Why is anti-scalper a protracted war?
Written by | Lin Qiuyi
Editor | Gong Zheng
This May, seems to be dominated by May Heaven. From the 300,000 Mayday concert tickets being swept away in 5 seconds on May 9; to the fan group rebelling, shouting "I would rather stand at the gate of the Bird's Nest than let the scalpers make money", and to these days "Mayday concert scalpers tickets The price dropped by nearly 10,000 yuan" rushed to the hot search list...
After the epidemic was fully liberalized at the beginning of this year, the performance market ushered in a recovery. Singers such as Mayday, Jay Chou, and Zhang Huimei began to tour the country one after another. Scalpers who had been out of work for almost three years also came out, crazily grabbing tickets and reselling them at high prices, which caused great dissatisfaction and resistance from fans.
Rebellion cannot cure the root cause, just like fighting. It should not be just to retreat from the enemy, but also to cut off the way back. In addition to continuously increasing the threshold for buying tickets, are there other technologies that can resist scalpers?
A few days ago, "True Story Lab" interviewed a mysterious anti-scalper team, revealing the story of how this team of senior security experts used high technology to counter the scalpers.
#01
"Who stole the Mayday tickets?"
The battle between Mayday fans and scalpers began on May 5.
On the same day, the Mayday Beijing Bird's Nest Concert was officially announced that there will be 6 consecutive concerts at the Bird's Nest from May 27th to June 3rd. The relevant tickets will also be issued at 11:00 and 17:00 on May 9th.
On the day of the official announcement of the Mayday concert, several fan stations also immediately started snapping up "group tickets". Group tickets are an unwritten agreement between the fan station and the show organizer for more than ten years. Before the official sale, a part of the tickets will be reserved for fans who come to the fan station to snap up.
However, on May 6th, the last day of the group ticket rush, fans of "MAYDAY Mayday Any Door" posted a large number of abnormal orders created in 0 seconds on Weibo. These orders completed in milliseconds are considered to be snatched by scalpers with "high technology". The fan site said that all abnormal orders will be closed, and the shipment will only begin after the investigation is completed.
▲ Picture | Scalpers snapping up Mayday tickets
When the fan station was urgently checking orders and inspecting scalpers, at around 7 pm, the fan station issued a notice one after another, saying that due to force majeure, the group ticket was cancelled. The cancellation of group tickets, which has been practiced for ten years, angered many Mayday fans. They pointed the finger at the scalpers, saying that the scalpers were not able to report the fan group's "illegal fundraising", which led to the cancellation of the group tickets. That night, multiple group ticket topics rushed to the hot search, triggering extensive discussions.
After the cancellation of group tickets, Mayday fans can only wait for the official sale on May 9. But on the day of the sale, nearly 300,000 tickets were all swept away within 5 seconds. On the second-hand commodity trading platform, scalpers are selling tickets at a super high premium. The original price of 1,855 yuan in the first row of the infield has been fired to 19,880 yuan.
The rampant scalpers once again angered Mayday fans. They directly confronted the scalpers and shouted the slogan "I would rather stand at the gate of the Bird's Nest than let the scalpers make money" . The self-made promotional pictures also quickly spread among fans, social platforms and second-hand trading platforms. Proliferation, calling on everyone to refuse to buy high-priced scalpers tickets, "stay until the scalpers' mentality collapses, and wait for the original price tickets to return."
For several weeks in a row, topics related to Mayday have been on the hot searches. It seems that the joint resistance of the fans played a role, and the price of scalper tickets for the Mayday concert continued to fall.
However, although the scalper tickets have fallen by nearly 10,000 yuan, the price is still much higher than the original price.
#02
Scalpers are rampant, how to counteract them effectively?
Short-term resistance cannot eradicate scalpers, and it is foreseeable that the concert market will continue to be hot in the second half of this year. According to incomplete statistics, in the second half of this year, more than 20 singers, including Mayday, Jay Chou, Angela Chang, Joker Xue, Mao Buyi, Li Ronghao, Wang Feng, and Zhou Chuanxiong, have officially announced that they will hold concerts, holding more than 60 concerts in total.
Therefore, how to effectively counter the scalpers has also become a hot topic among netizens.
It is understood that the current way to purchase tickets for the Mayday concert is to purchase with identity verification, but there are two ways to enter the venue: one is to swipe the QR code (electronic ticket), and the other is to use paper tickets. Moreover, it also supports one transfer after purchase.
Many netizens said that this method of Mayday is actually a fake real name, scalpers can easily use technology to buy tickets, and gave two ways to force real names.
For example , the first type adopts the real-name system + face recognition, and does not allow transfer, refund or modification. The Liang Jingru concert held at the Shanghai Mercedes-Benz Arena this year adopted a "strong real-name system". Not only does it not support refunds, but it also states that it cannot be gifted or resold.
