Pay per click search engines can bring lucrative, targeted traffic to your site, but how do they avoid abuse that can needlessly drive up your costs? Mamma.com's Patrick Hopf describes strategies and tactics to combat PPC fraud.
SearchDay: Patrick, Search Engine Watch gets a lot of questions from webmasters concerned about potential fraud from listings on pay-per-click (PPC) search engines. Is this a serious problem?
Hopf: Pay-Per-Click search engine traffic has evolved into a popular means of bringing qualified users to a web site. Both the targeting and tracking abilities of a PPC campaign make it less about advertising and more a direct marketing platform with the intent of spending one dollar to make two. However, while the theory is sound, the traffic being supplied may not always be real.
SearchDay: What can webmasters do to guard against PPC fraud?
Hopf: As an web site owner and advertiser, you must take measures to protect yourself by ensuring that you are working with credible PPC search engines and publishers, and that you are receiving a good return on investment (ROI) in relation to what you are spending.
As most PPC engines rely on a network of sites to increase traffic, understanding who they partner with, as well as what safeguards these sites employ, will help you spend your advertising dollars more effectively. You should avoid working with any publishers who partner with sites offering incentives for clicks or searches and keep in mind that even established affiliate programs can perpetuate fraudulent activity as people find ways of manipulating the system to line their pockets.
SearchDay: What steps are PPC search engines taking to protect their customers?
Hopf: The use of a frequency cap on click traffic is rapidly becoming a standard amongst PPC engines. What this means is that during a predetermined period of time a frequency cap, or filter, will reject all duplicate clicks from the same IP address that are made to the same URL for a single query. This prevents malicious "hammering" on a link from both people or automated bots.
The longer the time period, the better ROI you can expect. Most publishers support filtering of this nature, though each has its own criteria. Asking them to explain their methodology will help you make the right decision when choosing who to spend your money with.
SearchDay: What about subtler types of fraud that are harder to detect?
Hopf: While frequency capping is great, it does not solve the entire problem. For North American, or English speaking countries, another effective means of limiting fraud activity is by discounting click traffic coming from countries in which English is not the standard language.
All ISPs are given blocks of IP addresses to supply their clients with. The first segment of digits on the IP address acts much like a country code and identifies which ISP, and in which country, the IP address originates. This is how traditional geo-targeting works and can be an effective means for eliminating fraud.
When checking your log files, if you notice a lot of click traffic coming from one IP address, you can trace its origin by visiting the American Registry of Internet Numbers. By feeding the IP address into their "whois" search, they will tell you who has been assigned that IP address, whether this is an ISP or another business entity.
Should the IP address not be assigned to the Americas, you can verify RIPE Network Coordination Center for all Russian, European, and Middle Eastern registries, or the Asia Pacific Network Information Center. There are only three such sites, so there is no doubt that you will be able to track the source.
Another way for publishers to combat fraudulent clicks is to attach a uniquely calculated checksum value to an advertisers' URL. This ensures that any click transaction being performed on that URL is being performed in a live search environment and not being looped by a script or other deceptive tactic.
Similar to applying a checksum to the search URL, the application of a session id based on the time of the search is also effective. This technique also embeds an expiry time on the search URL and will refuse any click transactions if they occur after a predetermined period of time. For example, if a click to your link happens 2 hours after the actual search occurred, one could safely assume that some form of caching has occurred and that the transaction did not happen in a live search environment.
SearchDay: Don't you risk throwing the baby out with the bathwater with these methods? Surely these techniques are bound to eliminate some legitimate traffic.
Hopf: There are some risks for the publisher in discarding good transactions as some user sessions could run past the expiry time, yet most agree that the interest of the advertiser is paramount, and that the loss is minimal.
Good filtering techniques and policies are important, but cannot act as a substitute for human intervention. No publisher has the ability to catch everything before it happens. Taking the time to review your click log files and to inform your publisher of any anomalies will help prevent further abuse and, more importantly, save you money.
ARIN Whois Database Search
Query the Ripe Whois Database
Asia Pacific Network Information Center
Patrick Hopf is Vice President, Business Development for metasearch engine Mamma.com, and has led the company's search result placement program since its conception.
NOTE: Article links often change. In case of a bad link, use the publication's search facility, which most have, and search for the headline.