Top Five Data Privacy Trends in Ticketing
With physical tickets to events disappearing in favor of digital options, how is customer data being acquired and protected? Some solutions have their own set of downsides.
- By Mike MacPherson
- March 21, 2022
Live performances are on the rebound. Last year, the world’s leading live entertainment company, Live Nation, staged more than 17,000 concerts for 35 million fans. During the last three months of the year, the company’s Ticketmaster division delivered its best quarter ever. Executives already expect that 2022 will break every record in terms of attendance, profits, and ticket sales.
A huge number of tickets are going to be sold, traded, and redeemed now that the world is trending back to normal. How all this happens is important because tickets are more than just torn stubs of paper these days. They’re digital records and, in some cases, passports to our most sensitive data.
Although few people set out to a big event expecting to remain totally anonymous, most of us have serious privacy concerns when we buy a ticket online or at the box office. Here are five ways the industry is adapting to protect the most important part of any event, the audience:
1. Stripes Are Out, Chips Are In
The magnetic stripe credit card is fast reaching its expiration date. Mastercard has announced that its credit and debit cards will not be required to have a magnetic stripe starting in 2024. Stripes will be phased out entirely by 2033 in favor of the now-familiar EMV chip cards.
The shift from magnetic stripes to chips is a win for both privacy and security. Unlike magnetic stripes, the microchip on your card cannot be copied. Entering a PIN is much more secure than signing a receipt because that signature can be easily forged on the card itself, or copied from the card. Finally, because EMV cards work with wireless terminals and near-field “tap” technology, their owners never have to give up possession of the card itself, dramatically lessening the chances that a bad actor will find a way to steal its secrets.
2. Paper Is Out, E-Tickets Are In
“Ticket” is something of a misnomer these days. Rather than the traditional perforated stub of paper, a ticket these days might be a QR code stored on a smartphone, or simply a reservation number, or even a plastic card that allows multiple entries to the same venue. These so-called e-tickets herald the end of paper records with the ticket holder’s name -- and sometimes payment information, address, and phone number -- but they also present several challenges of their own.
Although an e-ticket can’t be fished out of a trash can and mined for information, it is linked to all kinds of data (from payment details to one’s vaccination status, for example) stored on a server. What’s important now is that ticket vendors and venues choose secure (i.e., encrypted) platforms on which to host and process the tickets.
A caveat: No matter how securely the ticket is stored, holders can still be duped by a phishing scam where they voluntarily hand over their digital keys, thus leading to a privacy hack.
3. Validation, Validation, Validation
Paper tickets were often easy to counterfeit or modify, a flaw that led to many calamities, most famously the fake tickets that were part of Disneyland’s problematic opening day in 1955. E-tickets are unique (thanks to serial numbers) but also infinitely replicable (thanks to being digital files). This means that validation of the holder’s identity is often necessary. Today, Disneyland solves the validation conundrum by using biometrics; a fingerprint is scanned at the time of entry and attached to the park ticket.
Amazon’s cashierless Go convenience stores validate their entry “tickets” with the account holder’s palm. However, using biometric validation creates another, much larger issue -- the privacy and security of one’s most personal information, which must be stored on a cloud platform, where it may be vulnerable to hacking.
4. Socially Distanced!
On a more positive note, e-tickets have made our physical privacy unequivocally easier to protect. Every major venue is now either using a cloud-based ticketing service or a white glove plug-in that can automate safety protocols like social distancing. Because data is now typically collected remotely rather than at a box office, ticket holders can order food and merchandise in advance. This allows them additional privacy at the venue (they don’t have to stand in line for extras) and a ticket holder need no longer bring a credit card to a crowded venue, where it might be stolen or wirelessly hacked.
We’ve all been hearing about cryptocurrency and non-fungible tokens (NFTs) lately. These digital assets are typically associated with speculating in art or crypto tokens rather than attending live events, but a new generation of blockchain tokens called utility NFTs (uNFTs) can provide access to both physical and virtual events. Using cryptocurrency to buy tickets -- or using a crypto token as the ticket itself -- may be the ultimate in privacy because personal details are not attached to digital tokens and because blockchain technology is built upon encrypted, decentralized validation systems.
The flipside of this technology is that NFT (or uNFT) holders must not forget their digital “keys” which unlock the tokens, which then provide them access to wherever they want to go.
In other words, tickets have become a lot more secure, but you’ll still need to handle them responsibly.
Mike MacPhersonis director of sales and marketing for VBO Tickets. Working with performing arts, education, sports, museums, festivals, comedy clubs, and others, VBO developed a set of software that seamlessly integrates with any client website, providing tools to create, manage, and sell events from virtually anywhere.