The option that strikes me as missing, is making users pay a cost before they are randomly entered in a lottery for the ticket.
So, for example, everyone pays $0.01 on their credit card, or does a holding charge on their credit card, or registers their identity. All in a 5 minute (or 1 day!) window. And then after the window, tickets are randomly distributed amongst every card which so registered.
You could check multiple things - phone and card and Government ID if necessary (lowering the privacy).
This also feels fairer and less stressful - instead of a lottery based on your internet access, or ability to run lots of browsers at once.
This feels harder for scalpers to do to me, as they need more fake identities, but I'd be curious about the actual ratios when trying it. What goes wrong?
Another one I predict is that you can't buy digitally. For examples, the Lewes fireworks display you have to buy tickets in person in a bookshop in Lewes. Doesn't help if you make a digital ticketing system though!
Well at least one possible reason is that for live events, the company that has an effective monopoly is Live Nation. And they also own at least one of the platforms where scalpers sell their tickets; Ticketmaster.
I also imagine that as an event promoter, being able to say some variation of "Another sold out show", or "Tickets sold out within seconds" creates pressure for buying early for all future events.
It also takes active planned work to implement these solutions. And if they have a monopoly, they have no incentive to do that work.
The reality now is the ticket sellers and bands are the main scalpers and everyone else are now secondary scalpers.
Now that tickets are all electronic and the ticket sellers operate secondary markets there is no "face value" anymore and pricing is dynamic. Not all tickets are released at once and many are offered at "platinum" prices at first.
All through the 60's, 70's, 80's, 90's and 00's concert tickets were around $40-$50 in 2025 dollars, now that is just the service charge. Just go on eBay and look at some ticket stubs then put the price / date into the CPI calculator.
It turns out that the bands couldn't beat the scalpers so they became the scalpers, charging outrageous prices with the assistance of the ticketing companies.
So stopping bots isn't as important as it was when CAPTCHAs were effective, since there is a lot less money on the table for professional scalpers to capture.
A few months back I built a cryptographic alternative to CAPTCHAs called Ghost Keys[1] that uses a small donation as proof-of-humanity. For donating you get an anonymous keypair that works across services without repeated CAPTCHAs. The economic friction doesn't scale for bot operators, and donations fund our non-profit[2].
Keys embed approximate timestamps, so services can set age limits. The system was designed for Freenet integration where reputation can be attached to keys - repeat abuse would degrade a key's public reputation over time.
If the profit per successful abuse event is $200, the author's suggestion of limits on credit card numbers or phone numbers won't work either. Those are only effective against scaled abuse up to something like $1 / event. Bank accounts would almost certainly be more robust, but that seems quite hard to implement outside of a handful of countries where the online auth ecosystem is built around banks.
With generic abuse background, but not knowing anything about the ticketing abuse ecosystem, is doing the sales on a first-come-first-serve basis an absolute necessity from a business perspective? There would be a lot more tools available if the problem was reframed from "decide instantly whether to sell this buyer a ticket" to "decide which 10k of these 100k intents of purchase received during the first 24h to sell the tickets to". And by more tools, I mean offline analysis and clustering, not just a lottery.
(You'd still want to combine that with strongly personalized tickets though. It'd be how you address for bots-as-a-service, not how you address buying tickets to resell.)
I could see an issue with that since most people are going to be going to events in a group, and won't want to go unless everyone gets their ticket. If I wanted to go with three people, do you lottery us as a group or individually? If I want to go with 5 people and there's a lottery, the best thing to do would be have multiple people buy 5 tickets each, multiply that by every group and you have a lot of people buying tickets who don't actully want them and people who only put one order in get shafted
A lot of concerts in Japan work on a lottery. When you enter the lottery you can select for how many tickets up to a set maximum. If you get selected, you're obligated to pay and can't cancel. So... I imagine if you want to go as a group, one person puts in for the lottery and either everyone gets to go or no one does.
> The naive economic solution to the problem would be raising ticket prices step by step until it is no longer attractive for scalpers to resell your ticket
You can also just do like The Cure did and destroy the secondary market entirely: you can sell tickets through the platform and only for what you paid for them.
There will be a concert for 750th anniversary of Amsterdam in June (held on the highway ring around the town which will be closed). Tickets were free, sold out in 5 mins, immediately available from scalpers for 200 euros.
