A large number of enterprises employ third party marketers (affiliates) to advertise their products. The affiliates make money when a product is sold though their advertising. The affiliate depends on web cookies they place on a customer’s computer to identify which affiliate has contributed to the sale. A cookie is a piece of data stored in a browser that contains some information. Websites read cookies to recognize users and obtain related information. It is possible for dishonest affiliates to insert their cookies onto computers without the user being aware. The dishonest affiliates will then receive a commission from purchases that have nothing to do with advertising. This is known as ‘cookie stuffing’ fraud. E-retail businesses lose money due to paying commissions to services that have not increased their revenue.
Chachra, Savage and Voelker investigated cookie-stuffing fraud in affiliate marketing networks. They surveyed affiliate cookies at a large scale using a browser-based tool to identify cookie stuffing.
The researchers chose six large affiliate programs as data domain. An affiliate program is a platform that builds connection between affiliates and organizations. After a purchase is made, the affiliate program extracts cookies from the user’s browser and identifies the related affiliates. Researchers employed 74 volunteers to install software to collect affiliate cookies. They classified each of the cookies by affiliate program. Then they used a program that collects web pages to search for stuffed cookies in 475 000 domains.
They found that dishonest affiliates had targeted most affiliate programs. CJ Affiliate and Rakuten LinkShare were the two most severely affected. It appeared that dishonest affiliates were more likely to target apparel and accessories e-retailers than other merchants. The large scale study collected 61 normal affiliate cookies and 0 stuffed cookies during a two-month period. Half of these affiliate cookies were from the Amazon Associates Program. A limited amount of cookie stuffing was observed and a small number of affiliates dominated the affiliate market.
Although cookie-stuffing fraud is not common, it is a novel type of fraud. Affiliate programs and their users do not suffer direct losses from this fraud, but the merchant does. Organizations should pay more attention to affiliate marketing security. If an enterprise is planning to use affiliate marketing, an in-house affiliate marketing program is recommended due to the greater transparency of the affiliate activities and revenue flows.
If your enterprise is using affiliate marketing, keep an eye on revenue flows.