Streaming Fraud ‘Hurts Everyone.’ Beatdapp Wants to Change That
Beatdapp works to prevent fraud from impacting payouts. "It's already hard to make something," co-CEO Andrew Batey says. "You should get paid correctly."
Beatdapp co-founders and co-CEOs Morgan Hayduk and Andrew Batey were not initially focused on fighting streaming manipulation. Batey spent years in digital marketing, while Hayduk formerly worked as a lobbyist for the Canadian music industry in the area of copyright protection. At first, they teamed to build an auditing tool that would enable labels to evaluate inconsistencies between their sales reports and streaming services’ server logs. Conversations with label executives indicated that “there were pretty often material discrepancies,” Hayduk says.
As he and Batey tried to understand those inconsistencies, it became clear that streaming manipulation was causing some of them, and Beatdapp embarked on developing a tool to detect fraudulent streams — which Hayduk defines as the leveraging of “bots, stolen accounts or manipulated platform features” to steal streaming income — and prevent them from impacting payouts.
According to a recent report from the Centre National de la Musique (CNM), a government-backed organization that supports France’s music industry, in 2021, over 1 billion music streams — between 1% and 3% of all streams generated in the country that year — were fraudulent. “The methods used by fraudsters are constantly evolving and improving,” the report noted, “and fraud seems to be getting easier and easier to commit.” If that percentage was applied to IFPI’s estimate that global streaming revenue totaled $17.5 billion in 2022, fraudulent streams would amount to $350 million in potential lost income for legitimate rights holders.
Beatdapp’s software sifts through massive amounts of data from partners — including labels, distributors and streaming services — to identify and investigate suspicious patterns. In one case, it identified 10,000 accounts all playing the same 63 tracks. The pair say the company now analyzes hundreds of billions of streams, and while they declined to identify partners, they recently started working with SoundCloud and Napster, according to two sources.
“If we can make this industry less attractive for financial fraudsters, that will make a positive difference for everybody who’s working on music,” Hayduk says. “That’s what animates us.”
Why is streaming fraud an important issue?
MORGAN HAYDUK: It hurts everyone who makes a living in the music industry and, left unchecked, creates this promotional race to the bottom where everyone believes they have to cheat to succeed. In cybersecurity terms, it’s important to shrink the attack surface of the industry.
ANDREW BATEY: In an industry where it’s already hard to make something and then promote something and then get paid, you should at least get paid correctly.
How much data is Beatdapp analyzing at this point?
HAYDUK: We’re looking at about 320 billion streams now. That’s about 13 trillion individualized streaming data points when you account for all of the metadata associated with each of those streams. We expect to add data in the neighborhood of another 50 billion streams in [the second quarter] and about another 2 trillion data points on that.
BATEY: It’s not just the individual stream. You might make 12 decisions in an app, such as how you search — if you clicked on the artist first and then you looked at their song list. We’re capturing all of that, anonymized across users. All of that context helps us because if somebody consistently hits, let’s say, the exact 11 things for every song they play, that’s a pretty obvious case of fraud if they’ve done that 3,000 times in a week.
How has the industry’s perception of streaming fraud changed since you started Beatdapp?
HAYDUK: Just hearing people acknowledge the issue is probably the biggest shift. It used to be verboten to speak publicly about streaming fraud. It was all behind closed doors. But I don’t think you can fix a problem until you accept its existence. We’re starting to get there now and [are] seeing a more widespread willingness to put in place solutions.
How has your perception of the problem changed as your data set has expanded?
HAYDUK: The biggest revelation to us has to be that this is way closer to death by a thousand paper cuts than it is a top-of-the-market problem. If you asked us where most of the fraud came from 18 months ago, we probably would have pointed the finger at bigger artists because we would have thought they had the most to gain. But we were missing the point of most of this activity. It’s not about changing perception; it’s about making money. This isn’t a phenomenon that’s driven by major labels and major independent label artists or their top artists. The overwhelming majority, like upwards of 80% of what we see is fraud, is coming from — call it non-music content. It’s not being released for popular consumption or because these are artists who are trying to get noticed. These are releases that have no commercial purpose except as [instruments of] fraud.
