/
Manage and protect spectators data

Manage and protect spectators data

Overview

In the new version, we should collaborate to manage and protect our spectators' data. The mobile ticket app must integrate with your Identity Provider, offering spectators a smooth experience by using a single account for all your business services via Single Sign-On (SSO) authentication.

Our system has been upgraded and continues to follow the best current practices of the security standard (OAuth2.0/PKCE).
It is also compatible with the Fast Identity Online (FIDO) standard, promising a future without passwords.

How do spectators log in after integrating an IdP?

Thanks to the native WebView, the device’s password manager can auto-fill credentials for the external IdP, streamlining the login process for spectators.

Please see the example of our system below:

image-20251113-075433.png
Step 1: Provide biometric verification
image-20251113-075549.png
Step 2: One-click forward to continue
IMG_8572-20251113-082036.png
Step 3: View the tickets and enjoy

How does TIXNGO manage spectators' data?

Spectator profile data

Spectator V4 data for TIXNGO extends from your Identity Provider system. When spectators log in, sign up, or update profiles, we open an in-app browser displaying your login or user profile page. Thus, your Identity Provider system fully manages spectator data.

image-20251113-085317.png
Sample of sign-up page
image-20251113-094000.png
Sample of profile page

After completing the authentication steps, TIXNGO Spectator V4 will request the necessary spectator personal information from your Identity Provider system before allowing them to use the app.

  • Email - spectator's email address to receive all communication emails

  • First name & last name - to identify the person you are communicating with

  • Preference language - the language this spectator prefers for communication

image-20251113-103108.png

The spectator can still select a mobile app language if the apps supports it, but this preference is purely stored on the mobile app.

We also allow syncing additional personal information of spectators from your Identity Provider system if it benefits and simplifies your operation.

We display this information on the Spectator support screen.

image-20251113-100935.png

 

Spectator status

With Spectator V4, we are introducing a clear spectator status:

  • INACTIVE Spectators new to the system by ticket injection or transfer who have not logged in yet

  • ACTIVE Spectators who completed registration and logged into the app

  • Locked Spectator accounts locked by the organizer; Spectators will be restricted from ticket transfer, assignment, and prevented from the logout action

  • anonymized Spectator accounts anonymized by the organizer via TIXNGO Backoffice

image-20251211-124643.png
New spectator state machine

Acquired by

TIXNGO tracks the spectators' origin upon first login

  • TICKET_INJECTION: Spectator has been created during ticket injection when no existing spectator with the provided email has been found

  • TICKET_TRANSFER: Spectator has been created during ticket transfer when no existing spectator with the provided email has been found

  • REGISTRATION: Spectator download, self-register, and use the app before having a ticket.

Referred by

When a spectator is acquired by TICKET_TRANSFER, the system also tracks the sender's spectator ID

Extracting data

To leverage the spectator data, we expanded the TIXNGO V4 reporting domain. Please refer to https://go.confluence.secutix.com/wiki/x/pQYFDg, and more specifically:

Here are some example leveraging the new spectator V4 properties:

  • Identify your spectators' sources:

image-20251113-105919.png
This sample was built with Power BI - Pie chart
image-20251117-092052.png
This sample was built with Power BI - Force-Directed Graph 2.0.2

Use the “acquired by” field

Only based on the data of the acquiredBy field

image-20251117-075237.png

 

 

Leverage the “referred by” field

Based on the data in the spectatorId and referredBy fields, and NOT use the spectators' personal information

image-20251117-075141.png

 

 

 

Manage and Protect Spectators Data

Overview

The TIXNGO mobile ticket app integrates with your Identity Provider (IdP) to offer spectators a seamless Single Sign-On (SSO) experience. This allows spectators to use a single account across all your business services while following the highest security standards (OAuth2.0/PKCE).

The system is also compatible with the Fast Identity Online (FIDO) standard, enabling a future of passwordless authentication.

Secure and Fast Login

By leveraging native WebViews, the mobile app integrates with system-level password managers (such as Apple Passwords, Google Password Manager, and others). This allows for secure auto-filling of credentials, streamlining the login process for spectators.

How TIXNGO Manages Spectator Data

Spectator Profile Data

In the latest version of TIXNGO, spectator profiles are managed directly by your Identity Provider. When a spectator logs in, signs up, or updates their profile, the app opens an in-app browser displaying your specific IdP pages.

Upon successful authentication, TIXNGO requests only the necessary personal information required for core operations:

  • Email: The primary identifier for communication and ticket delivery.

  • First & Last Name: Used to identify the ticket holder in communications and on the ticket.

  • Preferred Language: Used for system communications. (Note: This is independent of the mobile app's display language, which is stored locally on the device).

Note on Profile Updates: If a spectator updates their profile information, TIXNGO automatically reflects these changes on any tickets they have "kept for themselves," ensuring ticket holder data remains accurate.

Spectator Status

TIXNGO categorizes spectators into four clear statuses to help organizers manage their audience:

  • INACTIVE: Spectators created via ticket injection or transfer who have not yet logged into the app.

  • ACTIVE: Spectators who have successfully registered and logged in.

  • LOCKED: Accounts restricted by the organizer. Locked spectators cannot transfer or assign tickets and are prevented from logging out.

  • ANONYMIZED: Accounts where personal data has been removed by the organizer via the TIXNGO Backoffice.

Acquisition Tracking

To help organizers understand their audience growth, TIXNGO tracks how a spectator first joined the system:

  • TICKET_INJECTION: Created when a ticket is injected for an email address not yet in the system.

  • TICKET_TRANSFER: Created when a spectator receives a transfer but does not yet have an account.

  • REGISTRATION: Created when a spectator downloads the app and signs up before receiving any tickets.

Referral Tracking

When a new spectator is acquired via TICKET_TRANSFER, the system securely stores the internal ID of the sender. This allows organizers to visualize referral networks and transfer chains without exposing sensitive personal information.

Data Insights and Reporting

Organizers can leverage spectator data through the TIXNGO reporting domain to:

  • Identify primary sources of spectator acquisition.

  • Analyze referral patterns in ticket transfers to identify power-users or potential bot behavior.

  • Monitor mobile logs for system performance and troubleshooting.

For detailed reporting capabilities, please refer to our Reporting Documentation.

Release Information

  • Email Change Support: Improved handling of spectator identity to support email updates (Linked to STIX-15097 - Released).

  • Profile Sync: Automatic update of "Keep for myself" tickets upon profile change.