Affiliate fraud is a growing concern for online marketers. Here’s how it works, and a primer on choosing the right prevention tools.
Table of contents
- What is Affiliate Fraud?
- How Does Affiliate Fraud Work?
- Example of Affiliate Fraud
- How Affiliate Fraud Impacts Businesses
- 3 Ways to Stop Affiliate Fraud
- Affiliate Fraud Software Solutions
- Frequently Asked Questions (FAQ) About Affiliate Fraud Detection
What is Affiliate Fraud?
Affiliate fraud includes any attempt to take advantage of marketing opportunities with your company. It can be performed by sending junk traffic to your site or using bots to trigger affiliate rewards. In any case, it is a relationship with an affiliate where the other party is using deceiving practices to take money from you.
How Does Affiliate Fraud Work?
Affiliate fraud can follow many schemes, which depend upon your payment model:
- Cost-per-acquisition (CPA): the affiliate gets paid upon fulfilment of a sale. Huge CPA businesses include MoneySuperMarket and TripAdvisor, amongst others. Fraudsters will use stolen IDs and credit card numbers to finalize the conversion, often using bots to automate the process. This can incur huge chargeback fees for your company.
- Cost-per-lead (CPL): the affiliate gets paid upon completion of a registration form, subscription to a newsletter, or simply by delivering the right user data. Unscrupulous affiliates will deliver bad customer data, use bots to fill forms, and even give you opt-out lists instead of opt-ins.
- Cost-per-click (CPC): affiliates receive a rate based on the number of ad clicks. Fraudsters use bots to automate clicks, and find ways to direct unsuspecting users towards the clickable link.
- Cost-per-impression (CPM): the M in that case, stands for Mille, referring to every thousand impressions. Fraudsters will create fake websites and use bots to increase the number of ad “views”, and even layer multiple ads on top of each other to count as impressions.
- Influencer model: you offer freebies to an online personality with enough of an audience. But of course, here again fraudsters have no qualms about creating fake accounts and boosting their numbers with bot views and comments. A whole cottage industry of social profile boosting exists for that purpose.
Example of Affiliate Fraud
Let’s look at an example we’ve encountered multiple times in the iGaming world. The iGaming industry is susceptible to affiliate fraud, simply because it needs affiliate marketing more than other types of businesses (Google ads don’t allow online casinos and gaming sites, for instance).
- Fraudsters sign up to your referral program
- They purchase stolen ID data on the darkweb
- Bots automate the signup process on your site, using stolen IDs
- Sophisticated bots can even replicate human behavior (browsing, transactions, etc)
- Fraudsters get a referral fee; you are left with bad users
Let’s break it down in detail.
In this scenario, the gaming company has set up an affiliate program with a CPA model. The action required, or KPI, is a user registration on the site. They will need to enter their details (full name, email address), and verify their age (a legal requirement).
Because of the fact that reducing friction is primordial, some operators will try to wait until the withdrawal stage to provide ID verification.
Now, a fraudster signs up to become an affiliate.
Their first goal is to bring in legitimate traffic to the site. It can be done with domain spoofing, where they create fake landing pages that look like legitimate ones. Users who end up on these fake pages are redirected toward the iGaming site. If some of them sign up, that’s a plus for the fraudsters.
But to ensure they get the reward, fraudsters can rely on multi-accounting. They will source stolen IDs from data breaches purchased on the darknet. By using bots, they can automate the process and scale it to their liking.
Because all the conversions appear legitimate and from different users, the fraudsters receive high payments, but meanwhile, your business has to live with the consequences.
How Affiliate Fraud Impacts Businesses
According to Juniper’s Future Digital Advertising: Artificial Intelligence & Advertising Fraud 2019-2023, advertisers’ total loss to fraud will rise to $100 billion by 2023. And most of it is to blame on affiliate fraud.
If it affects your business, the best scenario is that you realize you’re wasting marketing money on the wrong people and cancel the contract.
But the problem is that by the time you perform a review of the affiliate’s performance, it’s already too late.
