homepage Welcome to WebmasterWorld Guest from 184.72.82.126
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / Advertising / Pay Per Click Engines
Forum Library, Charter, Moderator: open

Pay Per Click Engines Forum

    
Fighting fraudulant clicks with ppc xml feeds
what's the best route to take
SlimKim




msg:3667137
 9:44 pm on Jun 4, 2008 (gmt 0)

PPC XML feeds can lead to a lot of fraudulent clicks if you give them to the wrong people. What's the best route to take to combat fraud?

A few early suggestions have been:

[A] build a javascript version where all the results have to be hosted by us but they can be iframed.
[B] build a follow me system to actually follow the surfer and see how many pages deep he goes and if he fills out a form or does the advertisers MWR.

that's about it, so far, and I'm not overly takem with either suggestion. i like simple systems best. I prefer to just work with top 2000 websites and allow advertisers to ban affiliates with poor conversions

any ideas

 

httpwebwitch




msg:3667568
 1:31 pm on Jun 5, 2008 (gmt 0)

A) That would put one thin barrier of entry between your ads and a robot, but it doesn't really prevent click fraud. It just moves a page from one host to another. The criminal can still load the ads page directly with the same URL as is used by the iframe. Besides, 3rd party iframe implementations have layout issues when the size (ie character length, height or width of the rendered ads) is uncertain. Nice for banner ads and AdSense, but not so good for text links with unknown-length subtitles.

B) that's not PPC.

Preventing PPC click fraud is a lot like developing a spam filter. You need to build a set of rules, algorithms, processes that can tell the difference between a "legit" click and a bot, macro, botnet, or someone just clicking on their own ads using proxies and UserAgent spoofing. In order to "teach" a system to recognize fraudulent clicks, you need a large sample set where the fraudulent status is either known or statistically inferred. Then you can use Baysean filters or K-means analysis or neural something or other to build your fraud detection brain. It's not simple, at all. And there's an army of criminals working for the dark side!

You have two opportunities to prevent bots and fraudsters from clicking a PPC ad: once when the ads are requested, and again when the ad is clicked.

There are experts in this subject... I am not one. But I know a few basic principles

1) When the ads are requested,
require the publisher to send along the user's IP and UserAgent
- validate the User Agent
- validate the IP
- employ rate limiting, and/or have filters in place to detect massive numbers of requests from the same IP

2) When the ad is clicked
- employ whitelisting and blacklisting in tandem
- check that human-like behaviour preceded the click
- trigger the alarms if one IP does a lot of clicking
- look for timing patterns, such as clicks that happen exactly every 10 seconds
- throw away any clicks that come from IPs that are known to be used by the publisher themself

One PPC syndication company I know requires publishers to put a piece of hotlinked Javascript on the page along with the ads. It does some magic on the client side to determine "yes, this is a browser which supports javascript, and a user is moving their mouse and putting it over a link, and now he's pressing the mouse button". If those criteria are met, in order, it accepts the click as being genuine. Javascript generates a checksum, pops that onto the href, then validates that at the server before redirecting to the advertiser. A pretty ingenious scheme, I must admit, I wish I'd come up with it myself.

SlimKim




msg:3667658
 3:35 pm on Jun 5, 2008 (gmt 0)

Thank you Ian for moving the post where it will likely get more interest. And thank you for sharing what you know. Your observations and knowledge are really quite impressive. I focus on marketing and leave the tech matters to others but it helps to have a general idea of what's going on.

While this discussion is about "How to protect your ppc xml feed" it would also be equally good to hear some comments on the vulnerability of banner networks or ad systems that charge cpm. Everywhere i look there's a new banner network and many of them seem to flourish. I'm guessing they face the same uphill battles when fighting fraud, but community comments are welcome.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Advertising / Pay Per Click Engines
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved