Click fraud has become so large that it’s setting records, and not in a good way.
“We’ve seen indications that the overall losses due to click fraud could equal more than $1 billion” each year, according to a financial expert quoted Feb. 27 in Business Week. That figure is “larger than the total magnitude of credit card fraud in the U.S.,” according to Fair Isaac’s director of product marketing, Kandathil Jacob. Fair Isaac, a credit-scoring firm, is in a position to know, since it analyzes some 85 percent of U.S. credit card transactions.
I reported last week that fraud-detecting software from ClickSentinel was converted in May from a paid licensing model to free distribution.
Another company, Click Forensics, also started offering its most popular product for free — in this case, last February. Best of all, its network of pay-per-click (PPC) advertisers may actually succeed in demanding that search engines put an end to click fraud.
Stopping Click Fraud with Behavioral Data
Click Forensics now has more than 1,300 advertisers and advertising agencies in its network, according to Tom Cuthbert, the company’s CEO. The data from those users’ PPC ads are anonymously aggregated by Click Forensics. This allows the company, Cuthbert said in a telephone interview, to see patterns that even giant search engines can’t detect for themselves.
“We call it behavioral activity,” Cuthbert says. Advertisers who use Click Forensics’ software are able to measure the behavior of any visitors who originate from a paid click. Visitors who leave a site within a split-second or wander aimlessly without taking any meaningful action are likely to be software bots controlled by fraudsters.
“Unless an advertiser gives that data to them,” Cuthberts says of the search engines, “they don’t have it.” Advertisers, of course, are unlikely to voluntarily share their valuable traffic patterns with the search engines that control ad policies.
Assembling the Facts to Go After Thieves
The answer, Cuthbert asserts, is for a neutral third party to assemble the behavioral data in a way that can’t be associated with any individual advertiser but would be accepted as accurate by all parties.
“Advertisers who run television or radio spots receive a notarized affidavit at the end of each month,” he points out on his site. “In the online space there is no such process in place.”
To get enough data to identify fraudulent clicks, Click Forensics has two versions of its software:
• CF Analytics is the free offering. Advertisers who generate fewer than 100,000 ad click-throughs per month place encoded images and JavaScript on their pages to collect behavioral data on click-through hits. An advertiser would typically be spending well over $10,000 a month before hitting 100,000 paid click-throughs. Cuthbert points out in his blog that about 90 percent of PPC advertisers qualify to use CF Analytics for free.
• Click Forensics 4.0 Enterprise is the commercial version for advertisers with more than 100,000 paid clicks per month. This version involves direct analysis of an advertiser’s server log files. Log file information is often more believable when presented to search engine representatives to support refund requests than JavaScript-generated hits.
Click Forensics correlates the data between the two versions and publishes it on a separate Web site called ClickFraudIndex.com. Traffic is judged to be a “high threat,” meaning almost certainly fraudulent, “medium threat,” or “low threat.”
Over the past five weeks, a chart at the site shows that high-threat clicks are consistently 13 to 14 percent of all paid clicks. Since some of the medium-threat clicks are probably also bogus, the numbers add up to a huge theft problem.
The click fraud index also charts the number of high-threat clicks that originate from countries outside North America. China and other developing countries prominently feature on this list, but Cuthbert indicates that click fraud isn’t just a Third World phenomenon. “88 percent of all unwanted clicks are coming from the U.S. and Canada,” he says, perhaps involving spyware-infected PCs that robotically generate profitable clicks for hackers.
Some Heavy Hitters for a Sticky Problem
Cuthbert won’t reveal the number of his 1,300 registered users who are paying for the commercial version of his software. On his blog, however, he states that 8 percent of the users work in Fortune 1000 companies, representing some of the largest advertisers currently online.
Confidentiality agreements prevent him from naming them, Cuthbert says. “Some of our clients are very large agencies,” he explains, “and there’s a couple of these very large agencies that we can make public” within a few months, after a deal is struck with one or more search engines.
Click Forensics’ goal is to establish a neutral PPC reporting service, much the way Nielsen audits television advertising and Arbitron measures radio. Cuthbert says he’s negotiating with all the major search engines to adopt this approach. He feels that an announcement will be made before the end of this year, but he won’t hint at which search engine will be the first to want in.
Conclusion
It’s mind-boggling that pay-per-click advertising is permeated with so much outright theft. Consumers would never accept a bank that “lost” 14 percent of its deposits or a utility that “accidentally” overbilled 14 percent of its usage (perhaps refunding a portion of that when challenged).
Many PPC advertisers already find their ads to be only marginally profitable. Any increase in click fraud might push them out of search-engine advertising entirely. On the bright side, if click fraud networks like Cuthbert’s can end the thievery, advertisers might find they can afford to spend even more on paid clicks. That would be good for advertisers as well as the search engines.
For more information, see ClickForensics.com.