I am unsympathetic when people insist on selling things for the wrong price and then come up with these elaborate schemes for fixing the problems they themselves caused.
If they would simply sell tickets for the prices people are willing to pay in the first place then they wouldn't need to invade privacy or any of this stuff. I've heard the arguments they use to justify why they don't and they're all hogwash.
How about: each user creates an account with their legal ID. Obviously unique so they can’t create multiple using the same ID. Before the sale, everyone signs up. Once the sale is started, tickets are distributed using a lottery system for the users who signed up (so refreshing like mad doesn’t give any advantage). Can only buy up to 2 tickets per person (their own and an anonymous companion). ID must be shown and would be verified at entrance.
If you wanna be even more strict: You could allow up to X companions, but they must not have signed up with their own account (so they don’t have an advantage for doing so). And they must provide their ID before the event as well and arrive as a single party.
This addresses some of the hassle around buying multiple tickets, but does not address the inherent privacy issues. But there are still some problems.
First of all, this remains a hassle in most countries, since handling a national identity number (if such a number exists at all) is restricted by law. Even in some countries that do not legally restrict collection or storage of identity numbers (AFAIK the US does not restrict private sector usage of SSNs), there is rarely wide acceptance of providing your identity number for any purpose other than official government services and financial institutions. This means that in most cases, the event organizer has to resort to more traditional methods of KYC: Requesting some personal details (e.g. full name and birth date) and requiring to present an identity document that carries the details above. Verifying the identity document adds slows down entrance lines and increases the cost.
The other issue with this method is privacy. You're still not breaking the suggested BAP (Bots-resistance/Accessibility/Privacy) theorem suggested by the article. Additional personal information has to be collected and stored until the time of the event.
But I believe there is a way out of this. You can still create a limited resource that is more restricted than phone numbers or credit card numbers, and can be optionally verified at the venue cheaply. The only problem is that would require cooperation from the government (and a great deal of effort if you want to make it perfect). The government needs to already have an online digital KYC method that is bound to your digital ID or an online government account. Then the government can use that method to provide an anonymous federated login that provides a unique ID that cannot be traced back to any national identity number. This is essentially how Sign in with Apple works with "Hide My Email" selected: No personally identifying claims are included in the Open ID Connect ID Token and "sub" is unique (per Apple user + 3rd party service combination), but not traceable back to the the original Apple identity. Unique identities can also become ad-hoc per-event (instead of per ticket provider), which makes them completely private (ticket providers cannot track users across multiple events).
At described above, this service still only provides a limited resource akin to phone numbers. For events where the profit margin from ticket scalping exceeds $100, you could still get some scalpers who'd convince collaborators to identify in with their government account and buy tickets for the scalper for $20 per ticket. If you can get 5 tickets per ID, that's $100 of easy money for 5 minutes of work. You can add simple and fast verification at the venue by requiring the users to generate a QR code that is tied to their unique ID at the venue in order to enter. The QR code cannot be generated in advance and is based on a challenge QR that is presented at the venue. This requires collaborators would have to physically come to the venue or be available at the time the scalper's agents come to redeem the paper tickets at the venue. With a QR code generation and check directly at the gate, scalping is completely impossible (at the cost of longer lines and less entrance flexibility). With printed tickets the scalper needs to send agents to physically collect the tickets and communicate with the collaborators (who need to be available at the day of the event to generate the QR codes remotely) — which greatly inflates the cost of scalping.
Even when you get governments to cooperate with this approach, there are still some holes with this approach. The first issue is that eKYC needs to become popular enough to avoid a large loss in sales. The second issue is raising awareness with regards to privacy-preserving eKYC vs. regular eKYC. This two services look very similar (you log-in with your government account or ID to prove your identity), but the scope of the information shared couldn't be more different. Normalizing eKYC carries the risk of people becoming careless about divulging private information. Luckily, this could easily be solved by governments restricting private sector parties to which full eKYC is provided based on their callback domain names and registered credentials (like OAuth client ID and client secret).
The last problem is the probably the most complex one to tackle: how would you accommodate tourists? After all a lot of the venues sell a large share (or even the majority) of their tickets to tourists. I can think of two possible answers.
