The problem of password sharing is costing the industry tens of billions of dollars a year and it’s time to fight back. [Updated Jan 2023]
The online streaming industry has been losing significant amounts of revenue to password sharing for quite some time. The figures spiked alarmingly during the Covid pandemic, jumping from a pre Covid 27% to over 40% between 2019 and 2021 in two surveys of US consumers, and while they have settled down since they still represent a huge loss of income for the industry.
The latest estimates are that about one in three Netflix users and one in four Amazon Prime Video users are sharing access to their services (the numbers are similar among users of other popular services such as Hulu, Disney+ and Paramount+).
There is a pronounced generational shape to the phenomenon. When we analysed in detail the intergenerational attitudes to video piracy, we found that 60% of Millennials said they shared passwords within the family, and 42% reporting sharing with friends. Whoever is doing it, however, the amount of money being lost as a result is phenomenal.
Revenue loss from sharing passwords
In its latest earning call in January 2023, Netflix estimated that over 100 million households are sharing passwords. Even if they are sharing to just one other person and everyone is on the company’s $9.99 per month basic plan, that equates to a lost revenue of nearly $1bn every month; $12bn a year.
One more data point too. Citi analyst Jason Bazinet estimated in March 2021 that sharing online passwords to SVOD services means a massive $25 billion yearly loss for US companies.
“As streaming services move to center stage, thwarting this theft will be of growing importance for shareholders,” Bazinet wrote.
This is an important point. While SVOD was in the growth stage the major providers adopted a rather laissez-faire approach to monitoring password sharing, almost utilising it as an unofficial promotional tool and reasoning that users — especially inter-family ones — would eventually migrate to their own accounts.
HBO CEO, Richard Pleper, said this in 2014: “It’s not that we’re ignoring it, and we’re looking at different ways to affect password sharing. I’m simply telling you: it’s not a fundamental problem, and the externality of it is that it presents the brand to more and more people, and gives them an opportunity hopefully to become addicted to it. What we’re in the business of doing is building addicts, of building video addicts. The way we do that is by exposing our product, our brand, our shows, to more and more people.”
That era is now well and truly over. Netflix’s crackdown on password sharing has been extremely high profile and will be rolling out worldwide during 2023. After testing various methods of implementing what it refers to as ‘paid sharing’ in Latin America during 2022, it has decided to focus on making it easier for borrowers, (defined as people who do not live in the household of the account holder) to transfer their Netflix profile into their own account, while sharers get to manage their devices more easily and to create sub-accounts (“extra member”), if they want to pay for family or friends.
In the trials, if a change in location of an account being used was detected for more than two weeks, the holder received an in-app notification giving them the option of changing their household address or paying a fee to add the new address. Additional homes can be added at $2.99 a month with members on the Basic plan able to add one extra home, Standard up to two extra, and Premium up to three extra.
“This will not be a universally popular move,” the company’s new co-SEO, Greg Peters, said to Variety, expecting “a bit of cancel reaction,” similar to what Netflix sees when it raises pricing. He described the initiative as giving people who share their accounts “a gentle nudge” to pay for users outside their own household.
So, what do operators need to do to protect their own revenues?
How to detect password sharing
There are various means that can be used to detect password sharing, but most, such as VO’s, now use AI to detect password sharing by observing location, consumption patterns, and more on different devices.
By examining the content that is watched, analyzing on which device it is watched, and from where a detection service looks for patterns that indicate a shared password. The AI then gives the service provider a probability score of how likely it is that the account holder is ‘oversharing’.
Certain patterns indicate password sharing, but it’s important to differentiate between similar scenarios to know which are legitimate and which are not. As an everyday example, if an unusual number of devices are detected in a household, it could be simply because a user has changed devices. But if the content that has been authenticated for consumption in one household is being consumed by devices at multiple IP addresses, it could well be due to password sharing. As usage patterns are dynamic, machine learning and AI are critical to sifting through the data since they can adapt to these shifts and continue to discern between legitimate use cases and infringements.
There are definite levels of infringement at work too. If a probability score indicates that it’s likely that the credentials have been sold online to multiple users, the service provider has the option of shutting down the accounts. However, if it’s a lower score, indicating that it’s probably just a family that is just too free with their credentials, the service provider can use this as an opportunity to upsell a premium package to the family.
This very seems to be the route that some of the bigger players are taking at the moment, using a form of nudge therapy to gently push users towards making the right, legal choice. They are doing it with understandable care as well. Protocols such as two-factor authentication can also present a barrier to new users. It’s a small one, but with consumer sensitivities set on a hair-trigger with OTT streaming services and churn levels high — and potentially set to increase as the world heads into a recession — any barrier can be an unwelcome one.
However, with competition in the OTT space only intensifying and huge budgets being spent annually on content, one way or the other the era of the password-sharing freeloader may soon be coming to an end. And for the investors that are starting to increasingly look for returns from the industry, it is an important potential area of subscriber growth. While it might be tempting for other operators to adopt the old laissez-faire approach to it all, especially to attract subscribers away from services that are cracking down as they look to grow their own subscriber base, they may very soon find themselves out of step with a newly forming industry consensus.
Service providers who want to truly protect their content require comprehensive anti-piracy services, and that increasingly also includes mitigating against password sharing.