporary (and restricted) eKYC account to visitors when they complete their ETA. Even countries without ETA can still offer a pre-registration system just for obtaining an eKYC account in advance. This eKYC account can be used to purchase tickets in the destination country in advance, but it would only be activated for generating gate QR codes when physically entering the country with the matching passport. The main limitation of this approach is that you must first obtain an ETA before purchasing tickets, but you'd usually already have concrete travel plans by the time you're purchasing the tickets.

Actual cash income the moment the tickets go on sale.

Removes all the uncertainty and risk and puts it on the scalpers.

A lot of concerts in Japan work on a lottery. When you enter the lottery you can select for how many tickets up to a set maximum. If you get selected, you're obligated to pay and can't cancel. So... I imagine if you want to go as a group, one person puts in for the lottery and either everyone gets to go or no one does.

Yeah that's good solution

It is not "free" as you must buy such a device, nor is it most of traffic, and its privacy is questionable. A solution to the problem area here needs to cater to people outside the HN echo chamber.

every time this comes up, the thread immediately gets 300 comments suggesting that everyone pays whatever amount to keep the bots at bay

twitter sells blue checks for $8/mo and it's full of bots

As a developer or website or app, I don't need to buy a device. User has to buy it, as it is theirs device. And chances are, they are on the iphone or other apple device already. And if not, they are on Android, which has comparable biometrics options.

Are you claiming that owners of websites have to purchase laptops for their website visitors?

And are you claiming that Apple has worser privacy than Android? or ... holdon, there is nothing else (Huawei is out of the question, and MSFT/Symbian does not exist anymore)

this is crazy talk. what are you even saying?

The article addresses that:

> Of course it also harms real buyers who want to go to a concert with a +1 but do not yet know who they will bring.

This is a trivially solvable problem with essentially little friction for buyers.

The industry doesn't WANT to solve this. I don't see why anyone believes or entertains the idea they are even trying.

There will be a concert for 750th anniversary of Amsterdam in June (held on the highway ring around the town which will be closed). Tickets were free, sold out in 5 mins, immediately available from scalpers for 200 euros.

https://nos.nl/artikel/2568164-chaos-bij-ticketuitgifte-voor...

If all tickets are the same price, then any buyer-seller combination will do. I believe the seller doesn’t get to choose the buyer and both are anonymous. No way to coordinate such an out-of-band payment.

What about this schema:

The first ticket you buy costs the normal price. The second ticket costs twice the price. The third ticket is four times the price and so on.

Scalpers who buy many tickets at once will go bankrupt before they can buy all the available tickets.

Because Live Nation’s fees are based on ticket price. That incentivizes them to drive prices and transaction volume as high as possible.

So how would this work in concrete terms? How will this stop bad-faith actors who will go out of their way to abuse/fake things? How does it solve the "BAP theorem"? You can't just sprinkle a term like "on-device biometrics" and declare that solves it.

Objectively a lack of bot-resistance can make the service unusable for everyone. Good examples include twitter, where interesting stuff gets flooded by spam DMs and indian payout farmers, and the mentioned ticketing example, where objectively a lack of resistance leads to rent-seeking middlemen scalping tickets.

Similarly a lack of privacy hurts everyone.

The question is basically "would you rather have an equally-shitty service for everyone in the name of egalitarianism or a good service for most?" This seems a really easy choice for me because I don't see egalitarianism/accessibility as a moral imperative.

You can even limit max tickets sold to one person at two or three, but the trouble, as I understand it, is that it's hard to identify individuals as being... well individuals.

The solution is, as always, simple: regulation. In this case:

- break up Ticketmaster, Live Nation and their European friends. Ban vertical integration. And for good measure (and to placate the public who is out for blood, and I mean that one in the literal sense - ask a random on the street about what they'd do to scalpers and TM, I'd bet good money on at least 50% going for one or another form of violence), place their execs behind bars for a decade.

- mandate that a ticket holder has the right to transfer a personalized ticket for free (plus, in the case of actual paper tickets, a reasonable small service charge for postal fees)

- in conjunction, ban the sale of tickets above face value, including any sort of deals, and place significant fines on violators of both ends. This completely eliminates the "second hand" scalper market. Of course, black markets will still crop up, but when both sides cannot be certain the opposing trade partner is a cop...

Unfortunately, this would also kill a lot of income for the big players - chiefly, the ticket sale platforms that currently make an insane amount of money on bogus charges for name changes on tickets as well as running their own resale markets where they can double or triple dip on fees (depending how often that specific ticket gets sold back for whatever reason). And that is why such a movement will probably never happen during our lifetime.

The problem is not that bots are buying tickets. The problem is that the tickets sell out too fast.

Then you want antispam not antibot

Why do you think they don’t?

Pearl Jam does something similar with annual membership in their fan club. Each concert has some designated seats set aside for members of the club, with the best seats going to the members with the longest consecutive subscriptions. Allowing the membership to lapse resets your priority level if you subscribe again.

Concert tickets are still that low, you just can't go to stadium shows for supermassive artists at that price. A saturday night at a popular EDM venue with a 2k capacity headlining an artist with ~500k monthly listeners on Spotify will run you about $25 for the floor or $50 for VIP. A "sticky floor" bar venue ticket with a capacity of maybe 300 for an alt-z band with somewhere in the realm of 250k-3M monthly listeners on Spotify will run you about the same.

Being up at the rails at a Girl in Red concert set me back $60 at a 5k person venue. If you want to see supermassive artists for that kind of unit price you have to "buy bulk" and go to festivals.

The author builds a ticket system and says it's not trivially solveable. What's your trivial solution then?

This was my theory but there is a problem with it: Unless there is a constant churn of scalpers failing to turn a profit, the scalpers are presumably selling off their tickets at a profit. This means the market demand from individual purchasers exists, and the ticket sellers are just leaving money on the table by not raising their prices.

Why should ticket sales be regulated? Why should the government care about what price event tickets sell for?

Concerts are pure luxury. I like going to concerts, but I don't see a reason why the government should intervene? Scalpers exist because artists underprice tickets on purpose.

It's more profitable and predictable for scalpers to immediately buy all tickets. The ticket seller doesn't care if the tickets are sold to fans that will attend, just that they're sold quickly and reliably and non-refundably. It's even better if tickets are sold to scalpers because some of those tickets might never be resold, which means the venue gets the ticket sale but pays none of the cost a real guest would incur.

What matters is selling the ticket, getting a guest in the door is just expense.

An option I'd like to see implemented is to make the customer put down a bond. Besides charging the customer for the ticket, also charge them another higher amount that gets refunded x days after the concert. If the customer is found to be a scalper don't return the bond.

Scalpers can't pay high bond amounts at scale combined with the risk of not having the bond returned.

Also filtering people who don't own much to begin with?

Because the whole business of scalpers is exploiting the difference between the list price and the price people are willing to pay. If this gap didn't exist scalping wouldn't be profitable.

(As far as this article as discussing. They also serve some use for reselling tickets when you meant to go but can't but this doesn't have any more downsides)

But once tickets run out, the scalpers' price is the only price, and bots are better positioned to hold and time the market.

Yeah when I was a teen I might have had $40 for a show but not $500 for a bond.

Surely selling concessions, parking, and merch is a significant source of income for someone associated with the concert, game, or other event.

> Sell the tickets at a small number of locations near and including the venue

People frequently travel to major cities for concerts, do you expect them to travel twice to purchase the tickets? Either you join a much wider network of sellers than that, or this would only satisfy people already living not too far from the venue.

How do you figure out whether they're a scalper or not?

How do you determine scalpers? I buy 6 tickets for me and my friends and we all get sick. Are we scalpers? I buy 1 ticket and a work trip gets foisted on me the next day so I try to resell. Am I a scalper?

Won’t everyone just charge the ticket buyer the price of the bond? So this still only harms the fans that want to see the show. The scalpers just need to have more up front capital in your system.

Not the ticketing company's problem.

What I don't quite understand is why we haven't merely come to the conclusion that, like everything else, the internet costs money. Running servers and services costs money, and by giving it away for "free" from the get-go encases certain types of problems in the platform itself. I'm not talking about paying your ISP, I'm talking about accessing websites.

I guess what I'm getting at is that there is no cost to making a request over the internet. Why not? Why doesn't every http request have a corresponding price associated with it? You can access the resource if you pay. I imagine this would be a minuscule amount ($0.00001 or less per request). Then, instead of trying to solve for monetizing eyeballs or personal data, these problems are solved with economics.

In the event ticket situation, how does this change the economics compared to just adding $1 to the ticket price? (or whatever your minimum donation threshold is)

From TFA:

> If a spammer needs to spend 0.0001 € in power to access the site only to gain a marginal profit of 0.00005 €, they are losing money with every site access. However, if a ticket scalper needs to spend 0.0001 € in power to buy a ticket that they will later sell at a 200 € profit, this will not stop them.

I don’t get it - why not just tie the ticket to a name and address at time of purchase? Then verify that matches the person using government issued ID upon entry?

For popular acts, when scalpers are selling at 10x or more the base price, the bond would have to be pretty high to put the scalpers off, and that would be a problem for many genuine customers. Unless the bond is silly high, that being defined as high enough that it significantly messes with fans, it would still be worth it even if the scalper is noticed and the bond not returned.

> If the customer is found to be a scalper don't return the bond.

This is how most suggestions for solving the problem fall down: how do you, with any reliability, or at least reliably avoiding false positives, detect a scalper?

Most of my concert tickets are still priced around $40 inclusive, after taxes and fees, and from the likes of LiveNation, Etix, DICE, AXS, and so on.

All my friends that complain about the rising cost of concerts tickets don’t realize that they just see the same old bands year over year. These scrappy up and coming bands that they saw as a kid aren’t scrappy anymore. That’s why blink-182 can charge $700 for the pleasure and still sell out — because most of their fans are in their late 20s or 30s, have disposable income, and number in the millions.

Go to a $20 show for a band today and who knows, maybe they will charge you $700 in 20 years. Plus you can tell everyone that you saw them before it was cool. /s

Sell tickets using an auction to set the price.

This fixes indians in boilerrooms and nigerian spam emailers but specifically not ticket scalpers. The profit is too large.

Also because users don't actually control the number of HTTP requests they make. Think of sites that load individual icons rather than sprite sheets. Think of sites that fire off 1,000 tracking calls per minute. So respectfully screw that.

How would you handle the following conditions?

* I buy a ticket for a friend (maybe as a present) but don't actually want to go to the concert

* I buy more than one ticket for a group of people (I'll be attending the concert)

* I buy a ticket but have to cancel at the last minute and want to give it to a friend

* I don't have an easily available government ID (maybe I never got a drivers license, maybe my drivers license expired, etc.)

* People attending the event aren't American. They will have their passports from other countries. How will you verify each passport is valid?

* The event draws of people from a majority of the 50 states in the USA, with each state having different government IDs (driver's license) with different versions of the IDs within each state. What are the logistics of validating the IDs presented?

In the base case of one ticket per individual that has a valid government ID that has their current address printed on the ID, what service are you using to validate this ID and to validate that the presenter of the ID is associated with the ID? What is the cost and how many transactions can it handle per second?

Tunnel-visioned article, honestly. I mean, why does he gloss over the fact that scalpers don't care about captchas - they can just outsource solving them to other humans. Giving your driver's license or passport to some entertainment company's security-unaware sysadmins doesn't seem like a good idea either. Maybe just accept the fact that you gotta be lucky to see most famous band in the world in person. There are only x hundred seats for 10 million people...

And, long before the proof-of-work thing was popularized, people were already farming out high-margin captcha solves to cube farms full of people in Asia.

Maybe if we do this then those sites will be disincentivized from doing all the tracking. Because consumer's will get their bill, say "what the fuck", and go to a competitor.

They're not all the same price. They have the same list price, but once the show (or the desirable floor section of the show) sells out, the real price floats.

1. The initial price of the ticket serves as advertisement to get more people interested in the event than if it was advertised at the scalped price. Some fraction of the people will end up paying the higher price anyways, even if it was more than they intended to spend. The chance of "getting lucky" and getting a ticket at the low initial price is a powerful draw, especially if each buyer gets lucky a few times.

2. Are you sure the scalpers and the agency selling the original tickets are independent? Even if they are on paper, in many locations there is evidence of a local cartel.

3. The initial sales provide revenue up front to pay for the costs of the event, vendors, etc. This reduces the amount of cash reserves the seller needs, sometimes very dramatically.

4. Many scalped sales (used to be, not as much anymore) were cash transactions. This used to be used as a pretty significant tax dodge: Sell tickets for $50 face value to your affiliated scalper, pay tax on this sale, scalper sells tickets for $200 and does not pay tax on this secondary sale, or underreports the number of secondary tickets sold. Lots of shenanigans here to make your profitable scalping business look like it's making a small loss on paper.

5. Especially in the context of a local or regional cartel, each ticket sale represents the opportunity to move capital between entities. Physical tickets can be an effective vehicle for small-medium scale money laundering: Dirty money/entity buys the tickets, clean entity resells them.

Basically as soon as you drop the assumption that the ticket sellers and scalpers aren't related in some way, there are a lot more profitable reasons for the ticket sellers to "leave money on the table".

We should make it their problem, by artists not selling tickets on those websites but instead using their own resources. Essentially vertical integration, so then you have to care about the end-product and user experience. And, cherry on top, you might be able to charge more aggressive prices if you're not paying the profit of the middle-man.

In some cases, but in most cases even well known bands that had been around had tickets that highschoolers could afford. Only a handful of bands were like triple the average and would have been the likes of Rolling Stones Springsteen and such, but aside from them, no, most well known bands were not selling tickets at ludicrous prices.

That didn’t work at all for cookie banners. People just accept enshittification when it’s just a minor inconvenience. $0.00001 http requests would solidly fall into that category, and then it would just be marginally worse across the board.

I might have given blink-182 as an extreme example but $80 for tickets is still selling for a lot more than the $7 cash at the door that I paid when I saw them in a tiny skate shop 10 years ago.

Many bands don’t make it all of course, but I can still pay $7 cash for shows today at that shop and some of them are going to be able to charge $80 in a few years.

who cares about tickets for shows. but try to buy an airplane from airchina and experience first hand being a false positive bot.

just hope there's another airline serving your destination.

Nobody is paying for a cookie banner. Also the cookie banners aren't even required on almost all the sites you see them on - they chose to put those there because they're lazy.

Could someone explain why tickets aren't sold via an auction mechanism? Surely that's the only fair way to distribute anything of limited supply

>How would you handle the following conditions?

It doesn't, but that's fine, because it's the cost of preventing scalpers. Everyone just accepts that you can't buy a flight ticket as a present, for instance.

Yes, but what do you think is the reason why they are not doing what you argue they should do?

The answer is mentioned in the article. Not all concerts want only people with means to attend. The venue might want to be accessible to low-income members of the community, or it might be a benefit concert, with free tickets and a donation drive.

Maybe read it first?

> A related option is to strongly bind purchase limits to other resources that are not easy to acquire quickly in large amounts, such as allowing only X tickets per (verified) phone number

Phone numbers are very easy to get in large numbers. US-based SMS numbers that will pass verification for buying sneakers are ~$0.25 each.

The way rents/expenses are, an $8 pint at your local has better margin than a $18 pint at the venue.

Can't do that, contracts between venues and ticket vendor preclude non-blessed ticket sales. TicketMaster and LiveNation have boxed this out

This is the law in Denmark, and I think Ireland and several other European countries.

Tickets must not be sold for more than the original price. Ticketmaster etc are still happy to take part in the action: their resale system still charges a second set of ticket fees for a resale, though the sale price is limited to the purchase price.

That's only "fair" in a certain, academic sense, which claims that willingness to pay more money makes someone more "deserving" - completely ignoring socioeconomic status.

That also offends a lot of people who oppose the above reasoning.

Bidding for tickets would cut out the scalpers and maximize revenue for the performers (and ticket agencies). So, if you want to go, pick your ticket class (rough area) and specify how much you’re willing to pay. The ticket seller orders bids by value, taking the top ones first, and then allocates tickets. Anything unsold is offered as usual on a specified day. People that really want to go get to go and the performers benefit rather than the scalpers.

As a human, I’ve had a bunch of positive experiences with Cloudflare Turnstile. It always seems to correctly identify me as a human faster than I could solve a CAPTCHA, without me having to do anything. I can’t speak to how effective it is at catching bots, though. Maybe it just errs on the side of assuming human?

Neither the performers (raises prices for fans artificially) or ticket agencies (leaves money on the table) want scalpers.

I think I've only had this once for a concert I've attended, but generally:

> I buy a ticket for a friend (maybe as a present) but don't actually want to go to the concert

You'd need to transfer the ticket to them electronically, which is possible on all the ticket selling sites that support these restrictions.

> I buy more than one ticket for a group of people (I'll be attending the concert)

One person can buy up to X tickets (often 6), so they can attend with 5 anonymous friends.

Or transfer one/more to them as above, so they don't have to arrive at the same time as you.

> I buy a ticket but have to cancel at the last minute and want to give it to a friend

Again, transfer through the website/app.

> I don't have an easily available government ID (maybe I never got a drivers license, maybe my drivers license expired, etc.)

> People attending the event aren't American. They will have their passports from other countries. How will you verify each passport is valid?

> The event draws of people from a majority of the 50 states in the USA, with each state having different government IDs (driver's license) with different versions of the IDs within each state. What are the logistics of validating the IDs presented?

European (as I'm here) identity cards and driving licences are reasonably unified in appearance. The staff will just do their best if Americans from 50 states turn up, and probably refer anything that seems suspicious to a manager for a more careful review.

It's a hedge. Performers are not in the business of optimizing ROI, they're in the business of performing. Scalpers provide a service: guaranteed income for a fee. There are many analogous examples in other markets where both parties happily take their respective sides of this deal, even though technically one of them is leaving money on the table.

Then there is the slightly more insidious incentive: selling out quickly is in and of itself valuable for a performer: it makes them look popular and exclusive. That alone might just make it worth it altogether.

I can’t claim I’m the first one to think about this, but every time Ticketmaster shows up on HN I keep coming back to this idea:

Sell the tickets with regressive price based on time. Sales starts say 2 months before event, initial price is truly exorbitant, say one million dollars. Price decreases linearly down to zero (or true cost price). At any point, people can see current price and the seats left.

Now every potential spectator is playing a game of chicken: the more you wait, the lower the price, but also lower are the chances that you’ll have a ticket. That would capture precisely the maximum amount of dollars that each person is willing to pay for it.

This idea sounds extremely greedy, because it is, so I can’t fathom that no one ever pitched this in a Ticketmaster board meeting.

My idea, however, was a bit less greedy. Once you sold the last ticket, that would be your actual (and fair) price-per-ticket for the concert, and everyone would be refunded the difference. You’ll never know how low it will go, so you shouldn’t overpay and hope it will lower later. I’m pretty sure Ticketmaster will skip this last part if they decide to implement this.

There are multiple issues with my idea, it’s elitist, promotes financial risks on cohorts poorly capable to bear them, etc etc, but it will definitely fix the scalpers problem. Pick your poison.

My understanding is that performers have shied away from this model because it results in less affluent fans being excluded. Lotteries are generally preferred. You could theoretically eliminate lottery scalping by making the tickets non-transferable, but I’m not sure how feasible that would be.

Because there is a perverse incentive for performers to lean into scalping: selling out quickly is a mark of success. NPR's "Planet Money" had an episode a while back that covered exactly this.

Not all artists lean into it of course, and it's usually not the actual artists anyway but labels, producers, etc.

In that same episode they covered how LiveNation owns both TicketMaster and many venues themselves, and leverage access to the venues for power in the ticketing market.