The first approach is to fall back to a manual passport-based KYC process for tourists. Tourist ticket buyers would have to enter their name and passport number in advance and the passports would be verified in person at the venue. This can be slightly sped up with automatic passport scanners if the venue has a high volume of visitors that warrants the costs. This approach seems to be where China is going: the resident ID card is used for entrance to many places and even for buying railway tickets, but tourists just use their passports. This works well when the percentage of tourists is low, but at a venue which expects a high number of tourists you'll run into all the issues I've described above.
The other option is probably more of a pipe dream, but it would be nice if countries could issue a temporary (and restricted) eKYC account to visitors when they complete their ETA. Even countries without ETA can still offer a pre-registration system just for obtaining an eKYC account in advance. This eKYC account can be used to purchase tickets in the destination country in advance, but it would only be activated for generating gate QR codes when physically entering the country with the matching passport. The main limitation of this approach is that you must first obtain an ETA before purchasing tickets, but you'd usually already have concrete travel plans by the time you're purchasing the tickets.
What about limiting the number of tickets per card?
Or do what airlines do and you need to declare who is using the ticket. Maybe allow exchange for up to 50% of a party.
Then the scalpers can't win but there is still a DOS problem to solve.
Maybe a card auth -> reserve seats -> complete txn flow would help there. The card auth rate limits the amount of unbooked but temporary reserved tickets.
Locking tickets to customers is hard, especially for venues with seats. The venue and artist want people in those seats — it looks better and they spend money on concessions, merch, and often parking. You can resell at the door, maybe, but then you’re turning away paying customers who get stuck in traffic and show up late.
I’m not convinced cards are a significant barrier. People already get tons of credit cards for the signup bonuses and perks, and you can get prepaid cards pretty easily. Temporary card numbers are a thing too. There are logistical challenges in getting a lot of cards in the buying pool but I don’t think they’re insurmountable.
Concerts that are struggling with numbers shouldn't have a scalper problem though. If you want more people through the door, there are presumably base price tickets still for sale.
This problem mostly exists in the Swift concerts that sell out in four minutes before the internet explodes with people complaining the website never loaded for them. I'm sure "might harm sales" really won't be a problem for those concerts.
Sell at the economic equilibrium price (determined by auction) and whoever actually enters the venue receives the difference between the auction price and the desired price by the organizer in cash or maybe in form of a coupon for their next concert.
Sounds like an interesting situation! But I do see the flaw in my proposal now. It will select for the top-n richest customers, which kind of undermines the point of selling at a fixed price.
>Most organizers, including for-profit organizations, do not want to choose this option due to ethical concerns or concerns about community building.
The alternative is selling the tickets to scalpers which doesn't seem ethically better or better at community building as compared to directly selling it to fans.
Even if you assign tickets to IDs scalpers will sell access to bots instead to capture the delta between market price and the price the ticket is being sold for.
Sell the tickets with a decreasing price - early tickets are very expensive, late tickets are not, and hold back between 10% and 20% until day of sale at the lowest price.
Make the scalping bastards choke on it, and break FOMO all at once.
One option that I not see discussed in the blog post: Collecting user signals locally and using those access patterns (mouse movement, clicks, IP/site browsing history) to discriminate between "standard" site usage and bots; so like a "reCaptcha lite", not trained across many sites but trained specifically on the target.
For a ticket platform like pretix that can be run self-hosted alongside the main site, this should give you enough signals to discriminate between normal users and bots, unless they are specifically targeting that site, or am I mistaken? Even just pure web server access logs may be sufficient on smaller sites so this might work even without JS?
Doing any kind of access pattern analysis leaves you with the problem of handling false positives, and your proposal doesn't help with the accessibility problems.
IP addresses aren't a panacea here -- this is a high margin business where the attackers can switch to high cost / high quality proxies.
> unless they are specifically targeting that site
In this case the attackers would very specifically be targeting specific sites (ones selling tickets to events with more demand than supply).
most of traffic is from mobile devices anyways. they have biometrics (e.g. Apple FaceID, fingerprint). they also have DeviceCheck (Apple Hardware + Apple servers) integrity checks of device/binary that is making requests. it is also free and private.
why using this technology is not part of conversation? seems like utmost strongest guarantees and perfect fit?
It is not "free" as you must buy such a device, nor is it most of traffic, and its privacy is questionable. A solution to the problem area here needs to cater to people outside the HN echo chamber.
As a developer or website or app, I don't need to buy a device. User has to buy it, as it is theirs device. And chances are, they are on the iphone or other apple device already. And if not, they are on Android, which has comparable biometrics options.
Are you claiming that owners of websites have to purchase laptops for their website visitors?
And are you claiming that Apple has worser privacy than Android? or ... holdon, there is nothing else (Huawei is out of the question, and MSFT/Symbian does not exist anymore)
A lot of overwrought digital solutions here and not the obvious one:
Stop selling online.
Sell the tickets at a small number of locations near and including the venue, with cashiers empowered to deny suspicious transactions.
Could someone put together a small army of smurfs to buy up all the tickets in major cities? Sure. Could someone have someone on the inside sell them a block of tickets against policy? Sure. We can handle these cases on a locale by locale basis with a convenience trade off that seems appropriate to the place.
Don't let perfect be the enemy of the good, and even worse, don't let overwrought privacy-invading and non-accessible digital solutions (that create a playing field tilted towards bad actors equipped with AI tools) be the enemy of a dead simple analog real-world one that leverages our best reputation management system: ourselves.
In my opinion the web is in dire need of a system of proof of humanity. This, together with a mixed system, could solve this sort of problem.
For example, there could be an API for e-mail providers to tell services that an address belongs to a human. The provider would need to implement methods to verify the user's humanity, so you wouldn't need to give every online service your personal info, only your humanity provider that vouches for you. Something like SSL certificate hierarchies could be used to ensure that smaller providers aren't vouching for bots, i.e. you have a root CA that signs their certificates, and if it's found that they don't actually do what they are supposed to do, the certificate isn't renewed. This added with some actual costs to get those certificates would give them an incentive not to lie.
I know some people complain about this not being "private," but let's be real. If you purchase anything from any online website, they have your home address, your phone number, your real name as printed on your credit card, and there is a non-zero chance that some moron stored your credit card number in plain text in a MySQL database. It's always going to be safer to trust PayPal than some random website with this information. Why not do the same with human identity?
Finally, if you can't sign up with any humanity provider for some reason, just make the process extremely annoying and limited. For example, if you have 100 tickets to sell, reserve 90 for people that can prove they are human and leave only 10 for potential bots, then implement a lengthy process for those users so that's not worth it for the bots. If 90% of the tickets are already purchased by people, it will be less profitable for scrapers already.
I'd rather see bot resistance (important for everyone) and privacy (important for everyone) take precedence over accessibility (important for a small minority) and have laws change to reflect that.
Bots are users, but they aren't human users. I think it's fair to say that most web sites/apps value human users over bots (maybe that's wrong though?). But I think an argument can definitely be made the bot resistance is valuable/important to most people on the web.
The option that strikes me as missing, is making users pay a cost before they are randomly entered in a lottery for the ticket.
So, for example, everyone pays $0.01 on their credit card, or does a holding charge on their credit card, or registers their identity. All in a 5 minute (or 1 day!) window. And then after the window, tickets are randomly distributed amongst every card which so registered.
You could check multiple things - phone and card and Government ID if necessary (lowering the privacy).
This also feels fairer and less stressful - instead of a lottery based on your internet access, or ability to run lots of browsers at once.
This feels harder for scalpers to do to me, as they need more fake identities, but I'd be curious about the actual ratios when trying it. What goes wrong?
Another one I predict is that you can't buy digitally. For examples, the Lewes fireworks display you have to buy tickets in person in a bookshop in Lewes. Doesn't help if you make a digital ticketing system though!
The Savannah Bananas do that. You have to enter a lottery to buy tickets.
And if your ID doesn't match the ticket, you don't get in.
It's successful in keeping tickets in the hands of families and fans instead of resale.
I suspect the key thing is that the industry really wants scalpers, but must appear to act against them.
> I suspect the key thing is that the industry really wants scalpers
Why?
Well at least one possible reason is that for live events, the company that has an effective monopoly is Live Nation. And they also own at least one of the platforms where scalpers sell their tickets; Ticketmaster.
I also imagine that as an event promoter, being able to say some variation of "Another sold out show", or "Tickets sold out within seconds" creates pressure for buying early for all future events.