BATEY: When we first started, we genuinely thought fraud would be 1% to 3%. Now we think it’s closer to 10% [though some of this is caught]. Also we would have guessed that most of the fraud would occur on the platforms where people were — Spotify, Apple, YouTube. But because it’s a lot of financially motivated fraud, what we actually see is that it’s easier for the fraudsters to attack all the mid- and long-tail [digital service providers] as well, where they’re less likely to get caught and they’ll get a similar or better per-stream payout. Why not target all of these smaller DSPs with zero protections in place and get paid across all of them?
France’s CNM recently came to the conclusion that fraud is getting easier to commit.
BATEY: I 100% agree with that. There are so many ways to exploit platforms. If your job is to deliver the best user experience possible, it often means making it easy for them to access that content and creating really cool ways for them to experience or engage with that content. [When that happens,] there are more ways to manipulate that content for the purpose of exploiting it for a payout.
HAYDUK: And the tools that you need to commit fraud effectively and at scale are easier to access now than ever before. The tools that facilitate fraud in e-commerce or ticketing or financial services are also repackaged and repurposed to commit streaming fraud. You can generate fully automated online bot farms using cloud computing in a way you couldn’t 10 years ago.
How do you avoid generating false positives when you’re hunting for fraud?
HAYDUK: We know that a false positive is worth considerably more in the loss column than a false negative, so we adjust our models to account for the fact that they need to be conservative in the right ways.
BATEY: You can’t get it wrong. If you miss a fraudster, it’s OK. We hope we catch them later. If we call something fraud that’s not, that’s way worse.
Some have suggested that a user-centric payout system might mitigate fraud.
HAYDUK: Our view is that it’s not going to make that big a difference. It’ll change the tactics, but it won’t change the motivation. It’s a big pot of money on the internet, and generally speaking, the DSPs are still fairly soft targets. A different payout structure will just change the tactics that fraudsters use to aggregate money and divert it their way. Obviously, there’s a whole different case for the merits of payout systems if you’re an artist or you’re a label.
There’s a lot of industry concern about artificial intelligence right now. To what extent does AI make it even easier to commit these types of fraudulent activities?
HAYDUK: It’s a tool. We work for some good AI companies that care about not being a tool for fraudsters. That said, the new models are incredibly powerful, and you can create content at scale. There’s no putting the genie back in the bottle when some of these tools emerge. The tougher we make it to get away with fraud, the less valuable the tool becomes in the hands of someone who’s wielding it for a bad purpose.
How incentivized are DSPs to care about fraud?
HAYDUK: Their biggest partners care, especially in light of what we said earlier: Market share shifts matter to the partners and, therefore, it matters to the DSPs. I think consumers also care because bad recommendations on the DSP side make for bad user experience. And given that every platform is offering roughly the same catalog to the consumer, if your recommendations are substandard, that makes consumers more inclined to choose your competitor.
Some music industry executives worry that public discussions of fraud undermine user confidence.
HAYDUK: How many times a week does your bank email you about the extra efforts they’re taking to protect you from fraud in the financial sector? It doesn’t make me want to boycott my bank when they tell me that. Fans probably want to hear that, as an industry, we’re taking steps so that the artists they care about are paid correctly.
BATEY: If you’re the consumer, your account was hijacked, and now you’re getting a bunch of recommended songs that don’t make any sense, you’re not blaming the fraudster — you’re blaming the platform.
What is your dream scenario for fraud mitigation in the industry?
HAYDUK: Our view is there are some things you can’t do in a vacuum. DSP A can’t look at the data from DSP B to help inform its own detection models. It’s way too competitive between the platforms to give up the level of data required to do fraud detection at the highest levels. Having a platform in the middle acting as Switzerland, working for the collective benefit of everyone without minimizing the level of competitiveness between the platforms, is the right approach. And it’s also an approach that we’ve seen play out in other verticals with similar dynamics.