Google Poo-Poos Click Fraud Claims

Written by Evan Schuman
August 9th, 2006

Although Google itself has been clever in its click fraud battles, it’s issued a report saying that clickfraud claims are overblown. The message is legit, but I wish it was another messenger.

Click fraud claims–as opposed to actual click fraud–are a huge threat to the massive but not especially stable Web advertising market.

Ad-hawker-extraordinaire Google is doing its best to combat that threat. Unfortunately, the threat they are focusing on are the claims as opposed to the fraud itself.

To be fair, Google has put a lot of programming talent into some very complex models to prevent actual fraud itself. The latest Google anti-click fraud efforts go well beyond the expected IP address, browser type/version and cookies and am examining patterns of movement that could differentiate likely legitimate from probably-naughty activity, said Alan Cohen, director of search intelligence for SpiderSplat Consulting.

?Based on these parameters, Google can see if multiple clicks on the same advertiser?s advertisement are from the same person or someone else. It would not surprise me if they also use information from the Google Tool Bar,? Cohen said. ?Remember that when a user goes back and forth, the between pages have AdSense code on them. Google can save their browsing patterns.?

The traffic analysis pattern can indeed reveal a lot, Cohen said. ?If a building, or ISP Portal has a default page with AdSense on it, you may get multiple clicks on the same advertisement within a relatively small group of people,? he said. ?So if we have 20 people clicking on the same AdSense link, it will probably not count as fraud.?

But ?if the same group of people consistently click on the same groups of advertisements in a similar fashion/order, that is where Google?s click fraud radar should beep,? he said. ?The following pattern from multiple people would be kosher: Click on ad number one and go to random pages form there. But if you get multiple users with the following pattern, it may be an indication of click fraud: Click on ad number one, go back to page A, click on ad two, go back to page A, etc.?

So, clearly, Google has put some of its smarter people on the mission of trying to identify and block truly fraudulent clicks. But a less encouraging sign are recent Google efforts to play down the amount of clickfraud that exists today.

On Tuesday, Google released a report and then some of its own analysis questioning third-party firms and consultants that try and combat click fraud. The Washington Post did an interesting piece about the reports.

On the plus side, Google’s efforts to combat clickfraud are praiseworthy. It’s also hard to question that a lot of consultants are not indeed out there to make some easy sky-is-falling money from clickfraud fears, preying on marketing execs who are prone to panic.

But it’s also hard to see Google as credible in saying that this clickfraud business is a lot of HREFs about nothing.

Clickfraud is simply too easy and tempting for marketers to do, given that payments are being made in exchange for free-and-easy actions. One problem is that there is very little concrete evidence, one way or the other. When I see bills for clickcharges?or, for that matter, checks for publishers for clicks made?I feel the same as I do when I see my monthly electricity bill. I have no way of knowing if that number has been inflated by 20 percent and I couldn’t prove it either way. In both instances, I am forced to completely trust the integrity of the business. Today, that’s not something I feel good about doing.

Any company that feels the need to have a slogan that says “Don’t Do Evil” is one that merits some healthy watching. Would Mother Theresa’s group or UNICEF have ever considered the slogan “Don’t Be Evil”?

Companies tend to market the opposite of their greatest weakness. A small company pushes the huge number of consultants they use. Would Microsoft or IBM ever feel the need to do that? A vendor with an especially slow piece of software talks up speed by saying that it’s 80 percent faster than it’s prior version. Whenever an ISP stresses it’s competitive pricing, you just know that a lot of folk have been complaining about the high price of its product.

Therefore, I’m not so quick to trust any “Don’t Do Evil” company. Then again, I don’t like trusting anyone.


Comments are closed.


StorefrontBacktalk delivers the latest retail technology news & analysis. Join more than 60,000 retail IT leaders who subscribe to our free weekly email. Sign up today!

Most Recent Comments

Why Did Gonzales Hackers Like European Cards So Much Better?

I am still unclear about the core point here-- why higher value of European cards. Supply and demand, yes, makes sense. But the fact that the cards were chip and pin (EMV) should make them less valuable because that demonstrably reduces the ability to use them fraudulently. Did the author mean that the chip and pin cards could be used in a country where EMV is not implemented--the US--and this mis-match make it easier to us them since the issuing banks may not have as robust anti-fraud controls as non-EMV banks because they assumed EMV would do the fraud prevention for them Read more...
Two possible reasons that I can think of and have seen in the past - 1) Cards issued by European banks when used online cross border don't usually support AVS checks. So, when a European card is used with a billing address that's in the US, an ecom merchant wouldn't necessarily know that the shipping zip code doesn't match the billing code. 2) Also, in offline chip countries the card determines whether or not a transaction is approved, not the issuer. In my experience, European issuers haven't developed the same checks on authorization requests as US issuers. So, these cards might be more valuable because they are more likely to get approved. Read more...
A smart card slot in terminals doesn't mean there is a reader or that the reader is activated. Then, activated reader or not, the U.S. processors don't have apps certified or ready to load into those terminals to accept and process smart card transactions just yet. Don't get your card(t) before the terminal (horse). Read more...
The marketplace does speak. More fraud capacity translates to higher value for the stolen data. Because nearly 100% of all US transactions are authorized online in real time, we have less fraud regardless of whether the card is Magstripe only or chip and PIn. Hence, $10 prices for US cards vs $25 for the European counterparts. Read more...
@David True. The European cards have both an EMV chip AND a mag stripe. Europeans may generally use the chip for their transactions, but the insecure stripe remains vulnerable to skimming, whether it be from a false front on an ATM or a dishonest waiter with a handheld skimmer. If their stripe is skimmed, the track data can still be cloned and used fraudulently in the United States. If European banks only detect fraud from 9-5 GMT, that might explain why American criminals prefer them over American bank issued cards, who have fraud detection in place 24x7. Read more...

Our apologies. Due to legal and security copyright issues, we can't facilitate the printing of Premium Content. If you absolutely need a hard copy, please contact customer service.