It may have been this one but I'm not 100%: https://www.npr.org/sections/money/2013/06/25/195641030/epis...

>I'd bet good money on at least 50% going for one or another form of violence), place their execs behind bars for a decade.

Why not send them to the firing squad? Or torturing them?

Some people have sociopathic tendencies. If your problem is scrappers making money the solution could not be creating a bigger problem like sending people to jail for a decade.

Comming recently from visiting Ukraine I can't help thinking how insignificant those pet problems are, while real crimes like kids being killed go impune every day... If the price of something is too high, just don't go there. It is not the end of the world.

It's "fair" in any society that has capitalism. Going down the rabbit hole of deciding who deserves money is playing God.

This is a similar idea to a second price auction, but in reverse.

Everyone puts in their maximum price they're willing to pay, and the lowest price that fills the seats is what people pay.

The advantage to this model is that there is no financial risk to overpaying.

Of course with an open bid continuous auction there are problems with bid shading (manipulating the auction by posting prices mostly meant to influence other bidders), but it's overall economically very close to your idea.

Isn’t world coin an answer?

What's wrong with giving out some free tickets to low income members of the community?

Because the platform doesn't need to expose the details of buyer/seller.

Most tickets these days are digital.

This problem with this is that it assumes a supply and demand shaped problem that markets solve.

You can’t just make more Taylor Swift to meet demand. You can’t open more Taylor Swifts in different regions. Acts have a very low very rigid upper supply limit. So if you price up at that demand it puts it out of reach of almost everyone. And that’s a bad outcome for almost everyone.

Because artists need an at least semi-competent vis-a-vis, AKA audience. This is the main proposition for entering a stage to begin with. And chances are that the most economical potent ticket buyers are not in this group and probably also not the most enthusiastic about the act. So there's a natural incentive to aim not for the highest cap, but for a somewhat realistic medium. I.e., "the prices people are willing to pay" are probably not the prices artists are willing to perform at.

(Edit: there's a reason for opera houses providing cheap standing room for enthusiasts – it keeps the art alive.)

This is the issue with most proposed solutions here.

Artists (bands) want to sell tickets to fans and people who appreciate them. And many (probably most) have very little money.

They are able to scrape and save for a ticket. But not some bond deposit, arbitrary ticket fees, auction pricing, etc..

And it was terrible. For every party involved.

That's a Dutch auction: https://en.wikipedia.org/wiki/Dutch_auction.

I agree that reverse auctions would be a simple solution the current scalper problem. If demand outweighs supply, scalpers drive up the prices toward their economic equilibrium anyway, making ticket prices just as "unfair" to the poor, but with additional problems of trust...

Those may be arguments for why (some) performers and (some people at) ticket agencies don't want scalpers, but empirically, for popular performers, both performers and ticket agencies still set prices lower than the market will bear. They could charge more, but they don't.

Eliminating uncertainty about whether a concert will sell out may be the primary reason.

Net ticket prices might be dictated by the performers and their agents, and the ticket agency might not have the ability to raise prices unilaterally, at least not by enough to stop scalpers.

There's another factor, or side-effect, that might be missed in explaining why an artist or their agent won't set prices higher, even when the artist has a history of having concerts sell out and tickets scalped: scalping is a symptom and sign of scarcity, and scarcity drives interest.

They probably want to set prices as high as possible while still having a high probability that tickets will sell out and make concertgoers panic-buy.

The scalper problem is a mispricing problem: Scalpers are just arbitrageurs because ticket prices are artificially very low.

If you want to fix that, you need to ask yourself "why are ticket prices artificially very low?" first. The answer probably isn't "artists/venues like leaving money on the table".

> Why should ticket sales be regulated? Why should the government care about what price event tickets sell for?

Simple: because a government should take care about what its citizens want. And on top of that, the economy (aka artists and venues that really REALLY don't want to deal with TM but have no other choice) also wants it.

That's why anti-trust legislation was created. It just fell out of practice to actually use it.

This has huge impact on the friend base. Certainly not trivial

> but it will definitely fix the scalpers problem

Nobody wants to fix the scalpers problem because, to the Ticketmaster monopoly, scalpers aren't a problem. The Ticketmaster monopoly values known, consistent, derisked revenue over possible lottery ticket windfalls with the possibility of complete wipeout. Scalpers do exactly that.

Scalpers are only a problem to fans. And scalpers are only a problem online because they can wipe out the entire ticket base. The "solution" is to introduce offline friction to the problem--anything which requires a person to show up and buy only a limited number of tickets. Unfortunately, that introduces a lot of uncertainty into the system instead of guaranteed cash flow and the business side finds that to be anathema.

However, the real solution is to bust up the Ticketmaster monopoly. If each of the individual actors (ticket sales, venue owner, performers) have to operate independently and have to de-risk at each point, scalpers become an enemy to be neutralized.

I also have a completely unjustified suspicion that scalping is hiding a lot of money laundering so lots of people have vested interest in it continuing.

> If your problem is scrappers making money the solution could not be creating a bigger problem like sending people to jail for a decade.

My problem is the profiteering, the concentration and subsequent abuse of power by the rich. It used to be the case that rich overlords who abused their power got deposed by their population, driven off with pitchforks if they were lucky, decapitated by guillotine if not. Personally I don't want a return to such grisly times, hence I call for at least punishing abusers by putting them behind bars.

> Comming recently from visiting Ukraine I can't help thinking how insignificant those pet problems are, while real crimes like kids being killed go impune every day...

Now Putin and his command chain, I don't think anyone but rabid tankies would have an issue with their lives being condemned in a repeat of the Nuremberg Trials.

That's not actually a Dutch Auction. Sounds more like the "eBay ascending uniform-price mechanism". (From the same Wikipedia article)

Isn't dystopia an answer?

Yes, but no.

If people paying high prices for tickets makes the event worse, as people seem to believe without evidence, then prices will come down, solving the problem naturally. These arguments make zero sense.

What is it then?

Yep, but that’s not working out for them very well. The only thing that will eliminate the scalpers is reducing the amount of money they can make such that they decide that it isn’t worth it anymore.

Auctions work great for price discovery. Check this out:

https://community.intercoin.app/t/intercoin-applications-auc...

also:

https://community.intercoin.app/t/applications-of-intercoin-...

Let’s put busting the ticketmaster monopoly to the side for a second, and look at the issue regardless of players

If you want to remove scalpers, just make sure tickets are non-transferrable and run an auction for price discovery.

I built it on the blockchain years ago.

My guess: Empty seats look bad and and pricing fans out of concerts may hurt fan relations, even losing them completely.

Also concerts are mainly for the artist to make money. Traditionally they're getting fucked by record labels, making very little on sales of media. Concerts is when you're actually getting paid. It thus being a somewhat less corporate process to decide ticket prices can mean that they just charge as much as they need and want, not as much as they can. Artists are generally considered to be a polar opposite to the "short-term-profit-maximizing" crowd.

I asked why are school vouchers bad since it’s a single payer system.

The “progressives” told me it would starve public schools of funds and students since private schools would admit only the best and brightest

So I said — don’t let the schools choose. Let the people choose. If the school is filled then you use a lottery for who can actually get in, M of N people. Simple.

The industry has middlemen

Crypto removes middlemen

Then you just have auctions and tickets are not transferable. No middlemen. Simple and honest price discovery.

Read this: https://community.intercoin.app/t/intercoin-applications-auc...

This also eliminates uncertainty about whether something will be filled. The uncertainty is only on the side of fans that someine will outbid them for a sold-out concert ticket, and they’ll then get the money back

You can't put Ticketmaster aside precisely because Ticketmaster likes scalpers. They don't want to shut down scalpers. Hell, for all I know, Ticketmaster might actually BE the scalpers (talk about paranoia ... but, hey, vertical integration for the win).

Consequently, even if there are "technical" solutions to scalpers, the socio-political aspects prevent the solution from being deployed.

It would add $1 to the ticket price, the goal is more to replace CAPTCHAs (which cost essentially nothing to defeat these days), but you're right that it wouldn't be a silver bullet in the ticket scalping scenario.

I think a significant portion is that artists like leaving money on the table. being perceived as greedy can cause reputational harm significantly greater than the increased ticket revenues that the market will bear.

This is maybe the answer, but I'd like to at least acknowledge that this is what's being proposed: Buying tickets for shows has the same security requirements and domestic and international flights.

This is a great example of the problem with ticket prices. The problem is that the price they were originally sold at was not a fair market price.

They don't even have to have the same price if the seller just effectively returns the ticket back to the system.

Then it's up for grabs.

There's no guarantee for the buyer that an out-of-band payment will get them the ticket (someone else can get it), and there's nothing that forces them to send an extra payment once they do get the ticket.

They can demand all they want, but they can't guarantee any way of getting the ticket to the person that send a payment... which makes it a bit of a tall demand.

My usual gripe:

Somehow it is unethical for person/organization/etc putting on an event to make more money on tickets in hot demand.

...but ethical for opportunistic arbitrageurs to make that money.

This suggests a highly misguided notion of ethics.

Ticketing organizations have solved these problems some of which, I'm sure, do exactly as you propose, so it's not like it's an insurmountable problem but, besides wanting to hear a proposal, my point was that these are common tasks that are not as clear cut to solve as one might imagine.

To go into more detail, you're proposing training staff to recognize a valid ID, both from all 50 USA states and international passports, including any other official ID. This increases costs for consumers and vendors in addition to creating friction for entry. This also precludes people from attending that don't have ID or have trouble finding ID that isn't recognized by the venue.

I've seen some online vendors do ID validation but, from personal experience, I've found them to be invasive and have a high error rate.

All these methods have a high friction and might not really address the core issue of scalping.

Someone else proposed that these events are tantamount to international or domestic flights, where the expectation is that ID requirements are invasive and security is high. Maybe that's just the answer. If you want to see Taylor swift, have your passport ready, only purchase a ticket for yourself and go through high levels of security to gain entrance into the venue.

