Although about half of INMA members have a “significant issue” with password sharing, most are not doing anything about it — yet.

This week’s members-only Webinar, Cracking down on subscriber password sharing, kicked off with a poll of members to read the room and see how password sharing has affected them. Greg Piechota, INMA Readers First Initiative lead, said that password sharing had become a “phenomenon;” one survey found that 79% of Americans admit to sharing passwords with people outside their homes.

He then conducted an online poll to determine whether members had identified password sharing among subscribers and found that most of the attendees had. Of those, 47% considered it a “significant issue,” while 37% did not see it as a major concern. The remaining 16% had not yet checked whether password sharing was happening.

Those who didn’t find it concerning, Piechota said, might see it differently after hearing from his guests, Charles Duenas and Lou Grasser of LeMonde, and Donika Lilova of Frankfurter Allgemeine Zeitung.  

Capping accounts to drive growth

Duenas, LeMonde’s chief data officer, explained that password sharing is a form of fraud — and fraud is costly, whether it’s B2C or B2B.

In B2C fraud, people share personal accounts with family members or friends, while B2B fraud is often more subtle, he said: “It may be either B2B clients that you already have and you want to monitor where when they exceed their limits of usage, or it can be professional clients using personal accounts that share it internally in their company.”

Fraudulent account sharing is a common problem, one LeMonde thought was probably happening on a small scale. However, when it investigated, the company found password sharing was much more widespread than imagined.

“We were quite surprised because we thought it was a minor phenomenon, but actually, a quarter of all accounts were sharing massively their accounts to families or et cetera,” Duenas said.

Ironically, one of the biggest fraudsters was a French organisation for fraud oppression.

The company searched for a tool to prevent such fraud and, unable to find one, created its proprietary tool, called Capping.

“Capping’s objective is to avoid revenue loss by detecting and/or blocking fraud risk activities such as account sharing and copy/paste. What capping also enables is to generate upsells, either for B2C or B2B,” he said.

The tool was also designed to be configurable to meet the specific needs of B2B clients. That included a custom time-sharing policy to encourage converting new clients.

Now, when another device tries accessing the LeMonde site simultaneously with someone else on the account, Capping detects it and asks the user if they want to switch devices. If the user switches devices, they’ll be able to keep reading. However, if it is a second user, the reading experience is degraded.

The Capping tool was deployed in December 2019, and at that time, LeMonde’s B2C subscriptions hovered just below 15,000. Within a month, however, they saw a steep increase, said Grasser, the company’s chief digital operations officer. The biggest effect was seen in B2B subscriptions.

“On average, we had 400 new subscriptions on B2B,” she said. The month following [implementing Capping], we had the highest number ever. After January, February, and March, we’re still high.”

 It has since levelled out, Grasser said, but subscription numbers are still much higher than before Capping was introduced.

Managing customer response

One concern the company had as it implemented Capping was that customers would be mad and call in with complaints. The customer service department had 20 workers ready to take calls and address those issues — and no one called.

“We were really surprised,” she said, explaining that people were ashamed to call and say they had been accessing the newspaper fraudulently.

The second reason was that LeMonde created a pop-up that explained very clearly why they could no longer access the site using someone else’s account. It also included a CTA to upsell them to a subscription: “We encouraged people to take our multi-account offer — Deaux for two people or Family for four people.”  

Both B2C and B2B customers received e-mails notifying them that password sharing would no longer be allowed, but Grasser said approaching B2B customers was slightly different: “On the B2B side, if you are too aggressive with them, they can say OK, we’ll just unsubscribe and we don’t want this. The behaviour of B2B subscriber is really different.”

At first, it sent the same type of e-mail to B2B subscribers as it did to B2C customers, but Grasser said that “did not work at all.”

Some companies continued using B2C subscriptions for a company with hundreds of users and ignored e-mails asking them to convert to a business account.

“So we said, OK, next step, we need to be mean — and it worked,” Grasser said.

The e-mail, sent from the legal department and signed by the CEO, reminded subscribers they were not following the subscription conditions. If that didn’t work, they would receive a second e-mail a few weeks later saying their site access would be cut. She said the B2B team is still experimenting with e-mails to see what works best.

Since implementing Capping, LeMonde has seen fraud decrease, although around 200 “high fraud” accounts are identified every two months. These Capping campaigns have increasingly seen better responses and, in 2023, it accounted for more than US$108,000 in revenue and the number of subscribers has gone from 450,000 in 2020 to more than 600,000 today.

Creating a session wall

LeMonde’s success inspired Frankfurter Allgemeine Zeitung, said Lilova, FAZ’s head of paid content subscription. The Germany-based company knew it needed digital growth to remain relevant in the future, and that digital growth comes from its news Web site.

In addition to selling subscriptions to new users, FAZ is constantly looking for ways to generate new subscribers.

“And one of these possibilities was to check how fraud is dealt with and whether we have use cases for family accounts within our subscribers,” Lilova said. “The first thing we did was implement our session wall, which supported us in generating new subscriber digital subscriber revenues and how it works.”

The session wall prevents a subscriber from simultaneously accessing more than two paid articles on FAZ+, its digital product. Once a subscriber exceeds that limit, a session wall appears that allows them to close down one of the sessions or upgrade to a FAZ+ Family plan to allow more users.  

Initially, FAZ allowed subscribers to access more than two sessions before hitting the wall. Lilova said that after experimenting with different numbers, it found two articles were the “sweet spot” for triggering subscription upgrades.  

Traffic has been stable since implementing the session wall, attracting around 420,000 to 430,000 visitors for the past two months. The session wall has proven an effective way to get users to upgrade their subscriptions, she said.

“We started with our Web site, but we want to expand what we’re doing [to] our digital subscribers who use the replica edition because fraud cases really have much more impact on our revenue,” she said, noting there have been cases where institutions who subscribe for just one subscription for the digital newspaper then share the password with hundreds of users.  

“Sometimes, we look at how many unique pageviews have been made with one account, and we see that sometimes within a month, there are hundreds or thousands, which is an indication that there might be fraud,” Lilova said. She said they sometimes discover IP addresses from different countries accessing the account simultaneously, another clear indication of fraud.

In those cases, she said, they reach out “with a nice message or e-mail” to stop the activity, Lilova said. “We have a special department in charge of copyright topics, and they know how to handle those cases.”

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .