The ticketing industry has been in the press this week for failing to provide loyal and “Verified Fans” the early access to tickets they deserve. New types of data files, known as Verifiable Credentials, are here to help, enabling punters to easily present verified identity information to secure the process of buying tickets and entering events. Here’s how.
We’ve grown too accustomed to the way events handle ticketing. Long queues, ticket touts, and ticket handling fees are all part of the scenery if we were attending a gig, sports event or festival.
Every time we register for an event or purchase a ticket, we are constantly providing the same information over and over again. Meanwhile, each time we attend an event, the organisers need to spend time and money verifying our name, ticket validity and sometimes our age.
This process is repetitive, insecure, costly and, most importantly, easily avoidable. The use of Verifiable Credentials (VC) – a tamper-evident data file with a set of claims about a person, organisation, or thing that can be cryptographically verified – is poised to streamline the entire events industry. Using VCs, however, it would be far more difficult for bots and scalpers to get the requisite level of trust necessary to bulk-buy and resell tickets, while event-goers will be able to prove trusted attributes about themselves and a level of reputation that they are who they claim to be.
Problem one: Scalpers
Taylor Swift has been in the news this week for the wrong reasons. The release of tickets for her latest tour has been met with a clear demonstration of one of the events industry's biggest issues: ticket scalpers and bots.
Just minutes after the pre-sale release, her face-value tickets, which cost between $49 and $449 each, had sold out, Ticketmaster had crashed; and simultaneously, on the secondary market, the same tickets were being resold and flipped for as much as US$22,700 (£19,100) each.
This is not a one-off. It is a problem that has consistently plagued the ticketing industry. This can be shown by the research conducted at Distil Research Labs, which concluded that bot activity was estimated to be behind 42.2% of activity in online ticket sales.
There have been attempts to resolve the issue. For example, in 2017, Ticketmaster introduced a new scheme for “Verified Fans”, where the most clued-in fans could pre-register their personal information for the event prior to the tickets coming on sale. Through this process, lucky fans would receive an email with a presale code to access an early-bird ticket sale.
This process was in effect for the Taylor Swift gig, however, bots had been able to register themselves with fake names and fake email addresses in advance, skirting around the extra measures put in place.
The issue here is that becoming a “Verified Fan” does not actually “Verify” your identity in any way, it relies on self-attestations.
Problem two: Security
There is a lack of security around ensuring the identity of the attendees of an event because the existing process is too clunky. It usually involves one physical ticket or digital QR code PLUS a physical identity document check. More recently, it may even involve a Covid vaccination certificate.
Since traditional tickets aren’t tied to an identity, bouncers and door staff are tasked with the role of ascertaining people’s identities. This is expensive for the organisers, inefficient as it causes long queues, and ultimately, insecure.
Various UK YouTubers such as Niko Omilana, Max Fosh and The Zac & Jay Show have shown how farcical the existing ticketing system is by creating videos of themselves sneaking their way through bouncers into various events. The most telling was Max Fosh getting into the International Security Expo in London, armed with only a fake lanyard and a strut of confidence.
This is potentially a huge risk vector for event organisers, which they need a new answer for.
Additionally, due to the lack of options to prove your identity, around 10,000 passports are lost each year while on a night out in a bar or club in the UK, according to the Identity and Passport Service (IPS). It makes little sense that there is no digital way to represent the same identity data or level of trust for entering a venue.
Verifiable Credentials to the rescue
Verifiable Credentials are a new digital standard from the World Wide Web Consortium (W3C) to create a more trustworthy way of holding and presenting data. From a more technical lens, VCs are tamper-evident data files with a set of claims about a person, organisation, or thing that can be cryptographically verified. Using Verifiable Credentials, it would be possible to reduce the risk of identity fraud, ticket scalpers and unauthorised access to events.
This is because a Verifiable Credential that has been issued to you from a trustworthy party is:
- Verifiable: affording a much higher degree of trust than something like Ticketmasters’ “Verified Fan” service, which is self-attested.
- Tamper-evident: meaning it’s much more difficult to fake or copy without being caught out.
- Reputable: You can combine credentials from multiple sources to present a digital reputation, not just an attestation.
For example, if a music artist issues you a VC for being a loyal fan, this becomes something that cannot be replicated as easily by a bot and becomes far more meaningful. Event organisers could then create a gated presale, requesting trusted attestations from multiple sources - requesting, for example:
- A loyal fan credential issued by a band; and
- A credential for authenticating with a social media platform
Having both of these would make it much more difficult for bots and scalpers to be included in the presale. For more high-profile events or with higher risk involved, you could request additional higher Level of Assurance (LoA) credentials, such as:
- A credential issued by a bank or government (trusted third party); or
- A credential issued by an employer attesting to your name and identity.
Therefore, with digital credentials, it becomes a lot harder to fake your way into an event, or scalp tickets, since you need to prove a level of reputation to get them in the first place. Currently, it is easy to spin up a new identifier like an email, but Verifiable Credentials make it much harder to fake a digital reputation.
Verifiable Credentials in action
From theory to action, to illustrate how easy this solution is, cheqd demoed how VCs could address this exact issue at Internet Identity Week (IIW). In this demo, Verifiable Credentials were used to combine: a verified identity; and an event ticket into one QR code proof.
Learn from the demo how you could:
- Sign in to a web-based application using a wallet (in this case, the Cosmos-based Keplr wallet)
- Prove your identity with a social media account (authentication)
- Get a credential with your name and social media details
- Add your event ticket to your wallet, providing a QR code
- Present your event ticket alongside your name and social media details.
The combined proof could be shown on the door of the event to securely “scan in”. This would hugely reduce the amount of time needed to physically check identity documentation and would make it much more secure for event organisers, who could rely on a combined proof of “identity” plus an “event ticket”, all issued by trusted third parties.
You can learn more about Verifiable Credentials here and their interaction with Decentralised Identifiers (DIDs).
Using Verifiable Credentials would greatly streamline the events and ticketing industry, solving some of the core problems that have been causing huge financial losses and frustrating punters over the past decade.
Firstly, requesting Verifiable Credentials in a ticket sale would make it far more difficult for bots and scalpers to get the requisite level of trust necessary to bulk-buy tickets and resell them.
Secondly, using Verifiable Credentials to enter an event venue would streamline the process, reducing queue times and giving organisers a greater level of confidence in who is attending the event.
Overall, the technology is developing quickly, and we at cheqd are ready to provide the backbone and network for the growing adoption of Verifiable Credentials for events, with Decentralised Identifiers anchored on the cheqd network. If this blog resonates with you and you are in the events industry, please get in touch with our partnerships team here, or you can try out our SDK for issuing and verifying credentials here!