It also takes active planned work to implement these solutions. And if they have a monopoly, they have no incentive to do that work.
Actual cash income the moment the tickets go on sale.
Removes all the uncertainty and risk and puts it on the scalpers.
The reality now is the ticket sellers and bands are the main scalpers and everyone else are now secondary scalpers.
Now that tickets are all electronic and the ticket sellers operate secondary markets there is no "face value" anymore and pricing is dynamic. Not all tickets are released at once and many are offered at "platinum" prices at first.
All through the 60's, 70's, 80's, 90's and 00's concert tickets were around $40-$50 in 2025 dollars, now that is just the service charge. Just go on eBay and look at some ticket stubs then put the price / date into the CPI calculator.
It turns out that the bands couldn't beat the scalpers so they became the scalpers, charging outrageous prices with the assistance of the ticketing companies.
So stopping bots isn't as important as it was when CAPTCHAs were effective, since there is a lot less money on the table for professional scalpers to capture.
A few months back I built a cryptographic alternative to CAPTCHAs called Ghost Keys[1] that uses a small donation as proof-of-humanity. For donating you get an anonymous keypair that works across services without repeated CAPTCHAs. The economic friction doesn't scale for bot operators, and donations fund our non-profit[2].
[1] https://freenet.org/ghostkey/
[2] https://freenet.org/
> The economic friction doesn't scale for bot operators
Does the number of keys need to scale? If $1 buys a key for life, and signing can be easily automated why would it stop bots?
Keys embed approximate timestamps, so services can set age limits. The system was designed for Freenet integration where reputation can be attached to keys - repeat abuse would degrade a key's public reputation over time.
> So what’s left?
If the profit per successful abuse event is $200, the author's suggestion of limits on credit card numbers or phone numbers won't work either. Those are only effective against scaled abuse up to something like $1 / event. Bank accounts would almost certainly be more robust, but that seems quite hard to implement outside of a handful of countries where the online auth ecosystem is built around banks.
With generic abuse background, but not knowing anything about the ticketing abuse ecosystem, is doing the sales on a first-come-first-serve basis an absolute necessity from a business perspective? There would be a lot more tools available if the problem was reframed from "decide instantly whether to sell this buyer a ticket" to "decide which 10k of these 100k intents of purchase received during the first 24h to sell the tickets to". And by more tools, I mean offline analysis and clustering, not just a lottery.
(You'd still want to combine that with strongly personalized tickets though. It'd be how you address for bots-as-a-service, not how you address buying tickets to resell.)
I could see an issue with that since most people are going to be going to events in a group, and won't want to go unless everyone gets their ticket. If I wanted to go with three people, do you lottery us as a group or individually? If I want to go with 5 people and there's a lottery, the best thing to do would be have multiple people buy 5 tickets each, multiply that by every group and you have a lot of people buying tickets who don't actully want them and people who only put one order in get shafted
A lot of concerts in Japan work on a lottery. When you enter the lottery you can select for how many tickets up to a set maximum. If you get selected, you're obligated to pay and can't cancel. So... I imagine if you want to go as a group, one person puts in for the lottery and either everyone gets to go or no one does.
Require the intent to include ticket holder names/id and check it on entry to the venue, multiple intents for the same group can be deduplicated
The article addresses that:
> Of course it also harms real buyers who want to go to a concert with a +1 but do not yet know who they will bring.
> The naive economic solution to the problem would be raising ticket prices step by step until it is no longer attractive for scalpers to resell your ticket
You can also just do like The Cure did and destroy the secondary market entirely: you can sell tickets through the platform and only for what you paid for them.
how does this prevent the scalper communicating with the buyer to demand an out-of-band payment?
[dead]
The naïve economic solution is auctioning off all the tickets.
There will be a concert for 750th anniversary of Amsterdam in June (held on the highway ring around the town which will be closed). Tickets were free, sold out in 5 mins, immediately available from scalpers for 200 euros.
https://nos.nl/artikel/2568164-chaos-bij-ticketuitgifte-voor...
I am unsympathetic when people insist on selling things for the wrong price and then come up with these elaborate schemes for fixing the problems they themselves caused.
If they would simply sell tickets for the prices people are willing to pay in the first place then they wouldn't need to invade privacy or any of this stuff. I've heard the arguments they use to justify why they don't and they're all hogwash.
How about: each user creates an account with their legal ID. Obviously unique so they can’t create multiple using the same ID. Before the sale, everyone signs up. Once the sale is started, tickets are distributed using a lottery system for the users who signed up (so refreshing like mad doesn’t give any advantage). Can only buy up to 2 tickets per person (their own and an anonymous companion). ID must be shown and would be verified at entrance.
If you wanna be even more strict: You could allow up to X companions, but they must not have signed up with their own account (so they don’t have an advantage for doing so). And they must provide their ID before the event as well and arrive as a single party.
I think you just described something similar to the Japanese system
I'm asked for ID on MercadoLivre and PayPal already, but I think it's for tax purposes. Never tried to create two accounts with the same tax ID.
This addresses some of the hassle around buying multiple tickets, but does not address the inherent privacy issues. But there are still some problems.
First of all, this remains a hassle in most countries, since handling a national identity number (if such a number exists at all) is restricted by law. Even in some countries that do not legally restrict collection or storage of identity numbers (AFAIK the US does not restrict private sector usage of SSNs), there is rarely wide acceptance of providing your identity number for any purpose other than official government services and financial institutions. This means that in most cases, the event organizer has to resort to more traditional methods of KYC: Requesting some personal details (e.g. full name and birth date) and requiring to present an identity document that carries the details above. Verifying the identity document adds slows down entrance lines and increases the cost.
The other issue with this method is privacy. You're still not breaking the suggested BAP (Bots-resistance/Accessibility/Privacy) theorem suggested by the article. Additional personal information has to be collected and stored until the time of the event.
But I believe there is a way out of this. You can still create a limited resource that is more restricted than phone numbers or credit card numbers, and can be optionally verified at the venue cheaply. The only problem is that would require cooperation from the government (and a great deal of effort if you want to make it perfect). The government needs to already have an online digital KYC method that is bound to your digital ID or an online government account. Then the government can use that method to provide an anonymous federated login that provides a unique ID that cannot be traced back to any national identity number. This is essentially how Sign in with Apple works with "Hide My Email" selected: No personally identifying claims are included in the Open ID Connect ID Token and "sub" is unique (per Apple user + 3rd party service combination), but not traceable back to the the original Apple identity. Unique identities can also become ad-hoc per-event (instead of per ticket provider), which makes them completely private (ticket providers cannot track users across multiple events).
At described above, this service still only provides a limited resource akin to phone numbers. For events where the profit margin from ticket scalping exceeds $100, you could still get some scalpers who'd convince collaborators to identify in with their government account and buy tickets for the scalper for $20 per ticket. If you can get 5 tickets per ID, that's $100 of easy money for 5 minutes of work. You can add simple and fast verification at the venue by requiring the users to generate a QR code that is tied to their unique ID at the venue in order to enter. The QR code cannot be generated in advance and is based on a challenge QR that is presented at the venue. This requires collaborators would have to physically come to the venue or be available at the time the scalper's agents come to redeem the paper tickets at the venue. With a QR code generation and check directly at the gate, scalping is completely impossible (at the cost of longer lines and less entrance flexibility). With printed tickets the scalper needs to send agents to physically collect the tickets and communicate with the collaborators (who need to be available at the day of the event to generate the QR codes remotely) — which greatly inflates the cost of scalping.
Even when you get governments to cooperate with this approach, there are still some holes with this approach. The first issue is that eKYC needs to become popular enough to avoid a large loss in sales. The second issue is raising awareness with regards to privacy-preserving eKYC vs. regular eKYC. This two services look very similar (you log-in with your government account or ID to prove your identity), but the scope of the information shared couldn't be more different. Normalizing eKYC carries the risk of people becoming careless about divulging private information. Luckily, this could easily be solved by governments restricting private sector parties to which full eKYC is provided based on their callback domain names and registered credentials (like OAuth client ID and client secret).
The last problem is the probably the most complex one to tackle: how would you accommodate tourists? After all a lot of the venues sell a large share (or even the majority) of their tickets to tourists. I can think of two possible answers.
The first approach is to fall back to a manual passport-based KYC process for tourists. Tourist ticket buyers would have to enter their name and passport number in advance and the passports would be verified in person at the venue. This can be slightly sped up with automatic passport scanners if the venue has a high volume of visitors that warrants the costs. This approach seems to be where China is going: the resident ID card is used for entrance to many places and even for buying railway tickets, but tourists just use their passports. This works well when the percentage of tourists is low, but at a venue which expects a high number of tourists you'll run into all the issues I've described above.
The other option is probably more of a pipe dream, but it would be nice if countries could issue a temporary (and restricted) eKYC account to visitors when they complete their ETA. Even countries without ETA can still offer a pre-registration system just for obtaining an eKYC account in advance. This eKYC account can be used to purchase tickets in the destination country in advance, but it would only be activated for generating gate QR codes when physically entering the country with the matching passport. The main limitation of this approach is that you must first obtain an ETA before purchasing tickets, but you'd usually already have concrete travel plans by the time you're purchasing the tickets.
This is a trivially solvable problem with essentially little friction for buyers.
The industry doesn't WANT to solve this. I don't see why anyone believes or entertains the idea they are even trying.
What about limiting the number of tickets per card?
Or do what airlines do and you need to declare who is using the ticket. Maybe allow exchange for up to 50% of a party.
Then the scalpers can't win but there is still a DOS problem to solve.
Maybe a card auth -> reserve seats -> complete txn flow would help there. The card auth rate limits the amount of unbooked but temporary reserved tickets.
Locking tickets to customers is hard, especially for venues with seats. The venue and artist want people in those seats — it looks better and they spend money on concessions, merch, and often parking. You can resell at the door, maybe, but then you’re turning away paying customers who get stuck in traffic and show up late.
I’m not convinced cards are a significant barrier. People already get tons of credit cards for the signup bonuses and perks, and you can get prepaid cards pretty easily. Temporary card numbers are a thing too. There are logistical challenges in getting a lot of cards in the buying pool but I don’t think they’re insurmountable.
Concerts that are struggling with numbers shouldn't have a scalper problem though. If you want more people through the door, there are presumably base price tickets still for sale.
This problem mostly exists in the Swift concerts that sell out in four minutes before the internet explodes with people complaining the website never loaded for them. I'm sure "might harm sales" really won't be a problem for those concerts.
> What about limiting the number of tickets per card?
discussed in TFA
> Or do what airlines do and you need to declare who is using the ticket
ditto
Sell at the economic equilibrium price (determined by auction) and whoever actually enters the venue receives the difference between the auction price and the desired price by the organizer in cash or maybe in form of a coupon for their next concert.
That results in unbounded offers.
Sounds like an interesting situation! But I do see the flaw in my proposal now. It will select for the top-n richest customers, which kind of undermines the point of selling at a fixed price.
Unfortunately, the solution to something like this is more intense KYC and lawsuits.
You don't defend at the web, you defend in the courtroom and bank.
I assume it's too expensive or the ticket sellers don't actually care, they just want to think they care.
you defend at the ID system. anonymous cert chain ID fixes this. the u.s is defined by its fraudulent business and therefore no one in power wants it.
>Most organizers, including for-profit organizations, do not want to choose this option due to ethical concerns or concerns about community building.
The alternative is selling the tickets to scalpers which doesn't seem ethically better or better at community building as compared to directly selling it to fans.
Even if you assign tickets to IDs scalpers will sell access to bots instead to capture the delta between market price and the price the ticket is being sold for.
Sell the tickets with a decreasing price - early tickets are very expensive, late tickets are not, and hold back between 10% and 20% until day of sale at the lowest price.
Make the scalping bastards choke on it, and break FOMO all at once.
One option that I not see discussed in the blog post: Collecting user signals locally and using those access patterns (mouse movement, clicks, IP/site browsing history) to discriminate between "standard" site usage and bots; so like a "reCaptcha lite", not trained across many sites but trained specifically on the target.
For a ticket platform like pretix that can be run self-hosted alongside the main site, this should give you enough signals to discriminate between normal users and bots, unless they are specifically targeting that site, or am I mistaken? Even just pure web server access logs may be sufficient on smaller sites so this might work even without JS?
This seems pretty well covered by the post?
Doing any kind of access pattern analysis leaves you with the problem of handling false positives, and your proposal doesn't help with the accessibility problems.
IP addresses aren't a panacea here -- this is a high margin business where the attackers can switch to high cost / high quality proxies.
> unless they are specifically targeting that site
In this case the attackers would very specifically be targeting specific sites (ones selling tickets to events with more demand than supply).
every time this comes up, the thread immediately gets 300 comments suggesting that everyone pays whatever amount to keep the bots at bay
twitter sells blue checks for $8/mo and it's full of bots
Just sell paper tickets at specific type of shops: convenience stores and such. Use an ID.
We just need better human verification, that’s all, and the web depends on it
how about on-device biometrics?
most of traffic is from mobile devices anyways. they have biometrics (e.g. Apple FaceID, fingerprint). they also have DeviceCheck (Apple Hardware + Apple servers) integrity checks of device/binary that is making requests. it is also free and private.
why using this technology is not part of conversation? seems like utmost strongest guarantees and perfect fit?
Yeah that's good solution
It is not "free" as you must buy such a device, nor is it most of traffic, and its privacy is questionable. A solution to the problem area here needs to cater to people outside the HN echo chamber.
As a developer or website or app, I don't need to buy a device. User has to buy it, as it is theirs device. And chances are, they are on the iphone or other apple device already. And if not, they are on Android, which has comparable biometrics options.
Are you claiming that owners of websites have to purchase laptops for their website visitors?
And are you claiming that Apple has worser privacy than Android? or ... holdon, there is nothing else (Huawei is out of the question, and MSFT/Symbian does not exist anymore)
this is crazy talk. what are you even saying?
A lot of overwrought digital solutions here and not the obvious one:
Stop selling online.
Sell the tickets at a small number of locations near and including the venue, with cashiers empowered to deny suspicious transactions.
Could someone put together a small army of smurfs to buy up all the tickets in major cities? Sure. Could someone have someone on the inside sell them a block of tickets against policy? Sure. We can handle these cases on a locale by locale basis with a convenience trade off that seems appropriate to the place.
Don't let perfect be the enemy of the good, and even worse, don't let overwrought privacy-invading and non-accessible digital solutions (that create a playing field tilted towards bad actors equipped with AI tools) be the enemy of a dead simple analog real-world one that leverages our best reputation management system: ourselves.
In my opinion the web is in dire need of a system of proof of humanity. This, together with a mixed system, could solve this sort of problem.
For example, there could be an API for e-mail providers to tell services that an address belongs to a human. The provider would need to implement methods to verify the user's humanity, so you wouldn't need to give every online service your personal info, only your humanity provider that vouches for you. Something like SSL certificate hierarchies could be used to ensure that smaller providers aren't vouching for bots, i.e. you have a root CA that signs their certificates, and if it's found that they don't actually do what they are supposed to do, the certificate isn't renewed. This added with some actual costs to get those certificates would give them an incentive not to lie.
I know some people complain about this not being "private," but let's be real. If you purchase anything from any online website, they have your home address, your phone number, your real name as printed on your credit card, and there is a non-zero chance that some moron stored your credit card number in plain text in a MySQL database. It's always going to be safer to trust PayPal than some random website with this information. Why not do the same with human identity?
Finally, if you can't sign up with any humanity provider for some reason, just make the process extremely annoying and limited. For example, if you have 100 tickets to sell, reserve 90 for people that can prove they are human and leave only 10 for potential bots, then implement a lengthy process for those users so that's not worth it for the bots. If 90% of the tickets are already purchased by people, it will be less profitable for scrapers already.
When I was a lad we bought tickets at a booth.
Just saying ...
To fight economics is to wage war on reality itself.
i love the number of people who are wholly bought into this idea that capitalisms tokens warp reality itself. its the end of history too aint it?
which is just such a lack of imagination for what we are capable of, both in terms of progress and irrationality.
I'd rather see bot resistance (important for everyone) and privacy (important for everyone) take precedence over accessibility (important for a small minority) and have laws change to reflect that.
I disagree that bot resistance is important to anyone, or even a reasonable goal for anyone at all. Bots are just users
Bots are users, but they aren't human users. I think it's fair to say that most web sites/apps value human users over bots (maybe that's wrong though?). But I think an argument can definitely be made the bot resistance is valuable/important to most people on the web.
Bots are not just users in the battle against spam.