But just before the start of the concert, more than 200 people contacted the WeChat group for rights protection and demanded a refund. The reason is simple. They think that it is unreasonable not to allow refunds and changes, and consumers should have the right to refund. Subsequently, the organizer of Liang Jingru's concert issued a 24-hour refund notice.
▲ Picture | Netizens are hotly discussing the real-name system for ticket purchase
The second is to use the real-name system + face recognition + refund within a limited time. This move is indeed more moderate. While preventing scalpers, it can also protect consumer rights to a certain extent. But the scalpers may also choose to "burn jade and stone together", buy tickets in a centralized manner first, and conduct large-scale refunds near the final refund time of the performance, which will cause great losses to the ticketing platform.
In addition to institutional restrictions, is there any technical means to stop scalpers from the root?
Ma Ziyang is a member of the anti-scalper special team and a senior security expert at Tencent. According to him, the "high-tech means" used by the scalpers mentioned by Mayday fans are actually malicious bots for zero-second snap-ups. The so-called BOT is the abbreviation of Robot, which is an automated program.
▲ Picture | Security experts who confront scalpers
In fact, scalpers complete a series of actions such as clicking links, selecting dates, submitting, and paying through millisecond-level computer programs, and the operation speed is hundreds or thousands of times faster than humans. The relatively rudimentary ticket grabbing technology is the "Python script takes you to kill with one click" that you often see on video sites. Scalpers generally use automated means to call browser programs to grab tickets. The more advanced scalpers will play tricks on the equipment. For example, a scalper will buy a bunch of mobile phones (or cat pools) and come back, and control the mobile phones through batch commands to grab tickets.
Although the request action of the scalper to place an order is consistent with that of a normal person, the detailed characteristics of their execution of the action are inconsistent in terms of technical dimensions. Therefore, if you want to counter scalpers, you can technically block these automated programs.
#03
The platform introduces the regular army and strangles the scalpers
The world has been suffering scalpers for a long time. At the beginning of January this year, the concert market in Hong Kong, China took the lead in recovering. Tickets for many popular performances were snatched up by scalpers, causing strong dissatisfaction among citizens, and Hong Kong media reported one after another.
In order to protect the legitimate rights and interests of citizens, a ticketing platform in Hong Kong quickly set up an anti-scalper special team with Tencent Security. An emergency meeting was held at 10 o'clock on January 4, which opened the prelude to the confrontation with the scalpers.
In fact, it is more difficult to fight scalpers in Hong Kong than in the Mainland. "Because in the mainland, many ticketing platforms require real-name ticket purchases, and you need to enter your ID card for a strong binding between the person and the ID card." Ma Ziyang said, "Hong Kong pays more attention to user experience, and generally does not require real-name ticket purchases. Support members and non-members to purchase tickets, and non-members can complete ticket purchase without logging in, which gives scalpers a lot of room for maneuverability.”
At the meeting, the ticketing platform also emphasized that it does not want to set too many authentications, which will affect the user experience. This puts a lot of pressure on the security experts. Since the enemy is in the dark, if we can’t set up too many authentications, it’s like sniping a pack of wolves in the fog, which is a great test of shooting skills.
The experts asked for the order information of the platform in the past few months, hoping to find "clues" of scalpers. Roca's law states that where there is contact, there will be traces. Two hours later, Tencent security experts made a lot of gains after digging the data through the algorithm model——
-
More than 5,000 tickets were bought by the same credit card, the same address, and the same consignee
-
There are a large number of remote IPs in the order, concentrated in India, the United States, Singapore and other regions
-
There are a large number of IPs with abnormal buying speed and abnormal access frequency (for example, the buying is completed in one millisecond, or tens of thousands of visits a day)
At 2:00 p.m., the anti-scalper special team combined the information and data it had mined to output a preliminary protection plan.
In the first stage, start from the flow end. As mentioned earlier, scalpers use malicious robots to automate ticket grabbing. Therefore, Tencent security experts deployed a Tencent Cloud WAF cluster at the traffic entrance of the ticketing website. Through real-time algorithms and a series of rule configurations, at the moment the ticket grabbing channel is opened, the access traffic is cleaned in real time, blocking malicious robots, and allowing normal The users successfully entered the ticket grabbing channel.
Ma Ziyang introduced that distinguishing malicious and real traffic is a complete set of rule configurations. For example, if the IP address is in India, the United States, Singapore and other regions, these are basically off-site cloud resources purchased by scalpers in order to grab tickets, and a regional ban strategy needs to be set. To identify whether the access request is initiated by a real person or a real machine, you need to set up client risk identification; to intercept IPs with abnormal buying speed, abnormal behavior characteristics, and abnormal access frequency, you need to configure access control policies...
