Account sharing goes against a digital product’s terms of service and costs billions of dollars to the industry per year. People may share account credentials casually with their friends, or cybercriminals can obtain credentials on the dark web to resell. Either way, it’s an issue many companies face.
Account sharing has its roots in digital piracy, even though it might not feel like that to those who participate. Think back to the time when physical music CDs were popular. No one thought twice about burning CDs for friends who didn’t buy the albums. And when MP3s came out, that mindset shifted into peer-to-peer (P2P) piracy (e.g. Napster). If someone had the CD on their computer, they could share that data with other people online.
Digital piracy has always been hard to enforce. Today, streaming platforms and smart TVs make illegally downloading a movie onto a computer clunky and outdated. Unless you’re searching for a hard-to-find title, you can probably find a source to stream or rent the movie online. But the problem now is making sure streaming accounts are used according to their terms of service.
Many people have the belief that online entertainment should be free. Since you can’t physically hold a digital object, piracy through account sharing doesn’t feel as bad as something like shoplifting. But let’s say you stream all the episodes of The Office for free. That would cost about $50 as a DVD collection.
According to Hub’s 2019 Video Redefined survey, 47% of respondents had either shared their own account info or used someone else’s to watch password-protected content. And that number climbs to 81% for people between the ages of 18 and 25.
That means a lot of people are already used to sharing their account credentials. Of course, the problem isn’t always black or white. Someone may pay for one or two streaming services and then use a friend’s account to access other platforms.
Parks Associates predicts that account sharing will cost video streaming and pay-TV companies $12.5 billion in 2024. That’s an increase from $9.1 billion lost in 2019. Compared to the size of the market, that’s a huge chunk of revenue.
Account sharing can be a problem in other industries like music streaming, photo editing, and digital security software. For example, Spotify Premium users can download and listen to music offline on up to three devices. Some users may share their credentials with a friend, but people can also find cracked Spotify Premium accounts on the web for use on jailbroken devices.
Bitdefender offers digital security services and supports up to 15 devices under the Family Pack. However, sharing account information to people outside a household goes against the terms of service, as does selling account access to make a profit.
People also like to share VPN services with their friends or family. It can be frustrating for a company to know that multiple people are using one account. For example, some businesses allow their customers to connect up to six devices at one time (or five through a single server).
Of course, the very nature of a VPN service means the company doesn’t store records of customer activity, and each device’s IP address is anonymized. This makes account sharing a complex issue for VPN providers.
A smaller company with account-based content or software may not have a big issue with account sharing. But as more people want to access the product, the issue of account sharing grows. We see this all the time in the counterfeiting world. People only counterfeit what they think will sell, so brands that are growing quickly or are already visible will have more issues.
Most account sharing is casual between friends or acquaintances. Someone might charge their friends a couple of bucks to use the streaming service each month, but they aren’t in it to make a profit.
However, there are bad actors who harvest login credentials on the dark web to sell. These sellers have so many accounts at their disposal that they can offer “warranties” to buyers in the case that an account’s password is reset and becomes unusable. They simply switch the buyer to another account. Over 15 billion credentials are in circulation on the dark web.
Another issue to consider is that account piracy can give subscribers in some regions access before the content is available in the market. The issue is similar to gray market imports, but in this case, there are no physical products to trace.
One study found that Netflix’s failure to launch in Indonesia in 2016 increased piracy in the country by 20% during that year. After it successfully launched in 2017, Netflix gained about 100,000 subscribers and grew from there. However, the company was already a multinational phenomenon. For a smaller organization, account sharing and piracy can severely impact the market willing to purchase the subscription when it becomes available.
One of the perks that many entertainment companies offer is a multi-user license. While it’s designed for users to share accounts with their family and roommates, it can be hard to detect if the system is abused.
Companies like Netflix use floating licenses (a.k.a concurrent licenses) to regulate account sharing. A floating license limits the number of simultaneous streams without respect to how many user profiles a plan has.
For example, a user can have five profiles on Netflix, but the plan level dictates how many devices can stream simultaneously. A Premium plan supports up to four simultaneous streams, which is the most available. Five people can’t stream at once even though there are five available profiles.
Beyond choosing the correct licensing option for the platform, companies can be proactive about the issue by using automated software to scan for users that could abuse the system. Red Points’ Digital Rights Violation platform can find when account credentials or activation codes are sold online so brands can keep piracy under control. With the right combination of tools and customer awareness, brands can minimize the impact of account abuse.