Most fraud detection systems for music distribution are described to operators in vague marketing language: "AI-powered", "machine learning", "industry-leading". That vagueness is not accidental. It hides the fact that many platforms run two or three signals at most, and those signals are usually trivial to game once a fraud operator has run a few test releases.
ToneGrid takes the opposite position. The signals the platform scores on every release submission are documented, the rationale for each is public, and the threshold model is calibrated against a labelled set of historical fraud cases. The point of this transparency is not to teach fraud operators what to evade, those signals already exist in the public literature, it is to make sure the labels and distributors who depend on the platform understand exactly what they are getting.
Here are the twelve signals ToneGrid evaluates on every release submission, grouped by what they catch.
Group 1: Audio originality and synthesis
1. Audio fingerprint match (ACRCloud)
Every uploaded audio file is fingerprinted against the ACRCloud commercial and UGC reference catalogue. A match against an existing recording flags the submission. This is the single highest-precision signal in the system, because it operates on the audio itself rather than the metadata around it.
2. AI-generated audio probability
The track is scored by a specialised classifier trained on a labelled set of human-performed, AI-assisted and fully synthetic audio. The output is not a binary yes-or-no, it is a probability blended against negative evidence. A high score on a track from a known producer with credible named credits is treated differently from a high score on a first-time anonymous upload.
3. Stream-bait audio length distribution
Tracks engineered just above the streaming royalty payout threshold (typically around the 30-second mark, the exact value varies by DSP) are flagged when their length distribution across a release looks unnatural. A release where every single track is between 31 and 33 seconds long, with no creative reason, is a textbook bait pattern.
Group 2: Metadata and identity
4. ISRC duplication
Every ISRC submitted to ToneGrid is checked against the platform's own catalogue, against ACRCloud's index, and against historical takedown records. A previously-used ISRC associated with a takedown is a strong indicator that the same content is being repackaged.
5. Artist-name imitation
Artist names that closely resemble those of larger, well-known artists, particularly names engineered to surface in DSP search for unrelated bigger artists, are flagged. The system uses a combination of edit distance, phonetic similarity and known-artist seeding to keep false positives low.
6. Cover art reuse and AI-generated cover detection
Cover art is checked against a reuse index and scored for the probability of being AI-generated. AI-generated cover art is not in itself a fraud signal, plenty of legitimate independent releases use it, but it is one input into the overall confidence model.
7. Named-credit consistency
Writers, producers, performers and engineers credited in the metadata are cross-checked against historical credits and against known-good catalogue. A high-confidence track with no plausible credit history alongside the audio score is treated as a higher-risk submission than a track with a long credible credit trail.
Group 3: Behaviour and trust
8. Submitter trust profile
Every tenant and every individual uploader carries an internal trust profile, calculated from acceptance rate, takedown rate, payee change history and refund rate. This profile shifts the threshold at which other signals trigger a review. It is the reason a high-volume trusted operator does not get slowed down, while a new account with thin metadata is reviewed more carefully.
9. Burst-upload pattern
A single account submitting hundreds of releases in a short window, particularly outside known marketing cycles, raises a separate burst-flag. This is one of the strongest signals against catalogue-scale fraud, which almost always involves automated upload behaviour.
10. Payee and split anomaly
Changes to payee accounts, bank details or split percentages immediately before a release submission are surfaced. This signal is shared with the post-delivery layer, where it is combined with stream-level anomalies. A payee change followed by a stream spike on a single track is one of the highest-precision combined signals in the industry.
Group 4: Compliance and context
11. Country of recording versus listener footprint
Country of recording, captured as ISO 3166-1 alpha-2 in the release submission, is cross-referenced post-delivery against the geographic distribution of streams. A release with no listener footprint in its stated country of recording, and an unexplained concentration in an unrelated market, is surfaced.
12. AI cover-art and AI-music disclosure consistency
The platform now requires explicit AI disclosure on every release (none, assisted, fully generated). Inconsistencies between the disclosure and the audio or cover-art classifier outputs are surfaced. This is a compliance signal as much as a fraud signal. DSPs are increasingly strict about whether AI content has been declared honestly, and a clean disclosure trail is what allows legitimate AI-assisted catalogue to ship without friction.
How the signals combine
None of these twelve signals acts on its own. Each one produces a continuous score, and a calibrated model combines them into a single confidence value with an adaptive threshold. That threshold moves based on tenant trust, recent DSP feedback and the platform's measured false-positive rate. The output is one of four states:
- Auto-approved. No meaningful signal. Goes through the normal DDEX delivery pipeline.
- Soft-flag, operator review. One or more signals tripped, but the combined confidence is below the hard threshold. The operator sees the flag and decides.
- Hard-flag, ToneGrid review. High combined confidence. The release is held and reviewed by the platform's trust team before any DSP delivery.
- Blocked. Reserved for clear-cut violations, primarily audio fingerprint matches against active commercial catalogue.
The operator always sees the signals, the score, and the rationale. This is deliberate. A fraud system that operates as a black box is impossible to trust, and impossible to argue with when it makes a mistake.
The false-positive question
The hardest engineering problem in fraud detection is not catching fraud. It is not catching too many legitimate releases by mistake. A platform whose detectors are too aggressive becomes useless to operators very quickly, because every legitimate independent release ends up in a review queue.
The v5 evidence-blend approach is designed exactly around this. The classifier weights both positive evidence (signals that indicate fraud) and negative evidence (signals that indicate a legitimate release, such as ACR-matched original credits, ISRC clean history, named-credit trail) before scoring. On the labelled training set, this reduced false-positive rate from 73 percent under the previous v4 architecture to effectively zero on clearly legitimate cases. That is the result the operator experience is built on.
What this looks like inside the platform
Inside ToneGrid, the operator sees:
- A submission status per release (approved, in review, held, blocked).
- The list of signals that fired, with a one-line rationale per signal.
- The aggregated confidence score and the threshold that was applied.
- An audit trail of all platform actions tied to the release.
None of this is exposed to the operator's own artists. The artist-facing experience is unchanged. They see "submitted", "in review", "live". The fraud layer is infrastructure, not a customer-facing product, which is exactly where it should be on a true white-label platform.
Why this transparency matters
A fraud system is only as good as the operator's trust in it. By making the twelve signals visible, with rationale per signal, ToneGrid hands operators something most platforms refuse to: a clear, defensible explanation of why a given release was held, with an obvious mechanism for review and appeal. That is what an enterprise-grade fraud layer looks like in 2026.