Funworld April 2011

Over the past few years numerous people were arrested for selling fraudulent attraction tickets. Just last summer there were several such arrests in the Orlando area alone, including one scam where police recovered 2,126 tickets worth $395,000.

As technology advances for making tickets more secure and trackable, so, too, does the ability to commit ticket fraud. Parks and attractions worry that as the use of social media grows, its instant mass communication means ticketing loopholes could be quickly exploited by large numbers of people. Now parks are becoming more proactive.

Barcodes
Attractions and ticketing companies both say the tickets that present the greatest opportunity for security issues are the traditional type on non-barcoded paper. It’s difficult to track their purchase history since they’re not barcoded, and though an attraction can take and tear them at the gate, that doesn’t prevent matching duplicates from being printed and used or sold. It also doesn’t prevent people—even employees—from stealing unsold supplies.

“How are you ever going to catch them?” asks Jason Mauser, vice president of sales and marketing for National Ticket Company (www.nationalticket.com) in Shamokin, Pennsylvania. “If you have no barcodes, someone can take the tickets, and they’re live and ready to go. But with barcoded tickets, they’re not activated until they’re redeemed or sold.” However, attractions still must closely monitor and track them because even the barcoding systems can be defeated, especially when an outside ticket distributor is being used.

“Where I ran into it first was with counterfeited tickets at Penn State, one of our [customers],” recalls Mauser. “The counterfeiters were constantly a nuisance to them because scalpers sold tickets that looked exactly like ours. People presented them at the gate, the barcode scanned, and they’d get in, and the person with the legitimate ticket with that barcode couldn’t get in because the barcode had already been scanned.”

He says the criminals were able to accomplish this by buying the proper barcoding equipment, finding out what barcode the ticket distributor was using, duplicating the exact algorithm for that barcode, and then creating phony tickets. Mauser warns attractions could be vulnerable to the same kind of illegal activity.

Double Dipping
Roaring Springs Waterpark in Meridian, Idaho (www.roaringsprings.com), ran into a different issue with admission tickets being sold at Costco Wholesale Club. The tickets had a discount coupon for a local restaurant on the back of them, so once the ticket was scanned at the front gate, it was returned to the guest so they could use the coupon.

“We had people that bought a ticket at Costco, used it, and then because Costco has basically a no-questions-asked return policy, they returned it to Costco for a refund,” says Tiffany Quilici, the park’s sales and marketing director. “So now we mark those Costco tickets before we give them back to the guests so they can’t be returned to Costco.”

She says the park has also had people try to use other guests’ season passes: “Usually these people also have a photo ID that matches the name on the card, but the ID isn’t theirs, of course, so we’ve trained our greeters to make sure the person matches the photo, and we usually catch it.”

Nearby Silverwood Theme Park in Athol, Idaho (www.silverwoodthemepark.com), put the guest’s photo on the season pass itself, but this didn’t stop all deception. “The pictures are small and aren’t the greatest in the world, so it’s easy to let the wrong person slip through,” says Nancy DiGiammarco, Silverwood’s director of marketing, sales, and public relations. “But now our system is set up so that when the ticket is scanned, a better, full-sized photo comes up on a screen.”

Tivoli Gardens in Copenhagen, Denmark (www.tivoli.dk), doesn’t have to worry about the majority of its admission tickets because they’re bought at the front gate; guests don’t even receive a ticket, just a receipt. “They take the receipt directly to the turnstiles, so it’s not possible to cheat,” says Ellen Dahl, Tivoli’s communications consultant.

But Tivoli did run into a problem with its premium Gold Card program, which allows guests to bring as many as five people with them into the park each day, because a few Gold Card holders were bringing in more than five people a day. “They’d use the five accesses to continually ferry people in with them,” says Dahl. “We discovered it because we saw people with a Gold Card coming in more than once a day, with groups of people.”

Wristbands
Attractions that use wristbands haven’t escaped problems either. Some guests will try to tape together used, torn bands and reuse them. So, Ray Horton of TSI Custom Card Solutions (www.tropicalsecurity.com), which sells wristbands to parks, says TSI sells bands that change color when they’ve been torn.

“We’ve also had a lot of interest in our bands from the haunt [industry],” says Horton, “because they have major problems with wristbands. People are taking them off and swapping them since they’re preprinted.”

But he says this won’t work with his company’s wristbands: “They’re in a cartridge and you can’t open the cartridge until they’re ready to use—you can’t just pull a wristband out of the cartridge. You don’t have to worry about someone stealing a band because they’re blank and [the thief] won’t know what the color or the information on them is going to be that day.”

Print-at-Home
Print-at-home ticketing has become popular for amusement parks and attractions, but it also presents challenges. “People will print out several tickets at home with the same barcode, then sell them,” DiGiammarco reveals. “But only the first person presenting a ticket with that barcode will get in.”

Quilici notes, “As far as we know, we’ve not had a problem at Roaring Springs with print-at-home tickets, but I’m not sure how we’d know if someone was using a phony [barcode] they’d made up or was printing more than one ticket and trying to sell them.”

And therein lies the problem. Some parks say it’s just hard for them to track the exact extent of some ticketing issues, including problems with tickets created outside their gates. For instance, Tivoli has many guests who gain access to the park with a concert ticket. “They print them at home and they’re valid tickets, and they don’t carry a Tivoli barcode, so we can’t monitor that as much,” Dahl says.

Buyer Beware
It’s also difficult for parks to know if someone is selling multiple copies of a ticket to unsuspecting visitors; if the tickets don’t scan at the gate, those guests are unlikely to report it to the park since they know they bought a scalped ticket in the first place.

This also occurs with multiday tickets. Guest will sometimes buy these at a heavy discount from unlicensed distributors or from persons selling them outside the park gates, tickets that supposedly have days left on them. But the buyer usually has no way of knowing if there actually are valid days remaining because that information is stored only in the park’s barcode system. This is why a few parks, like Walt Disney World, have gone to fingerprint scans at the gates so if a guest’s print doesn’t match the fingerprint first used with the ticket, that guest isn’t admitted.

“It’s definitely buyer beware,” says Mauser. “We encourage [attractions] not to buy from unknown, unlicensed distributors.”

Park officials say ticketing security requires constant vigilance on their part. They train their front-gate staff members to look closely at season pass photos and to check ID, and to stay alert for any pattern of barcoding problems. They also monitor sites like Craigslist and Facebook carefully for mention of their park names; some, like Tivoli, use closed-circuit television to monitor their staff’s handling of ticket transactions.

But National Ticket’s Mauser encourages parks to go a step further by incorporating cashless systems into their ticketing operations. “It allows parks to closely track guest and employee transactions, and it cuts down on theft,” he says.

He recalls one client park that had an employee who helped a friend by using a stolen credit card to buy thousands of dollars in park debit cards at a kiosk. “The park was able to capture the information and track each of the cards bought,” he says. “They were able to tell each time they were used, and the person was caught. But without cashless integration, it wouldn’t have happened.”

Tivoli has even experimented with biometric facial recognition scanning but decided not to pursue it at this time. Explains Dahl, “We have to remember that we are first a service organization; we are not a prison! So we don’t want too many barriers, and we just have to accept that though most of our guests are very trustworthy, some people will cheat.”

Contact News Editor Keith Miller at kmiller@IAAPA.org.