With multiple verification checkpoints and information requirements throughout the platform, Too Lost has deployed AI-powered Veriff, a state-of-the-art KYC compliance technology, for identity verification. The move aims to safeguard labels and artists from streaming fraud— potentially putting an end to the rampant industry-wide problem.
Streaming fraud, botted streams, copyright infringement — when it becomes rampant on respectable DSPs like Spotify and Apple Music, it becomes a collective issue for the entire music business. With that in mind, Gregory Hirschhorn, CEO and cofounder of digital music distribution platform Too Lost, revealed details about the company’s latest KYC (Know Your Client) compliance technology to DMN.
Hirschhorn admits that indie distribution services are the major source of this problem. “We take full accountability,” he said. “DIY distribution companies need to continue building better solutions to combat this fraud.”
Economic damage from fraud is extensive. As industry organizations delve into how deep this fraud pit really is, they’ve uncovered shocking numbers.
According to Mechanical Licensing Collective (MLC) data, the total amount of unmatched and unclaimed royalties was $561 million as of 2021’s end. This discrepancy is often the result of missing metadata or inaccurate payouts. DMN subsequently investigated these figures, and concluded that the amount of owed-but-unpaid mechanical royalty compensation may actually be much higher.
Earlier this month, DMN also reported that Spotify pulled thousands of songs to fight fraud. Meanwhile, Bloomberg revealed that bogus tracks may now account for a whopping 10% of all streams, also unveiling tricks scammers use to get songs on streaming playlists.
In January, a study published by the Centre Nationale de la Musique (CNM) in France estimated that 1%-3% of all streams in France during 2021 were false. That amounts to 1-3 billion fake streams in one year. With these data points in mind, DMN recently partnered with Too Lost to broaden awareness of their KYC initiative.
In an ideal world, 100% of content on reputable DSPs would be fraud-proof and credible. But is it that simple to protect the music industry space?
When a reportedly fraudulent Dua Lipa reverb track has over 80 million streams on Spotify, what are the chances for smaller players and independent artists?
Platforms like Spotify provide a threshold for accidental fraudulent content from distributors. But if a distributor brings 20 million songs onto the platform, that threshold still represents a number that’s problematic.
According to Hirschhorn, “There are so many fake artists out there that have 3 or 4 million monthly listeners. They’re making $20,000, $30,000, $40,000 a month with reverb versions, remixes, and unauthorized sampling. They’re getting paid out, and there’s nothing happening about it.” Even if this fraud was discovered, Hirschhorn says, “Streaming services and labels don’t seem to have the bandwidth to retract or redirect already paid out royalties most of the time.”
Earlier this month, Amazon Music, Spotify, Distrokid, Empire, Downtown, and others announced that they have launched ‘Music Fights Fraud Alliance’ (MFFA) — a global task force aimed at eradicating fraud in music streaming. The movement’s mission is to ensure that the global music streaming market is fair, and that all members actively contribute to solutions intended to balance the equity of its operations.
The newfound alliance signals strong industry-wide support for Too Lost’s initial step with KYC integration. With DIY distributors now controlling 70% to 80% of all new music uploads, Hirschhorn says, “It’s really important to make sure that we’re protecting the legitimacy of new music from this abundance of fraudulent releases.” He added, “We don’t want to water down the value of music. We want people to honor and respect the art form and continue to want to pay for it.”
Early-stage efforts by Too Lost to put an end to fraud appear to have delivered promising results. “The goal is to not let this stuff touch our platform. The minute it gets on distribution platforms, it gets to Spotify, Apple Music, etc.”
Hirschhorn explains how the latest KYC compliance integration ramps up security on the platform with Veriff, an AI-powered identity verification solution that prevents identity fraud.
“With additional checkpoints and the deployment of Veriff, all new and existing users will be required to validate their identity via systematic prompts. We’ve already banned over 2,500 user accounts connected to fraudulent activities.”
Too Lost’s updated onboarding process includes ID verification and IP matching. The compliance integration also scans emails for past activity internally on scam sites and data leak pages. The platform also sends a phantom email to confirm whether the email used to verify the Too Lost account is valid. Alongside other data points, this confirmation protects the system from a hacked address. The platform is now also tracking clicking behavior and prompting for captcha codes to rule out robot maneuvers.
“We have flagged thousands of accounts in the past, terminated content from those users, and have everything from IP addresses to IDs, first and last names, and emails documented. We’re also getting other distributors on board here.”
Hirschhorn reveals that Veriff cleaned up over 95% of their content issues. “This idea that you need to show your face and present your ID for a distribution account has scared off a lot of potential fraudsters, knowing that their info is being collected on a very transparent level. For good-intentioned clients, this new onboarding process only adds an additional 6 seconds on average. I think they also appreciate the bank-level security.”
Further checks continue to take place long after the content is uploaded.
Using the Google Images API, Too Lost can also determine copyright owners of cover art. For verification of audio, the platform has set up a multi-step check, conducted in partnership with Audible Magic, ACRCloud, and others, alongside manual reviews by the quality control team when needed.
Hirschhorn also emphasizes how ‘fraud’ is often only a result of duplication. These ‘innocent mistakes’ include an artist changing their name or transferring to another distributor when their content already exists elsewhere. There could also be different metadata points because the artist accidentally inputted incorrect information.
The move towards KYC, and a shared data pool of ‘bad actors,’ appears to be a data-driven solution that could potentially annihilate a mammoth music industry problem. Hirschhorn reveals that the company’s efforts have already had a tremendous impact on reducing fraud.