After the first phase of the flow end protection configuration was completed, the cleaning rate reached 60%, and the effect met expectations. However, three days later (January 7th), X Star's concert tickets will go on sale. X Star is a well-known singer, and the discussions on major social platforms are hot, and scalpers will naturally keep an eye on this "fragrance". cake".
While the ticketing platform was considering whether to start the second stage of protection, a "head" scalper in Hong Kong openly shouted on Twitter: "All performance tickets have to come to me."
This statement increased the pressure on the ticketing platform, so on January 5, the special team launched the second phase of defense on the device side.
As mentioned above, in addition to using automated programs to grab tickets, scalpers will also tamper with equipment, such as buying a bunch of mobile phones (or cat pools) and returning them, and controlling the phones through batch commands to grab tickets.
However, Tencent security experts deployed Tencent verification code clusters and Turing Shield device fingerprint clusters for countermeasures. We all know that fingerprints are unique. Tencent's secure device fingerprints can give devices a unique "fingerprint" by identifying the digital characteristics of the device. For example, for a device in normal use, the power will change from time to time, and the angle of use will be tilted. If a large number of accounts are logged in on the "only" device, or if the device is fully charged at all times and never tilts, it becomes a suspicious device.
In addition to traffic and device-side defense strategies, in the final payment link, the security team also set up a third layer of protection—Tencent’s full-stack risk control engine, which can identify black and gray products in multiple dimensions through algorithms, and discover black and white products faster. cards or suspicious transactions. For example, if the same credit card or the same mailbox has repeated purchases in a short period of time, it will be blocked.
In the end, the anti-scalper special group designed three security lines of defense for the ticketing platform covering traffic, equipment and payment. With the help of Tencent's security team and the cooperation of Hong Kong's local ticketing platform, the concert escort on January 7 achieved initial success, intercepting and filtering most of the scalpers.
▲ Figure | Tencent security anti-scalper strategy
#04
The confrontation with scalpers will be a protracted battle
The popularity of concerts is just a microcosm of the recovery of the entire cultural tourism market. Since the epidemic was fully released, scenic spots and theme parks across the country have prospered, and they have also become the targets of scalpers. Tickets for many popular scenic spots are hard to find.
Since the beginning of this year, the Tencent Cloud WAF team and Tencent Tianyu Wind Control Team have also successively received demands from major scenic spots and theme parks to fight scalpers.
For example, a week before the May Day holiday this year, a well-known scenic spot in China continued to be attacked by scalpers. The scenic spot is limited to tens of thousands of tickets per day, but there are tens of millions of ticket purchase requests in the background, and most of the tickets are sold by scalpers. The party snatched it away, and the tickets for dozens of yuan were sold by scalpers for hundreds of yuan.
Nathan, a risk control and security expert at Tencent Tianyu, told the "True Story Lab" that many scalpers in scenic spots are actually local "travel agencies". They will provide ticket purchase channels on the life service platform, claiming that they can buy official tickets that have not yet been released, and the price is two or three times higher than the official ones, bundled with additional services such as the so-called "tour guide".
"After you place an order on the platform, they will send a message that the ticket has been successfully issued. Then when the tickets for the scenic spot are officially on sale, the scalper will use an automated script to grab the ticket and quickly fill in the real-person information of the tourist obtained on the platform. If the ticket is successful, the ticket will be issued normally; if the ticket grab fails, a message will be sent to notify that the ticket is abnormal." Nathan said.
In fact, the so-called "tour guide explanation" does not exist, and no one can be found at the scene of the scenic spot.
After deploying Tencent Tianyu's wind control solution, the scenic spot successfully intercepted 90% of the scalpers, and the tickets were sold out in a second before, and gradually consumed in half an hour, so that most of the real tourists realized the original price of tickets , safeguarding the legitimate interests of tourists in ticket purchases.
Ma Ziyang also discovered in this confrontation with the scalpers in Hong Kong that under the background of the recovery of the cultural tourism market, the current confrontation between the regular Internet army and the scalpers is in a very intense state. After all, after three years of the epidemic, the scalpers are already hungry.
Many people think that fighting against scalpers can be done once and for all. But Ma Ziyang said that anti-scalpers are actually a protracted battle.
The scalpers themselves are like Xiaoqiang who can't be beaten to death. Driven by high profits, they try every means to exploit the loopholes in the system and platform policies, including constantly upgrading the tools and methods of ticket grabbing. "If you recognize the nature of this industry, you will know that anti-scalpers are a daily battle." Ma Ziyang said.
In addition to the anti-scalpers of the regular army, the awareness of anti-scalpers in the whole society is relatively unified and the sentiment is relatively high. Coupled with the attention of regulatory agencies, this constitutes a favorable external environment for the anti-scalpers of the regular army.
In short, the confrontation between scalpers is a protracted battle that requires the joint efforts of multiple parties including policies, consumers, platforms, and security vendors.