Australia too, though you are be allowed to sell at face value plus 10% here in Western Australia. YMMV by state.

Ticketmaster has it's own resale platform. It's able to double dip. They basically say tickets are relatively cheap and scalpers are the bad guys. They encourage the scalpers. Then they can resell using their own resale platform and they get fees on top of that.

The fees on re-sellers are crazy, and they take fees from both seller and buyer.

Seller Side:

List price: $100

StubHub seller fee (15%): -$15

Seller receives: $85

Buyer Side:

Ticket price: $100

StubHub buyer fee (10-15%, let's use 12%): +$12

Buyer pays: $112

StubHub's Take:

From seller: $15

From buyer: $12

Total StubHub revenue: $27

So they're making an additional ~27% (on the "true" market price) in addition to the ~25% they charge in the primary market. So if the market price was $200, if they just charged that they would make $50. But instead they'll sell it for $100, make $25 on the primary and an additional $50 when sold in the secondary market.

They don't own StubHub but they have their own. In 2017 they opened up TicketExchange which allow the sale and validation of tickets on third-party websites, including StubHub, which they did to capture some of that amount. They get to play like the reasonable party here, the scalpers are taking the heat and they're getting a cut of that.

They do other things that's baffling like selling tickets a year ahead of time, which is kind of weird considering very few people, even big fans, would be really on top of buying tickets a year out. It's obviously designed for scalpers.

You can easily solve this by having the ticket tied to a name and requiring you to show ID, maybe allow others to dump back at face value, but that would likely be gamed as well but not as easily (you dump your tickets and let someone else pick them up at that exact moment). Or make them non-transferrable but that would greatly reduce the value to fans.

I think, in terms of art, it's more like a death march: events will become more exhausting and less emotional rewarding for the performers, so there will be less events, which will be even more exhaustive as they are exclusive. So, under these conditions, there may be no performances, at all, as relevant performers just give up. (Art is not a simple product and may scale inversely.)

Names on tickets, and an in-application/website transfer+fee process that stops people putting on a mark up.

Revert to the current anonymous ticket process for any lower popularity event for simplicity if required.

Because most people don't like scalpers, and the government is a way for people to incentivize the society they want.

Ticket sales companies and scalpers are holding the bag for everyone else.

It is extremely convenient for artists, promoters and venues that ticketing sites will tack on a bunch of extra fees, take the blame for pushing up the price of tickets, then share out most of that extra cash to everyone else in the chain.

Scalpers are effectively providing financing for the rest of the industry - it's obviously preferable to get paid for the entire tour on the day it's announced, rather than having to bear the cashflow risks yourself. There is of course absolutely nothing stopping a promoter from reserving some proportion of tickets to be sold directly to secondary resellers at substantially above face value, or on an agreed profit-sharing basis.

> Someone else proposed that these events are tantamount to international or domestic flights, where the expectation is that ID requirements are invasive and security is high.

Yes, because a large crowded space with tens of thousands of people tends to - unfortunately - be a prime target for terrorism.

This is not the proposal. The proposal is to ensure people's names match their tickets. Additionally, I think most people at concerts support security measures that would improve their safety and avoid a rerun of https://en.wikipedia.org/wiki/Manchester_Arena_bombing

Why is accessibility only important for a small minority?

Decades ago a local popular public magnet high school near me had a lottery system like that.

Students would apply for the school and M of N applicants would be picked randomly.

It turns out the administrators running the lottery would run the randomization program until it gave them the student distribution they wanted (read: the best and brightest, and since it's the south... somehow whiter than expected).

Because objectively most of the population doesn’t depend on accessibility. Most people can complete a visual captcha.

> then implement a lengthy process for those users so that's not worth it for the bots

This “lengthy process” will be optimised by the bots, who have incentive to do so, so that it’s not worth it for the humans.

> it's obviously preferable to get paid for the entire tour on the day it's announced

it's only obvious to "private equity" type people.

There is energy in the concerts - and a lot of people go to live shows for that. Otherwise, one would listen to the recording / watch music videos instead - it is cheaper and the seats are nicer too.

If the seats are half-empty, or only full of people who are ready to pay exorbitant prices, that energy is reduced... people like concerts less, and eventually those concerts are not sold out anymore.

So giving up (or even worse, cooperating) to scalpers is like selling your business to private equity - you get some money, they get some money, and your customers/fans are f*d.

I'm a founder in this space (www.roundtable.ai; YC S23)

Behavior is a big missing link. Many CAPTCHA services (including Google reCAPTCHA v3) claim to use behavioral analyses, but you can disprove this using Operator to fill out a form and see reCAPTCHA and other bot detection systems flag it as a human.

At Roundtable, we rely on first-order behavioral markers (keystroke, mouse, scroll, click) etc. When first-order are sufficiently spoofed, analyze higher-level cognitive traits (e.g. incongruent effect in Stroop)

Well yes, the concert is funded by city, and they wanted everyone to have a chance at attending, no matter what their income was. Not everything needs to be sold.

The problem there was not having enough security - it's like store giving out free popcorn, and someone comes and steals the whole cart. In the physical world, there would be someone standing next to the cart watching that people take reasonable amounts. In the digital world, nothing was done, so thieves stole a lot.

Not sure what the best solution was to be there... I like the idea of giving people few days to sign up, then randomly choosing who gets to go. Of course this has its own problems - for example you want to allow groups, but this can be abused. Identity verification helps with that, but this makes ticket checking much slower....

I always love when I come across a website using Google's reCAPTCHA v3. Usually they have it on their register page, and I get a confusing error message because I didn't pass it and the website owners put no option to do anything about it or prove my humanity in any way. Then I try the same thing on Chromium instead of Firefox and magically it lets me pass.

The internet used to be complicated requiring institutional knowledge about where to go and how to make things work, then it became simple, now it's back to becoming complicated requiring institutional knowledge about how to make things work.

This sounds so truthy and yet so lacking in specifics.

Any examples come to mind?

I want to go to concert, and going alone is no fun. I've convinced my 3 co-workers. I buy 4 tickets for us.

Situation 1: My co-workers could not get time off work, so I am asking my tennis buddies instead. I am transferring tickets to their names.

Situation 2: I am actually a scalper! I've got paid 10x times the price (via venmo), and I am transferring tickets to those random people.

How do you tell those 2 apart?

On proof of work, the situation is actually really bad in more fields than just ticketing. As noted in the article, proof of work isn’t about distinguishing between computers and people, it’s about making things expensive for everyone. Put bluntly, it’s rate limiting. Unfortunately, it’s bad rate limiting: it only works if there’s a level playing field. The trouble is that, when the value of a target is high enough, people figure out ways of cheating.

This can be illustrated with Bitcoin mining. It uses SHA-256 hashing, and at first, mining was done on CPUs. But it turns out you can implement SHA-256 on GPUs, and it’s waaaay more power-efficient/fast; and so CPU mining rapidly became unviable. Then came FPGAs maybe (can’t remember if this was really a separate stage, or rapidly passed) and ultimately ASICs, all making it faster and more power-efficient.

The best Bitcoin mining rigs are more than four million times as power-efficient as any web browser in my powerful four-year-old laptop.

So that’s Bitcoin. Now how about these online bot prevention things, which must rely on only being able to use CPUs, doing proof-of-work?

They use SHA-256. Yes, the algorithm that Bitcoin has rendered useless for proving work on a CPU. Anubis and ALTCHA say they use SHA-256, and a glance at Friendly Captcha’s worker source includes familiar magic numbers.

So you know what comes next: if these things become valuable enough targets, people offload the solving to GPUs and ASICs. And once you have a power level difference factor of a few thousand or million, you can’t fix it by adjusting problem difficulty. No, current proof of work schemes are bad rate limiting, and they’ll need to rethink everything completely if they become popular.

I just don’t get why they didn’t at least start with something like Argon2d, which would at least stave off the evil day. Did they learn nothing from cryptocurrency? SHA-256 is almost the worst choice imaginable for a proof of work scheme, because of how much effort has already gone into undermining it.

I genuinely believe these bot prevention things would be approximately as effective, at least for now (and their choice of SHA-256 shows this is all they care about) if their script replaced the proof of work with a simple busy loop of similar duration, told the server it had done so, and the server trusted it. In their present form, I imagine someone who knows what they’re doing with hooking stuff in a headless browser, and writing code for a GPU or an ASIC, could effectively bypass any one of these services in less than a day, reducing the cost by a factor of thousands or millions.

> Performers are not in the business of optimizing ROI, they're in the business of performing.

I have to disagree; performers are absolutely in the business of optimization. Bo Burnham was singing about metrification destroying art 10 years ago. Every standup comic is using social media as a sales funnel to figure out exactly which cities they have an audience in. Even if the performers themselves are not concerned with gaming these numbers, they almost always have someone working for them who does.

So I still don’t quite understand why the scalpers are the ones getting to eat the free lunch.

> selling out quickly is in and of itself valuable for a performer

This one seems like a more likely explanation, but the pattern with a lot of these ticket sales is that the demand is already there organically without scalpers entering the equation. I don’t really follow the space so I really don’t know, but I’d imagine the shows that get targeted the most are the performers who were going to be playing a sold out show regardless of the scalpers.

You're attributing to avg consumer a much higher degree of both tech-savviness and market power than is realistic.

Even privacy unfriendly methods may not solve the problem.

Buying large concert tickets in China has required the buyer's personal ID since several years ago, and the personal ID associated with the ticket cannot be changed after the order is placed. At the entrance of those concerts they do verification based on ticket, ID card and facial recognition. There are still many scalpers who offers tickets even after they're "sold out", though. What they do is to let buyers lie they forgot their ID cards so that there's a higher possibility of entering with the ID card provided by scalpers (which they used to buy tickets). And by the way, the scalper don't have to provide their own ID card - personal information leakage is so common here.

It's much more complicated (and worse) than that.

Ticketmaster reserves some seats during sale to be dynamic pricing, which they start higher than normal and then depending on demand and what they see on the secondary market they re-price those as the initial sale or presale is ongoing, just minutes after it starts.

Also, promoters, artists and venues might get their own allotment of tickets to do with as they want, likely negotiated in contracts. Those seem to find their way onto secondary markets often as well.

> They do other things that's baffling like selling tickets a year ahead of time, which is kind of weird considering very few people, even big fans, would be really on top of buying tickets a year out. It's obviously designed for scalpers.

Yes, I've commented on this here before. In some cases it's because tours go on sale at the same time (to generate buzz), and the early events are relatively soon and the last events are quite far out. They also often do release chunks of ticket inventory at later stages. That said, I'm convinced that often brokers are used as a simple way to provide immediate cash and reduce risk. Why would a promoter want to sell out over months when they can sell out immediately and know that regardless of whether the brokers make money (they don't always) they have sold everything and can say the event is sold out and they have cash in hand now and not months from now.

I used to work in this industry and there's a lot of shady stuff that goes on, and it's not all on the broker/scalper side.

> You can easily solve this by having the ticket tied to a name and requiring you to show ID

That's been done for a long time and you can still get around it if the margin is good enough. You just have to either want to go to the event yourself or be willing to one ticket out of the maximum you can purchase as the cost of doing business. You can't really make every seat have a name initially because not everyone actually knows who they're going to invite for sure at time of purchase, so if you want to really make it effective you have to limit the number of tickets per transaction to 4 or less. Even then, people will be incentivized to buy the max and have people go with them to use the extra tickets at cost or more, it may not be brokers but the regular public will do it too.

The actual solution for this is fairly simple. It's supply and demand. Play more shows at a location and the ticket prices will drop. Kid Rock has done it for decades at this point. Artists don't like having to put the extra work in for less money (tickets will be cheaper) and don't want to take the risk that the demand won't be there if they book the venue early. That risk is pushed out to brokers.

>> it's obviously preferable to get paid for the entire tour on the day it's announced

> it's only obvious to "private equity" type people.

I mean, who wouldn't look at their current expenses, look at their future cashflow, and be like hey, it would sure be nice to be paid today for work I'll do over the next year?

Venues need deposits (maybe), transportation needs deposits, set builders need materials, marketing needs budget, merchandise production needs to pay vendors, etc. Insurance needs to be purchased.

It all adds up to it'd be nice to have ticket sales money sooner rather than later.

>> it's obviously preferable to get paid for the entire tour on the day it's announced

> it's only obvious to "private equity" type people.

No, it's obvious. Anyone that has to choose between getting $100 right now or $100 trickled in over months would opt for it right now for many reasons (inflation, the ability it invest it, the ability to use if it needed for unexpected situation, etc).

Wanting events to be populated by people that are primed for an experience and part of that priming bing they don't feel like it was too expensive to go might be another thing the artist or venue wants to encourage.

You can combine these things and make specific trade offs, but that doesn't mean all other things being equal that it's not entirely obvious that you should prefer money now to later.

> So giving up (or even worse, cooperating) to scalpers is like selling your business to private equity - you get some money, they get some money, and your customers/fans are fd.

It depends, probably a whole lot more than you think. Sometimes fans like to know they can go to an event if they care enough. In a world without resale markets that would be entirely dependent on the artist deciding to play more shows, because once tickets are sold they're gone. Secondary markets provide liquidity.

Also, sometimes tickets are available for cheaper* on secondary markets than they were on the initial sale (and this was true even before Ticketmaster started changing prices as the sales went on). That's because brokers take on risk buy buying for an event when it's not entirely sure it will still have demand when it's the event date.

For example, I just went to Stubhub (because I'm not sure Ticketmaster's own exchange will allow you to list for less than sale price) and looked for events starting soon. I found a rock concert in Napa where the Orchestra tickets are cheaper on Stubhub ($94 for two) than on Ticketmaster ($115.40 for two). There are plenty of tickets still on Ticketmaster, and some brokers just want to but their losses.[1][2]

There are plenty of ways to look at reselling to make it seem horrible or to make it seem beneficial. It's neither, it's just a normal function of markets, and the more people try to prevent it the more weird problems we'll have. Want to fix ticket prices? Convince artists to take on risk by playing larger venues (which they might not sell out) or add dates (meanind some days might not sell out). Artists don't want to take on that risk, so we have resellers and higher ticket prices.

1: https://www.stubhub.com/zepparella-napa-tickets-5-31-2025/ev...

2: https://www.ticketmaster.com/zepparella-the-led-zeppelin-pow...

hedging is a tried and true financial strategy. Transpose this to any producer of commodities and it becomes the most normal thing in the world to take guaranteed cash at a discount for guaranteed delivery of the product. It’s the exact same thing.

(Author here) Yes, every kind of lottery/raffle is a possible solution but only with strong identity verification to avoid double-entry and hence only with sacrificing privacy, as mentioned in the article.

(Author here) Anything else than first-come-first-served requires strong identity to avoid people trying to get better chances with many entries into the pool, thus falling into the "sacrificing privacy" category

(Author here) Interesting! How do you differentiate between a bot and a screenreader user? Both won't move their mouse, scroll, etc but only send a single click event

1. Digital tickets are purchased via mobile-friendly site or app.

2. Tickets are verified at entrance via time-sensitive QR code displayed in the app.

3. You can "resell"/transfer a ticket to another account (say, friend) via app for a small nominal fee with the cost of ticket refunded to you, but only if you provide ID (of any sort, which can be more or less reliably confirmed).

4. Ticket can be printed to obtain non-time-sensitive QR code, but only if you provide ID.

I am unsympathetic to people who insist on reducing everything to its market value.

I've heard the arguments they use to justify why they do and they're all hogwash.

About 30 years ago there was a computer shop that initially carried a lot of equipment, so it was popular among the enthusiasts. Then they decided to optimise things, drop less popular choices and only sell to the general public.The enthusiasts left. Then left the general public . Turned out that when a layman wanted to buy something they usually seeked advice of a local expert, a computer enthusiast.

The only valid solution is governments that offer something like OIDC providers using your ID card. You yourself can create a token that verifies that you are you and additionally there can be manual checking if the ID card matches you.

This way a platform also does not need to handle any sensitive data.

A ticket provider would have to allow reassigning tickets to other people through their platform - make it a "maximum 3 people for automatic approval".

I'm finally seeing what Altman saw with his world coin

How is checking names going to prevent terrorists with guns?

The article isn't clear (as I'm not familiar with Manchester Arena and the names of the rooms) but a man was allowed in with a bomb in a bag. Showing id (or not) wouldn't have been the problem.

(And incidentally, it's not required to show identification for flights within Europe's Schengen area.)

That has been tried before. What happens is that people choose the school where there is easiest to get good grades. Fast forward a generation or two and there is a race to the bottom, schools take their mission to prepare for standardized testing seriously at the expense of learning. Over time, our outcome will depend on what you measure.

School systems are also special because you don't really want to overprovision school seats, so if there at the end of the day are as many seats as there are pupils in the system as a whole, there can only be selection and never competition in the economic sense.

> I am unsympathetic to people who insist on reducing everything to its market value.

What is wrong with market price?

I think legal eID + some kind of zero knowledge proof that provides anonymization could provide the solution here.

A solution:

It's NL and the everyone has a personal id. There is a national service to validate that, too.

One week accepting of requests - a person can submit multiple id (incl. children). At the end of the period a random lottery with some bias to people registered in the city (in the end the event is paid by them)

that's not entirely true. reCAPTCHA v3 relies on your Google account as a signal and what activities it has performed out in the wild. It's not exactly privacy-conscious, but certainly behavioral.

> for people to incentivize the society they want.

Speak for yourself (pun intended).

Many small venues do this where I'm from and it works like a charm. Even just name on ticket without any further transfer option works well. Not sure if you're going? Don't buy a ticket, more tickets for people who are going for sure.

> In 2014, Google presented the one-click CAPTCHA and later, with reCAPTCHA v3, the “invisible CAPTCHA”. Similar services are offered by other companies like Cloudflare, Akamai, and others. They rely on analyzing everything they know about you and feeding it into a large machine-learning model to compare you with behavior...

> This requires the creation of extensive centralized profiles about the people visiting your site.

Very nice wording to avoid/workaround GDPR/EDPS attention. So, they compare "me" to a "behaviour". Notice the words.. not "my behaviour" to "ProfileType_004 behaviour". Because that would be "profiling" and GDPR don't like profiling! So..

On the second quote, again, they compare something vague to "centralized profiles" (what I wrote as "ProfileType_004" above (or whatever they are called in each vendor). Again, the ether is compared/matched to a profile, so.. they profile us :)

ufff...

It's only mispricing if you take market dynamics, and making the most money possible, as paramount. If your goal is to actually bring fans to your show, you might want a different system.

One music festival issues ID-linked tickets using a lottery 8 months in advance. If only the richest people attended, it would actually destroy the festival. And no, they can't hold it more than once each year so that prices drop.

People don't know the maximum price they're willing to pay. There's actually a probability distribution, not a hard cutoff, and certainly not one known in advance. The higher the price is, the less likely I am to buy it. Auctions work for two classses of people: spherical humans in a vacuum, and economists.

I don't think that when people say "a concert" they mean something that happens every Friday and Saturday night. I think it means a unique event.

I felt that captcha is over when I struggled to solve microsoft rotating planet captcha when I tried to restore account there. It looked like those IQ test questions.

I feel like the only protection against AI in general, not just for tickets, is trust. If I trust you, you can do whatever you want as long as I trust you. If I don't trust you, you can do whatever you want; I will just block or ignore everything you do.

It's when we try to interact with random people that we get problems. Doing that will become less and less possible the more AI grows. We will have a future where trust is very important.

> No, it's obvious. Anyone that has to choose between getting $100 right now or $100 trickled in over months would opt for it right now...

