Choose a language:

Behind-the-scenes of an onsale: How Queue-it blocked 8.3 million ticket bots

Updated: 12 Jul 2024
Pillars climbing and hand holding envelope over them

The ticketing world has a major bot problem. During popular onsales, up to 90% of online traffic can come from bad bots operated by scalpers. In this article, you’ll discover behind-the-scenes onsale data that reveals just how much ticketing traffic is malicious, and just how effective Queue-it’s invite-only waiting room is at stopping that traffic in its tracks.

2023 was a record-breaking year for concert ticket sales. Three of the top five highest grossing tours of all time happened in 2023—with Elton John’s “Farewell Yellow” tour bringing in almost a billion dollars. Taylor Swift set the world record for most concert tickets sold in a single day. International tours from Beyonce, Coldplay, Bruce Springsteen, Bad Bunny, Harry Styles, The Red Hot Chili Peppers—we’re living in what’s been dubbed “The Stadium Era”.

But it isn’t all rosy for the live event industry. The huge tours and demand for tickets has brought with it huge numbers of ticket bots and scalpers.

In this article, we pull back the curtains on a major concert ticket onsale to show how bad the ticketing world’s bot problem is and how Queue-it is helping ticketers solve it, one onsale at a time.

Discover how Queue-it’s invite-only waiting room blocked over 8.3 million bots across 50+ onsales, how a single visitor tried to get 30,000 spots in queue, and how a top 5 international ticketing company ensured fair and smooth ticket sales for millions of fans.

The onslaught of ticket bots

Bad bots make up 40% of all ticketing traffic. During popular onsales for major artists, this number jumps to between 60% and 90%.

Ticket bot volumes are so high because large onsales almost always have purchase limits, such as 4 tickets per customer. To get around these purchase limits, scalpers spin up hundreds or thousands of fake accounts—complete with unique names, email addresses, IP addresses, and credit card information.

Ticket Bots: Everything You Need to Know

The more undetected bots the scalper can create, the more tickets they can buy, and the more profit they can make.

If a scalper successfully gets 1,000 bots into an onsale, for example, they can turn “4 tickets per customer” into 4,000 tickets just for themselves.

Demand for tickets in “The Stadium Era” may well be at an all-time high, but as you’re about to see, there’s more to the numbers than meets the eye.

How Queue-it blocked 3+ million bots in one onsale

Earlier this year, Queue-it’s invite-only waiting room was used on a series of concert ticket onsales for a household-name artist. The data that follows gives a breakdown of the traffic for just one of these onsales.

First, let’s look at what the actual waiting room looked like. Before the sale went live, about 100,000 invited and verified visitors entered the pre-queue holding area.

The sale went live at midday, and within the next three hours another 38,000 verified visitors entered the queue, meaning a total of 138,000 people got a spot in line for tickets.

Chart showing 138,000 visitors granted access to sale

But the number of requests to enter the queue was much higher than 138,000—24 times higher, to be exact.

Behind-the-scenes of the smooth and fast onsale experience of the verified customers, there were swarms of ticket bots fighting to get access to the queue, fighting to get their hands on the valuable tickets.

If we zoom out on the chart above to include these tickets bots and visitors that were denied access, the picture becomes quite different.

Chart showing 3.2 million untrusted requests denied access

The number of untrusted requests—meaning bot traffic and/or visitors that weren’t invited to the onsale—to enter the queue dwarfs the number of trusted visitors who played by the rules.

Before the onsale even went live, there were over 1.7 million untrusted requests to access the pre-queue. Within three and a half hours, over 3.2 million attempts from untrusted visitors were denied access.

Over 95% of the total traffic to the onsale was untrusted requests from bots, scalpers, and uninvited visitors.

But with Queue-it in place, these 3.2 million requests were denied access, meaning the 138,000 trusted, verified customers got a dramatically fairer and faster onsale experience.

Over 95% of the total traffic to the onsale was untrusted requests from bots, scalpers, and uninvited visitors.

Effective bot mitigation like this requires a multi-layered approach. The more layers of protection a company uses, the less bots can slip through the cracks.

