Xorte logo

News Markets Groups

USA | Europe | Asia | World| Stocks | Commodities



Add a new RSS channel

 
 


Keywords

2024-07-08 21:48:44| Engadget

Scalpers have used a security researchers findings to reverse-engineer nontransferable digital tickets from Ticketmaster and AXS, allowing transfers outside their apps. The workaround was revealed in a lawsuit AXS filed in May against third-party brokers adopting the practice, according to 404 Media, which first reported the news. The saga began in February when an anonymous security researcher, going by the pseudonym Conduition, published technical details about how Ticketmaster generates its electronic tickets. If you arent already familiar with how modern e-ticketing systems work, Ticketmaster and AXS lock ticket resales inside their platforms, preventing transfers on third-party services like SeatGeek and StubHub. (For higher-priority events, they often take it a step further by prohibiting transfers to other accounts on the same platform.) Although the companies claim the practice is strictly a security measure, it also conveniently allows them to control how and when their tickets are resold. (Yay, capitalism?) Ticketmaster Ticketmaster and AXS create their nontransferable tickets using rotating barcodes that change every few seconds, preventing working screenshots or printouts. On the back end, it uses similar underlying tech similar to two-factor authentication apps. In addition, the codes are only generated shortly before an event starts, limiting the window for sharing them outside the apps. Without interference from outside parties, the platforms get to lock ticket buyers into their own resale services, giving them vertical control of the entire ecosystem. Thats where the hackers come in. Using Conduitions published findings, they extracted the platforms secret tokens that generate new tickets, using an Android phone with its Chrome browser connected to Chrome DevTools on a desktop PC. Using the tokens, they create a parallel ticketing infrastructure that regenerates genuine barcodes on other platforms, allowing them to sell working tickets on platforms Ticketmaster and AXS dont allow. Online reports claim the parallel tickets often work at the gates. According to 404 Media, AXS lawsuit accuses the defendants of selling counterfeit tickets (even though they usually work) to unsuspecting customers. The court documents allegedly describe the parallel tickets as created, in whole or in part by one or more of the Defendants illicitly accessing and then mimicking, emulating, or copying tickets from the AXS Platform. AXS lawsuit claims the company doesnt know how the hackers are doing it. The promise of essentially jailbreaking Ticketmaster is so lucrative that several brokers have reportedly tried hiring Conduition to help them build their own parallel ticket-generating platforms. Services already operating on the researchers findings go by names like Secure.Tickets, Amosa App, Virtual Barcode Distribution and Verified-Ticket.com. 404 Medias entire story is worth reading. More technically minded folks may take an interest in Conduitions earlier findings, which illustrate what the ticketing behemoths are doing on their back ends to keep the entire ecosystems in their clutches.This article originally appeared on Engadget at https://www.engadget.com/hackers-reverse-engineer-ticketmasters-barcode-system-to-unlock-resales-on-other-platforms-194826061.html?src=rss


Category: Marketing and Advertising

 

Latest from this category

06.10The first Apple Intelligence features are expected to arrive on October 28
05.10Googles theft protection features have started showing up for some Android users
05.10What to read this weekend: Preventing an asteroid apocalypse, and Cult of the Lambs first arc wraps up
05.10X reportedly paid its Brazil fines to the wrong bank, causing further delay in reinstatement case
05.10Lego's website was hacked to promote a crypto scam
05.10Gmail's Gemini-powered Q&A feature comes to iOS
05.10Foamstars is going free-to-play starting today
05.10Fisker faces more bad news as the SEC starts investigating its business practices
Marketing and Advertising »

All news

06.10Firms urge mayor to rethink congestion charge plan
06.10Trump on the stump, Harris hits airwaves in razor-edge US election
06.10The first Apple Intelligence features are expected to arrive on October 28
06.10Unholy row over plan to open island supermarket on Sundays
06.10Ex-cabinet secretary says 200,000 job is underpaid
06.10New factory, warehouse to replace Chicago Heights structures destroyed in fire
06.10This years NASCAR Chicago Street Race drew more visitors, filled more hotel rooms and generated $128 million in economic impact
06.10Explained: How to interpret Treynor Ratio in mutual funds
More »
Privacy policy . Copyright . Contact form .