As usual, there are real life edge cases where folks don’t choose just on what makes the most sense financially. Many teachers work less than 52 weeks a year but choose to have their pay distributed over 52 weeks.

If it’s a normal function then we sure go through a whole lot of effort to make sure a human and not a python script is buying tickets. If it’s normal, why doesn't the industry embrace it wholesale?

It's hilarious to read this discussion on HN, because the mentalities of artists and corporate business folks are so different. Artists aren't making a rational decision to reduce reputational damage by keeping ticket prices low. They're employing empathy to imagine themselves in the position of their audience - as music fans themselves first and foremost.

Why do people create at all? It's certainly not the most effective route to maximum income. It's a form of connection. Performing is sharing the joy of music and creativity with a group of people who've formed a connection to you through your art.

Now while the industry certainly selects for people who do not think this way (i.e.: performers rather than artists), despite itself it's full of artists whose values are not aligned with whatever kind of homo econominicus maximal self interest, war of all against all that pervades here.

Source - I'm not a musician, but I am a writer and I've directed music videos for numerous artists over the years. The idea that they're all motivated by the same mechanics as faceless entities like ticket master is silly.

Ticket sellers can easily run their operations using a standard relational database. A blockchain solves no problem they have.

You miss a big difference between cryptocurrency and PoW captchas: it's very hard to change hashing/PoW method in a blockchain (you need ack from 50% + 1 validators, and all the validators are by definition heavily invested into the current proofing method - they have natural reason to object), but it's very easy to change hashing in a PoW captcha. So here any cheating will start a whack-a-mole game, where the defenders have the upper hand (changing PoW method is cheap, using multiple PoW methods is cheap, investing into ASICs isn't).

Artists charge what they get told to charge. And ticketmaster owns all the venues so if you want to play anywhere, you're going to list at whatever prices the venue lists artists of your level. Humans are all statistically similar for large cohorts. Artists want money as much as other people, specially the ones playing big venues.

First thing to help would be to break up the venue monopoly that ticketmaster created.

If they really want to solve the problem, how about this - kind of like the ESTA for travel:

Individuals must register an account with government issued ID and the same level of KYC security as to open a bank account. This must be done a certain time in advance before the tickets for an event open.

You can only buy tickets for yourself or other already registered users whose username (or similar) you know - and only as long as you are buying a ticket for yourself too.

Some kind of exchange mechanism were a buyer can return a ticket to the pool and if someone else buys it, they get slightly less back than they paid in the first place, effectively allowing them to "resell" a ticket but at a slight loss (even if the platform takes a cut). Please don't use blockchain for this.

Maybe you can go full Chinese train tickets on this: you buy a ticket on an account backed by your government ID, and then your ID is what opens the platform gate for you. Your ID is your ticket.

that's addressed in the article. It's the privacy unfriendly solution of venn diagram

The vast majority, hard to quantify, but I'd guess well over 99% of professional musicians (certainly outside the US) never play a ticketmaster venue. They're not operating at that scale. When they tour it's at smaller venues - there are orders of magnitude more small bars and dedicated venues not owned by ticket master.

> Artists want money as much as other people, specially the ones playing big venues.

This is exactly the kind of projection I'm referring to. What makes you believe that most humans want as much money as possible - to the exclusion of all other values? Again, difficult to quantify, but I'd suggest a majority of people would put pure wealth lower down on their priority list than health, family connection, social connection, travel, time to spend on interests etc. This goes double for people who've chosen professions rooted in their own creative expression. All else being equal we'll all choose wealth - but if the cost is exploitation, all else will not be equal for most people.

It seems clear that you're conflating the microscopic numbers of 'major label' artists playing to vast audiences - effectively as employees of 360 label / marketing companies like Live Nation with the supermajority of professional touring musicians.

I'm reminded of the chap I attended college with who sold a salacious story about one of our mutual friends to a tabloid. When we found out this was happening I had a another mutual friend approach him to intervene, but heard back that it was 'too much money to turn down'. Fifteen or so years later this guy is a multi-millionaire who just lost a civil suit (and is under criminal investigation) for fraud and sexual misconduct. Most people do not operate like this - empathy is dimensional.

that it reduces everything including culture to just one metric, money. Are you a fan of a band? can't go because you got outsold by some rich person that maybe cares or maybe not, it doesn't matter, they just have more money that you.

The space at a concert is limited so some form filtering will have to happen, but if the only metric is market price that's a pretty sad society specially when we're talking about culture IMO

I think of it in a different way:

> Why do people create at all? It's certainly not the most effective route to maximum income. It's a form of connection. Performing is sharing the joy of music and creativity with a group of people who've formed a connection to you through your art.

It's worse. Creating seems to be an effective route to no income at all. Popular entertainment is a winners-take-all market; everyone who isn't one of the few popular artists or performers whose name alone brings in money, have to work hard to get anything at all from their work. The little I heard from various second-hand and third-hand reports from textbook authors, novelists, painters, musicians, etc. suggests that the royalties made from selling their output are laughably low. A big factor in that are the parties in between the artist and the buyers - publishers, labels. Those are some of the "faceless entities" you mention, and they're in a position of advantage over the artists, and they absolutely use it to capture all they can for themselves.

Because of that, to be able to dedicate yourself to your creativity, you have to either have a secondary stream of income (e.g. part-time artists with unrelated dayjob), give up most of control and autonomy (commission work, art-as-dayjob - think e.g. art for videogames), or seek any and all ways of indirectly monetizing your work further.

Focusing on that last part - for musicians, this is primarily live performances and merchandising (self-publishing is also easy today, but so is piracy). But per what I said above, most musicians are starved for money, and this - not greed - is forcing them to be less picky than they'd like. They can't afford to leave money on the table.

The paradox here is that most people - which includes the audience - think like you think, that artists are the opposite of corporate greed, that art is about humanity and not money, etc. Every artist knows that too, and that maintaining this reputation is critical to their income. Between two competing pressures, each artist has to find a point that's acceptable to them.

But this is where Ticketmaster comes in - they offer a way for artists to be more greedy without taking a reputational hit. Their Eternal War with Scalpers keeps the ticket prices up, while all the public outrage gets distributed between the Greedy Corporation and the Scalper Scoundrels.

Not all musicians engage in this on purpose, and for those who do, it's hard to prove. And of course it's just one slice through the complex relationship of artists, public, and countless commercial third parties in between them.

> What makes you believe that most humans want as much money as possible - to the exclusion of all other values?

Hardly anyone thinks that. But it's not controversial to believe most humans want enough money to not worry about affording the basics. The thing is, most art as a career doesn't even pay that by default.

If you insist on only seeing Taylor Swift, this is what you get. There are way more talented artists than will ever play at these giant stadium shows. She isn't a better musician than all of those other artists, she is just more popular.

>> Artists want money as much as other people, specially the ones playing big venues.

> This is exactly the kind of projection I'm referring to. What makes you believe that most humans want as much money as possible

You'll notice the following sentences don't mean the same thing:

> As much as other people

> as much money as possible

Computers keep getting better at acting like humans, but humans don't get any more obviously human.

People propose overwrought digital solutions because not selling online is worse in almost every aspect.

Yeah, not (too) surprising after a few years in the anti-bot industry. Last week I looked into a Binance CAPTCHA solver that didn’t use a browser at all, just a basic HTTP client. The attacker had reverse engineered the entire signal collection and response flow, including how the CAPTCHA was marked as solved. They were able to forge the expected telemetry despite some obfuscation. https://blog.castle.io/what-a-binance-captcha-solver-tells-u...

This is pretty standard now in bot-heavy spaces like ticketing or sneaker drops. CAPTCHA often just ends up being a protocol to collect signals, and if those aren’t tightly bound to the browser/runtime, they get spoofed.

Also not surprised PoW isn’t holding up. Someone reverse engineered the PerimeterX PoW and converted it to CUDA to accelerate solving: https://github.com/re-jevi/PerimiterXCudaSolver/blob/main/po... At some point, it’s hard to make PoW slow enough for bots without also killing UX for humans on low-end devices.

That’s not true. The problem of whether the person actually has the money for the ticket. If it’s done by credit card then you have the problem of refunding so many people and getting a bad reputation with the middleman processor. See, unlike a blockchain, that middleman has policies that penalize legitimate price discovery mechanisms like auctions. So you have to take risks for no reason other than to appease a middleman’s risk department, or get deplatformed… ah the joy of depending on a third party walled garden. In other types of walled gardens, you get why open protocols are better, but on HN it is like, a requirement, to say “blockchain solves no problem”. Just like with capitalism you must say “there is nothing wrong with capitalism but..” and with AI you must say “whatever problem you are describing already existed before so AI didnt introduce any new ones…”

So maybe the lottery shouldn’t be run by the school :)

Two big leaps in your answer: 1. that the person paying more is rich and 2. that the person paying more likely doesn't care about the band

The way I see it, it is also highly likely that the person paying more is of average income and just convinced themselves to pay more because they are superfans

1. outlaw ticket reselling 2. only allow tickets refund to the original seller

The government needs to support OAuth2.

ah, I tried to avoid that leap with the "it doesn't matter" but probably didn't come across properly.

The point I'm making is that market value reduces the problem to just money which is being taunted as a magic solution, which might work in some cases but market value doesn't exist in a vacuum and it has side effects. As the topic being discussed is culture it introduces a lot of biases into society that I would find problematic.

Also, if we want to talk in pure capitalist terms, Ticketmaster is already a monopoly of sorts in the music buisiness, there's no "market value" if there's no pressure to lower prices, they can make the experience as bad as possible without repercussions other than people not going to concerts anymore which as a society would suck

That seems to be confusing gross and net margin. When considering a question like “who cares if a ticket buyer ends up showing up?” that’s a marginal consumption question and the gross margin applies.

> The vast majority, hard to quantify, but I'd guess well over 99% of professional musicians (certainly outside the US) never play a ticketmaster venue. They're not operating at that scale. When they tour it's at smaller venues - there are orders of magnitude more small bars and dedicated venues not owned by ticket master.