This ticketing company used several tools within Queue-it’s bot mitigation toolkit to stop the bots. For example, 40% of total requests were blocked because they came from data centers, which are known sources of malicious traffic. 24% were blocked after they failed a CAPTCHA. And another 32% were denied access because the ticketing company used an invite-only waiting room and those visitors weren’t invited to participate in the onsale.

Visitors allowed and denied access by type

This last layer of protection, the invite-only waiting room, empowered the ticketing company to both reward loyal fans and block over a million sophisticated bots. Let’s look at how.

RELATED: The Power of Presales: How Ticketers Can Drive Sales & Loyalty with Exclusivity

Controlling sale access to reward real fans

While the ticketing company prepared for this onsale, politicians and the media debated the problems of scalpers, ticket bots, and fairness. They knew demand for the artist would be massive. And as one of the world’s biggest ticketing companies, they couldn’t afford to get it wrong.

To ensure fairness, the ticketing company set up Queue-it's bot and abuse features like data center IP blocking and CAPTCHAs for suspicious traffic. But they also took their mitigation efforts to the next level with an invite-only waiting room.

The invite-only waiting room let the company open the onsale exclusively to verified customers. The company identified the customers it would allow to enter the onsale, then sent out private invitations containing unique links that offered each trusted visitor one spot in line.

So, when access was denied, it meant either:

  1. The visitor was trying to use their link to take multiple spots in queue, or;
  2. The visitor was trying to access the onsale without an invitation

Let’s look at a concrete example from the onsale above:

One individual opened their presale link 31,325 times.

But they got just one spot in queue.

And a maximum of 4 tickets.

Graphic showing one person opening their link 31,000 times and getting one spot in queue

This is clear non-human behavior. A regular person using a regular computer can’t open a link 31,325 times. This person was a scalper who tried—and failed—to get over 30,000 spots in queue.

This is just one of countless scalpers who worked tirelessly to exploit this onsale and was left empty-handed.

And while these scalpers floundered about trying to open single-use invites thousands of times, the ticketing company delivered:

  • A fairer experience for over 100,000 verified fans
  • Dramatically shorter wait times
  • A 95% reduction in traffic load
  • An onsale experience that gave the media nothing negative to write about

What's an invite-only waiting room & how does it block bots?

Queue-it’s invite-only waiting room lets you control access to exclusive sales. Think of it like a security guard for your onsale, controlling the inflow of people and checking IDs to ensure only invited customers can enter.

The idea of verifying customer identities is not a new one. Many ticketing companies require customers to have an account to purchase tickets. And for particularly high demand onsales, several companies identify legitimate fans and give them unique promo codes that are used for verification at checkout.

But an invite-only waiting room adds a new level of protection and control. Rather than verifying customers at the end of the purchase path or at the login (once they’ve already hit your site), it gates access to the entire sale.

This way, the only customers that can queue for tickets and eventually enter the sale are the ones you choose.

In the onsale example above, the ticketing company used fan data and presale registrations to determine the trusted fans and customers they wanted to invite to the sale.

They then set up the invite-only waiting room, uploaded a mailing list with the details of their trusted customers, and sent out invitations to the presale.

Fans opened their invitation, Queue-it verified they were on the invite list, and then they were granted access to the waiting room for the ticket sale.

Scalpers tried to do what they always try to do: get more tickets by getting more spots in line.

But as we saw from the scalper who opened their link 32,000+ times, all any of them got was one spot in line, maybe 4 tickets, and a whole lot of wasted computing power.

For the 50 invite-only onsales we helped this top ticketing company and global artist run, the story was the same:

  • 8.3 million requests were denied access with invite-only
  • Over a million verified fans got a fairer experience
  • Queue wait times were dramatically shorter
  • Invite-only more than halved the load on the ticketer’s systems
For 1 artist, Queue-it ran 50 invite-only onsales, blocking 8.3 million untrusted visitors

With the help of the invite-only waiting room, this top ticketing company rewarded loyal fans while blocking over 8.3 million sophisticated bots and scalpers.

Put tickets in the hands of genuine fans, not bad bots