- Bots will play havoc with your analytics.
- You waste precious marketing dollars.
- Campaigns’ KPIs are harder to measure.
And for the worst-case scenario: you also put yourself at the mercy of KYC or AML fines. If your bad affiliates go all the way to the transaction stage, you’re also left in a lurch when it comes to processing chargeback fees.
Finally, let’s not forget that you could also be losing money if you offer signup bonuses. There is an overlap between affiliate fraud and promo abuse, which bad agents will only be too happy to exploit.
3 Ways to Stop Affiliate Fraud
If affiliate fraudsters are targeting your business, you want a three-pronged approach to check the quality of your marketing partner. Ideally, your fraud prevention solution should be able to deliver the following tools:
Monitor the Traffic
The first step is to keep track of traffic quality. Make sure your system allows you to log affiliate IDs, and that you get an accurate view of how many of the users they bring. You should also know how many of their visitors go through the conversion stage successfully.
In the screenshot above, we can clearly see that each merchant (or affiliate) brings in users whose transactions are approved, reviewed, or declined. These three results can of course be automated by your fraud prevention system.
But the key point is that after logging every conversion for a while, you’ll have enough data to start separating good affiliates from bad ones.
But what if you want to block fraudulent traffic before it enters your system? You can look at device fingerprinting.
Enable Device Fingerprinting
Each user that lands on your conversion page will arrive with some data. We call it a digital footprint, and it includes the configuration of their software and hardware.
Now with a device fingerprinting module on your site, you can create IDs for these configurations, and see when anything looks suspicious. For instance:
- Has this exact configuration already been found on your site? There is a possibility you could be dealing with a fraudster trying to fool your system with multi-accounting.
- Does the device point to an emulator like FraudFox, Kameleo, Linken Sphere, MultiLogin or AntiDetect? These are tools favoured by fraudsters who use bots to abuse affiliate programmes on a mass scale.
Combined with other data enrichment tools, you will be able to build a pretty complete profile of your users – all in real-time.
Note that device fingerprinting is also a fantastic tool for curbing bonus abuse, for instance in the gambling world, or even to reduce chargeback rates and manual reviews.
In fraud detection, the behavior is tracked via a series of risk rules. Every time the user data is checked against the rule, a risk score increases or decreases.
The most obvious example would be a standard IP analysis. Is the user’s IP address pointing to the same location as the cardholder’s address? But you can of course get much more sophisticated with the rules:
- How many connection attempts did they make per hour?
- How fast did they complete the fields on your signup form?
- What was the average time it took them between landing on your conversion page and going to checkout?
When it comes to risk rules, the sky’s the limit, and this is where having a talented team of fraud managers can make all the difference. Provided, of course, that your fraud management system allows you to create risk rules manually – or to get suggestions from a machine learning engine.
Affiliate Fraud Software Solutions
Cutting through the noise is harder than ever for marketers, and things are made more complicated by fraudulent affiliates. The thing is: affiliate marketing is more important than ever for modern online businesses. We live in the age of comparison websites, Youtube influencers, and heightened customer expectations for sourcing engaging content.
The good news, however, is that affiliate fraud software solutions are faster, easier, and more affordable than ever.
Using a simple combination of decent traffic monitoring, device fingerprinting, and tailored risk rules such as SEON’s solution, you should be on your way to flag bad partnerships and focus on the best ones that can really help grow your business.
Frequently Asked Questions (FAQ) About Affiliate Fraud Detection
According to Juniper, advertisers’ total loss to fraud will rise to $100 billion by 2023.
To detect fraudulent affiliates, you must log the quality of the traffic they bring to your website. It’s important to keep track of your conversion rates, but also of the typical user behavior. Monitoring data points relating to user behavior allows you to flag suspicious traffic that comes with affiliate fraud.
You might also be interested in reading about:
Learn more about:
See a live demo of our product
Tamas is the founder and CEO of SEON and an expert in all the technological aspects of fraud prevention.