Just a guess, but I'd imagine this is a "signature", created by running a one-way hash function on the rest of the URL, plus some "secret" text.

It's used to detect fraud - if the URL is altered, the signature will not match. Only Google knows the secret, so it's impossible to forge the signature.

What kind of fraud? I'd guess that the most-encountered URL-altering fraud would be the alteration of affiliate IDs.

Malware that is downloaded by users - and knowingly (with a disclaimer burried in an end-user agreement) or unknowingly - alters affiliate IDs is common.

I'm surprised it took this long for Google to realize the importance of protecting URLs from alteration. I had assumed that they were already doing this. I note that there is already a long "random looking" string in the URLs. I assumed that this already served this purpose, and/or served as a unique ID, with the parameters also stored on the server so that they could be compared. (But on second thought - if the parameters were stored on the server - there would be no need for the parameters in the URL...)