Piracy here just means you can use it to sell your ticket without using their platform, which is analogous to just sending someone the PDF or handing over the piece of paper as always.
While this has the upside of breaking you free from TM's obnoxious practices, it also obviously opens up for scalpers and all.
Scalping is still possible without understanding the tech - you could just stream a video of the bar codes and sell the stream instead of selling the ticket.
The whole point of their system isn't to eliminate the possibility entirely it's to make it impractical to get around for the vast majority of concert-goers, and it clearly succeeds at this.
Recording the ticket with a video is everyone's first thought at defeating their restriction, and is no doubt the first thing they thought of when designing it. Hence, the codes expiring too quickly that you'll need a new video before you get through the line at the entrance of the venue. And messing with videos in a pressured line of people in front of a bouncer, is, as others have said, simply not practical for the vast majority of cases.
So it's kind of irrelevant - practically speaking - that it is possible.
You don't need to truly stream a video capture of the app, you can have a scanner on the server side decode the barcode in the web/virtualized Android app and then only stream a couple hundred bytes, having the client regenerate the barcode
While this has the upside of breaking you free from TM's obnoxious practices, it also obviously opens up for scalpers and all.