This is probably true, but I'm guessing smaller artists are also at much lower risk of scalpers (at least my anecdata backs that up) so probably much less applicable to the problem at hand.

Sometimes you leave money on the table to increase demand.

Don’t worry, there’s no greedy, rent-seeking rock that hasn’t been overturned. Your idea would cost them way too much money. Since we’ve embraced scalping as a legal business model, Ticketmaster makes money on all sides of most transactions. It’s in their interest to for you to have maximum anxiety and buy as early as possible to increase the odds that you’ll resell.

The bots and scrapers aren’t black hat, Ticketmaster makes some nominal effort to “stop them”, but somehow those pesky hackers manage to figure out how to make Ticketmaster more money. Ticketmaster is adept at making the purchase experience high friction and difficult, so those bots must be really clever. (Lol)

That's just an overcomplicated way of doing pre-authorization.

Talk about decentralisation and anti-deplatforming makes no sense here. Concerts are a physical thing happening in the real world, organized by selected "centralized" entities. Venues can refuse to host an artist. Artist can "rug pull" by refusing to host. Imaginary tokens can't do anything about that, and we already have laws, contracts, and currencies that have been dealing with that for as long as these things existed.

Ticketing is like dating websites, many are affiliated in various ways. Ticketmaster doesn’t down StubHub… Livenation (the company that owns them), and operates most of the venues, does. They are structured to have nominal competition to meet competitive bidding requirements for .gov owned facilities.

Long ago I worked for a company that did some novel work in the ticketing and contained reservation space. We didn’t do resale due to the nature of the product, but the fees we extracted were bonkers - the facilities operators basically paid a nominal amount to stand up the platform, and we derived all (and it was a lot of) revenue from the customer - often on a white label basis.

Long story short, Ticketmaster elbowed in and bought the company and the tech once we had traction. That pattern holds in many similar business models.

> I mean, who wouldn't look at their current expenses, look at their future cashflow, and be like hey, it would sure be nice to be paid today for work I'll do over the next year? Venues need deposits (maybe), transportation needs deposits, set builders need materials, marketing needs budget, merchandise production needs to pay vendors, etc. Insurance needs to be purchased.

This sounds just like taking out a loan. That money isn't really yours until you do the work. How different is the outcome here vs. taking out a loan for the same purpose, then? Is it cheaper?

Or maybe stop all the bullshit and sell the tickets at their real value.

Ticketmaster should be destroyed!

Ticketmaster is reselling themselves, so they only prevent other peoples bots lol

Card Network Rules: Payment processors and card networks have rules about the use of pre-authorizations. Excessive or inappropriate use can be flagged, potentially leading to penalties, holds on your account, or even termination of your merchant account. Customer Experience: Imagine a customer who participates in several auction bids and has a pre-authorization placed for each bid. This can lead to: Blocked Funds: A large amount of their credit limit could be temporarily blocked, making it difficult for them to use the card for other transactions. Confusion: Customers might be confused about multiple holds on their account, leading to inquiries and chargebacks. Negative Experience: A poor customer experience can hurt your reputation. Risk of Expiration & Release: If pre-authorizations expire, and the auction is not completed, you might have to re-authorize, which can be disruptive and annoying to the customer. False Availability of Funds: Since not all bidders will win, placing holds on all bidders' accounts gives a misleading view of how much funding you might actually have available to you. Chargebacks & Disputes: Confused customers with multiple pre-authorizations are more likely to dispute charges, which can hurt your merchant standing and reputation. Processor Scrutiny: A merchant running a high volume of pre-authorizations relative to actual sales could be perceived as risky behavior. Processors will scrutinize businesses with higher dispute rates and high pre-authorization-to-capture ratios.

You mean at like $3k/ticket for Taylor Swift nose bleeds?

> No, it's obvious. Anyone that has to choose between getting $100 right now or $100 trickled in over months would opt for it right now for many reasons (inflation, the ability it invest it, the ability to use if it needed for unexpected situation, etc).

I disagree? Even if your conclusion is somehow true, it seems in no way obvious, and so far as I can the reasoning doesn't make sense. You've left out two crucial factors:

- The assumption that it's $100 now vs. $100 later just seems unfounded. What if it's $100 now vs. $110 later? The payer is can factor in the time value of money, inflation, etc. just like you do; why would they completely ignore that and blindly pay the same amount they would at two different points in time?

- We're not talking about free money, we're talking about payment in exchange for work. You're taking out a loan that comes with obligations. You're going to have to pay it back if for whatever reason you can't do the work. Generally, the earlier you take the loan, the more unpredictable and thus the larger that risk is. Of course details matter here but it's not at all obvious ASAP is the optimal policy. And I don't know about you, but I sure as heck don't enjoy being perpetually in debt to someone. I'm not saying it's bad if you're fine with it, I'm saying it doesn't seem remotely true that everyone is fine with it.

Are they mispriced? Or is it just hard to price goods where some people are willing to pay a MUCH higher premium than others? That is, if I can sell 5000 tickets at 10$ or 10 tickets at 1000$, the right price may just be 10$. And trying to find a way to convince those 10 people to pay the 1000$ they were willing to, in a way that doesn't affect my reputation too much, may just be too hard.

The time at which scalpers buy tickets becomes irrelevant. They can resell tickets at arbitrary-high-price + margin because buyer know they will receive refund for the exceed amount, thus pay only (final price + scalper margin) for the ticket eventually.

Bonus: buy ticket from scalpers after price settled, you will get a determined price, no more guessing and find inner peace.

The problem for scalpers is that if they buy too many tickets, the final price may become too high to be attractive for real buyers.

I work professionally in ticketing with ticket sales system. The problem with scalpers is completely solved, and the only reason why scalpers can operate is because the artists and venues deliberately allow for it.

It's incredibly easy to remove scalpers:

Sell each ticket with a name attached, ask for ID at the door.

That's it. Whatever hacker argument against this you are thinking up right in this moment, it is just wrong.

"What if I don't know who I'm going to ask to go with me?" - Then buy your ticket once you've figured that out.

As for tickets that are so popular that servers can't handle the demand: Make a lottery and give people one day to sign up for the lottery.

Scalping is a solved problem and only happens when artists and venues encourage it.

Your solution doesn't do anything against scalpers, on the contrary it encourages scalping even more.

> (you dump your tickets and let someone else pick them up at that exact moment).

Very easy to counteract, the venue just releases those tickets back for sale in batch at an unspecified date and time.

> They do other things that's baffling like selling tickets a year ahead of time, which is kind of weird considering very few people, even big fans, would be really on top of buying tickets a year out. It's obviously designed for scalpers.

Serious venues and artists do the same thing. It is to reward the early fans with the cheapest tickets and to get early cash flow. Nothing shady about it.

You have completely misread my comment; the point is that checking names would not be for security (it would be to prevent ticket scalping). As you have correctly identified, handling security threats is somewhat orthogonal to this - i.e. your claim is false. Large venues will inevitably have to introduce security screening irrespective of whether or not they match names and tickets.

> That's been done for a long time and you can still get around it if the margin is good enough. You just have to either want to go to the event yourself or be willing to one ticket out of the maximum you can purchase as the cost of doing business.

You tie each ticket to the name of that specific attendee. The ticket buyer doesn't even have to get a ticket for himself. This is bullet proof, unless scalpers can convince their customers to make a fake ID to attend.

> not everyone actually knows who they're going to invite for sure at time of purchase

Then wait with your purchase until you have figured it out.

Sounds like Valve/Steam and the CS:GO gambling.

Here's a GIF where reCAPTCHA v3 can't detect Operator: https://x.com/_magrawal/status/1925543620217905641

'Behavioral' is loosely defined, but it seems like the behavioral tells of Operator are quite simple

Yup, we had this with open-end analysis (see: https://www.producthunt.com/stories/how-to-detect-ai-content...)

We had some people use voice software to fill in survey responses. This flagged computer-generated assistance.

Generally speaking, it'll be more than a single click event (e.g. see https://x.com/_magrawal/status/1925985289568211168)

bot protection, and specially sophisticated bot protection systems like recaptcha and shape security really kick in at scale. there'll be no obvious signs you're detected until you try to scale up your automations.

Thanks for the comment. Couldn't have said it better. Also, good point about Ticketmaster. One seller, incomparable goods.

TM solved this already, five years ago with their digital tix platform. They got rid of physical tickets, implemented auction pricing for the best seats, and took over the reseller market as well. They became the scalpers and took their revenue.

Those repercussions are essentially just a form of market feedback through demand contraction, i.e. it is the inevitable result of human action under conditions of scarcity and subjective preference, a natural outcome. The market would correct itself. If no one goes to Ticketmaster, someone else could (and if there is demand (among other things), most likely will) take its place, and they will no longer be a monopoly, simply put.

Consumers should learn tech-savviness and I don't think I'm attributing too much.

Phone bills used to be really complicated with minutes and long distance and cross country. And consumers learned and adjusted their behaviors to reduce their bills.

Consumers are stupid but not that stupid.

Checking tens of thousands of IDs accurately has a cost, it isn’t quick or free.

Nothing in theory, but ticket sellers probably don’t want to get into the means-testing business.

Implementing costs that not all parties want is tradeoff, not a solution.

What costs are you talking about?

Loss of privacy, slowdown at the entrance, employee training on validation, not being able to hand a ticket to a friend later (you mentioned). Other things I’ve forgotten but others have mentioned on this page.

Scalpers have helped me out several times when I didn’t hear about an event until the last minute, so I don’t always think of them as an enemy to eliminate.

Patio11 has a piece on how, often, the optimum amount of fraud is not 0. Scalpers aren’t exactly that but informs the discussion.

> The assumption that it's $100 now vs. $100 later just seems unfounded. What if it's $100 now vs. $110 later?

The actual situation is that it's $100 now or maybe $110 later or even $90 later, because you don't know what the market is going to do. That is the risk the resellers are taking on. The demand for the product is not static. At the time of sale, a lot of effort goes into making the artist appealing and interesting to audiences so they are more interested in buying a ticket.

> The payer is can factor in the time value of money, inflation, etc. just like you do; why would they completely ignore that and blindly pay the same amount they would at two different points in time?

Of course customers would prefer to pay at the last possible moment. With a static inventory that's released all at once (which isn't really how it's done most times now) they don't really have that luxury for popular events, resellers or not.

My point is that there's no guarantee the value of tickets. Depending on the event, they often reduce in cost. Selling a large amount early reduces risk exposure. These days there's a bit of everything going on, and usually there are certain amounts of inventory released initially, and more come in clumps over time, possibly at different prices depending on demand and what the secondary market looks like, as well as there being a subset of inventory from the very beginning that has dynamic pricing to respond quickly to market conditions and serve some of the need of the secondary market. As Ticketmaster started tun run their own secondary market they quickly utilized the data that gave them to change how they functioned on the primary market.

> We're not talking about free money, we're talking about payment in exchange for work. You're taking out a loan that comes with obligations. ... And I don't know about you, but I sure as heck don't enjoy being perpetually in debt to someone. I'm not saying it's bad if you're fine with it, I'm saying it doesn't seem remotely true that everyone is fine with it.

Importantly, there are many links in this chain, and people taking their cut along the way (although less than there used to be since Live Nation /Ticketmaster has serves the role of multiple parties in many cases). This is how the industry works at the large tour level. You contract for a lot of work over a long period, sometimes more than a year, and then proceed to execute on that plan. As someone that gets a normal paycheck, I admit it's not that appealing to me either, but let's not fool ourselves into thinking it's strange. All sorts of small businesses work on this idea, and when you're doing fixed cost work, you would rather have the money up front, as it allows for more options. Any tradesperson that does large projects has to deal with this to a lesser degree. General contractors, electricians, etc. It's a normal part of contract based work. Most people are forced into what the industry has settled on as acceptable practices and can't dictate difference, so for the vast majority "if you're fine with it" is a foregone conclusion because if you're not you've probably found some other way to make a living.

They have, as much as they will try to convince you they haven't, because they've spend so long trying to shift any blame or negative feelings towards resellers. Here's some supporting information to that point:

- Ticketmaster is known to add additional fees to tickets which are actually given in part or in whole to the artist or venue, allowing customers to blame Ticketmaster for high ticket prices so Artists can claim they wanted cheaper tickets that were only $25 (but are actually $40 when you get to the final check out). This has been covered by the major news outlets a few different times and discussed here, so shouldn't be hard to find information on.

- Ticketmaster runs their own secondary exchange now, which verified re-issuing of digital tickets out of their own back-end and guaranteed entry. Can't embrace it much more than that. They get a cut of the sale price on the secondary exchange like all the exchanges do.

- Ticketmaster also reserves a portion of their tickets for dynamic pricing and their price will adjust on the fly during the initial sale period based on demand and what they see them showing up on the resale market as (some tickets show up on the resale market almost immediately).

- Artists want to side with their fans, or at a minimum appear to side with them. That means releasing tickets for "cheap" or at least in a way they can claim they did. Some artists care, some pay lip service. Kid Rock actually seemed to care, as he would play Detroit for seven consecutive days or more to make sure his cheap tickets stayed cheap by providing enough supply that demand was never too high, at least for most seats. I'm sure he would rather not do such a grueling schedule though, which is why he's always been very active trying to get legislature passed targeting resellers.

To me, having worked in this industry in the past, it's always been very clear that the industry does embrace the secondary market, to a degree, while also using it as a convenient scapegoat. If the secondary markets were to be shut down tomorrow, everyone would find at least some aspect of that worse than the current status quo. Some might ultimately find is better, some worse, but it's not nearly as simple as secondary markets just being a problem (for example, they're not just rent-seeking, they're offloading risk and providing liquidity).

Yes, I'll admit I was a bit strong in my "anyone would" wording. I'm fairly confident in saying that while some people might opt for delayed payment when pressed and discussed with most if not all would admit to doing so because of their own inability to follow through on what they would acknowledge as the financially smarter option. In that case, it's still obvious what the better option is, even if you feel you can't take advantage of it because of other factors.

Loss of privacy? That your name is on your ticket? Then don't go, or reach out to the organizers and let them know you are a person who needs special protection and they will accommodate you and your entourage.

Your name is on your bus card also, and your airline ticket, but I don't hear anybody complaining about loss of privacy for that.

Employee training on validation? They look at the ID and see if the name matches the name on the ticket. Anybody can do that without any training.

> Scalpers have helped me out several times when I didn’t hear about an event until the last minute, so I don’t always think of them as an enemy to eliminate.

They helped you by screwing over other people. You do not have higher value than any other person. Besides, organizers can save expensive last-minute tickets without needing scalpers.

These are low-effort responses that don’t satisfy the issues.

I understand TM has a lot of power, but they do have to keep the average consumer on board.

Nontransferrable would deflate prices though.

If I spend $nnn on a ticket, there's some reassurance that if I get sick/called into a work or family emergency I can throw the ticket on Craigslist or some officially-sanctioned double-dipping scheme and at least get some of my expenditure back.

How much cheaper does it have to be to compensate for greater risk?

That's a circular self-justification.

All of that can be custom for the industry, the same way air travel has had custom rules in credit card processing since forever.

And your comment is high effort? This is how real venues and real artists solve the problem of scalping and it works without a problem.

You can't hand out money (which you're doing if you're giving away something of market value for nothing) without taking on the responsibility of deciding who gets it. Even charities have to put in the work.

How are concert tickets different to airplane tickets?

Allocation of scarce resources is based on demand for them, expressed in monetary terms. "Deserving" has nothing to do with it. I may deserve a ticket, but not even want to go.

Can be … oh we may negotiate with the middlemen to not deplatform us. How nice. Blockchain doesn’t solve any problems in the same way that giving people universal single payer health insurance didn’t solve any problems since you can always find a good employer who will just treat you well.

If you resell, you're a scalper.

If you return the ticket to the venue/band, you get your money back, get the bond back, and you're not a scalper.

Charging the ticket buyer the price of the bond doesn't only harm the fans that want to see the show. It also harms the band that won't have fans come see the show. It's an incentive for the band to buy back unused tickets. Bands currently don't do that.

Fans demanding ticket buy backs puts pressure on bands to put an end to scalping. It's fans who pay the entire cost of scalping now, not bands.

Anyone who sells is a scalper.

This is easy to notice. You can't go around saying "I've got two front row" when the mere act of saying it gets you noticed. You can't post online you're selling tickets because it gets you noticed.

Only the venue/band sells. Only the venue/band buys back tickets, and they're required to buy them back at the price they were sold. Full refund of ticket price and bond.

If noticing scalpers is easy, the bond doesn't need to be silly high. Catch a scalper and you get 50% of their bond.

You don't permit ticket transfers. Instead you sell tickets back to the venue for the price they were bought. Your tennis buddies would better be ready to buy the ticket from the venue 1 second after you sold it back to the venue, else someone else might get it.

Scalpers can't transfer tickets in this system.

Yes, you've solved your problem, not my problem. What about others?

> reason why scalpers can operate is because the artists and venues deliberately allow for it.

The problem isn't solved for a number of parties, from your own words. Despite working in the area, it doesn't feel like you've thought about it deeply. Or, maybe because you work in the area—cue Upton Sinclair quote.

You can if you just DGAF, like TM. Reminded of this sketch:

https://snltranscripts.jt.org/76/76aphonecompany.phtml

That assumes the vendor runs a buy-back scheme. That would cost and the cost paid by all ticket buyers, if one isn't in place already.

Openly selling is only part of the problem.

How do you distinguish between someone buying tickets as a gift and someone who sold them on in a manner you did not detect? What about group bookings, do you want the ticket seller to collect full ID of all the intended audience members? After that, what if the group of friends changes - who pays the admin fees?

Your idea isn't terrible, but it is far from perfect.

> If noticing scalpers is easy, the bond doesn't need to be silly high.

That is a huge if. Many scalpers are rather experienced and organised, while some will be very easy to spot I suspect a lot of them won't be, at least not without a bunch of false positives that will inconvenience genuine buyers.

And what's your problem, exactly? You want to buy tickets to give away before you've decided who to give them to? Sorry, you can't do that. There are other people who also want the tickets and know who they are inviting. You have to wait until you've decided who to invite and you can't "scalp" those tickets, because you are not worth more than any other paying customer.

In worst case, you've bought tickets and the person you invited can't come: You sell the ticket back to the venue for a refund.

This attitude reminds me of what happens al the time at hotel front desk: They're fully booked for a certain date and some people call and e-mail, asking the hotel to cancel other guests reservations to give them a room. Sorry, not going to happen. First come, first served.

And as I said in another comment, artists and venues can price and release their tickets in such a way that people who are willing to pay much more can get some last-minute tickets.

I was thinking this, however you "transfer" to the other person, the original buyer gets a refund, and you pay the original ticket price+tx fee, or original buyer pays the fee. Either way.

> That assumes the vendor runs a buy-back scheme. That would cost

What would it cost? The vendor runs software that sells tickets. The same software can buy tickets back, invalidate the ticket IDs, and issue new tickets with new IDs. This feature can be part of the software at no additional cost.

Not running a buy-back scheme possible costs more to customers because of today's scalpers.

> How do you distinguish between someone buying tickets as a gift and someone who sold them on in a manner you did not detect?

As the venue/band, you don't need to. Sell to anyone.

As the customer, when you're buying from a scalper you know you're buying at a higher price than the advertised price.

> what if the group of friends changes - who pays the admin fees?

I don't see what admin fees must exist for this. Software manages anything. Printing a new ticket is cheap.

> Many scalpers are rather experienced and organised.

So is law enforcement. Scalpers can't hide the fact that they're selling.