Click fraud identification guidelines released

Google and others helped the Interactive Advertising Bureau tackle this controversial issue

The Interactive Advertising Bureau has published guidelines for determining when fraudsters are taking advantage of pay-per-click (PPC) advertisements.

PPC ads, which most often appear as text boxes along with search results, are the most popular online ad format yet are vulnerable to click fraud. The subject has long been controversial: advertisers have sometimes complained that the major search engine companies minimize the severity of the problem.

The guidelines establish basic procedures for determining when an ad buyer should or should not pay for a click. Google, Yahoo and Microsoft collaborated with the IAB on the guidelines.

"The recommendations established in these guidelines provide the detailed definition of a 'click' and the standard by which clicks should be measured and counted, including the identification of invalid and/or fraudulent clicks," reads the document, released on Tuesday.

Invalid clicks happen when PPC ads are clicked on with malicious intent or by mistake. For example, a competitor may click on rivals' PPC ads in order to drive up their ad spending. Also, a publisher may click on PPC ads on its site to trigger more commissions. In those two instances, invalid clicks are considered click fraud.

However, invalid clicks also come from nonmalicious activity that nonetheless yields a click of little or no value to the advertiser, such as when someone clicks on an ad by mistake or two consecutive times.

Google, whose revenue comes mostly from PPC ads served with its search results or on the sites of partners, has often locked horns with click fraud detection vendors over their estimates of click fraud incidence and their methods for counting invalid clicks.

However, one of the click fraud detection vendors with which Google has often clashed, Click Forensics, participated in the project to come up with the PPC guidelines, a sign that the two companies may now find more common ground.

In January Google questioned Click Forensics' methods and accuracy, in reaction to its fourth-quarter report, which estimated that 17.1 percent of clicks were fraudulent.

"These estimates continue to count clicks Google does not charge to advertisers as fraudulent, so they are not actually click fraud estimates," a Google spokeswoman said via e-mail at the time.

"Furthermore, their estimates have never reflected the invalid click rates we see at Google, which we have previously stated have remained in the range of less than 10 percent of all clicks every quarter since we launched AdWords in 2002," she said.

Google didn't immediately respond to a request for comment on Tuesday, but in the IAB's press release, Click Forensics' President Tom Cuthbert said his company was proud to participate in the effort.

"The work of the IAB and member companies has produced an excellent document that is a solid first step in this process," he said in the statement.

The guidelines provide detailed definitions and descriptions of different click scenarios, discusses what constitutes valid and invalid clicks, addresses methods for filtering clicks, including invalid ones, and provides auditing and reporting principles and parameters.

The guidelines should be a big help, considering that PPC ads account for more than 50 percent of U.S. Internet ad spending currently, said Caroline Dangson, an IDC analyst.

"One of the biggest challenges for online advertising these days is a lack of standards. IAB's new click measurement guidelines are a step in the right direction," Dangson said via e-mail.

Given the recession, advertisers are under great pressure to make sure they are getting the maximum return on their marketing investments. This makes the PPC model even more attractive, since they only pay when ads are clicked on, she said.

"Web pages are full of links these days which makes it much easier for consumers to make faulty clicks. Advertisers want to pay for intentional clicks that could lead to a conversion instead of accidental clicks that turn the consumer away," Dangson said.

The project took a little over three years to complete and the IAB is very satisfied at having reached a consensus with all participants, said Joe Laszlo, the IAB's director of research. "We cast a big tent with this one," he said.

Now that the guidelines have been published, the IAB will actively promote them so that they will be adopted and understood industry-wide by ad sellers, ad buyers and Web publishers, he said.

"The IAB has no enforcement powers," Laszlo said. However, it can and does strongly encourage industry players to embrace its guidelines and recommendations.

Laszlo envisions a revision to the guidelines in about two years, since the technology around PPC ads, and the methods of fraudsters, will likely have changed significantly by then.

Join the CSO newsletter!

Error: Please check your email address.

Tags digital marketingclick fraud

More about GoogleIDC AustraliaInteractive Advertising BureauMicrosoftYahoo

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Juan Carlos Perez

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place