Out of Commission by Chris Trayhorn, Publisher of mThink Blue Book, January 1, 2007 How to Limit Commission Theft Find a trusted network and merchants. Ask other affiliates about their experiences with network partners, and if you are not being protected, take your business elsewhere. Likewise, if a merchant partner advertises via adware that is known to facilitate commission theft, you may be better off without them. Study your reports yourself for anomalies such as drops in conversion rates. Look at your server logs as well as network analytics to identify inconsistencies between the ratio of customers who appear to purchase and your commissions. If you are driving traffic but people suddenly aren’t buying, it may be a problem of theft. Test the software yourself. Even though isolating a computer and infecting it with suspicious software is a hassle, what you learn will be invaluable. Watching the activity when visitors come to you or your merchants’ websites will enable you to understand the scope of the problem. Educate yourself through affiliate marketing forums and the legal landscape. Affiliates and software experts are the best source of information available. While there is some misinformation, being well-versed in the issues is your best defense. Several court cases are pending that could decide the legality of overwriting commissions. Tell customers not to download software that you suspect is assisting commission theft. If the evidence convinces you that some free applications are harming your business, advise your current and potential customers not to use it. We all operate to a great degree on trust. Whether you are an affiliate, advertiser, network or merchant, being able to succeed in business largely relies on others adhering to their written or implied agreements. We assume that most people will be honest and not interfere with our transactions. “The overwhelming issue [in affiliate relationships] is about trust,” says Joseph Matheny, chief technical officer of advertising network AdValiant. But unfortunately that trust continues to be violated by some who capture commissions rightly due to others or take credit from a merchant that is not earned. “There are those who haven’t bought into the rules of affiliate marketing,” Larry Adams, product manager for Performics, says. Subversive software, the anonymity of hiding behind affiliate IDs and sneaky scripting on websites make it easy to steal commissions and avoid detection. The potential to redirect commissions without fear of prosecution “provides a strong financial incentive not to follow the rules,” according to Adams, who says, “this is not a problem that is ever going to go away because there is economic opportunity.” While there are reporting and auditing tools that can flag some of the most blatant attempts at padding commissions, dishonest affiliates can marginally enhance their earnings from their partners with little fear of detection or repercussions. Scott Jangro, president of marketing services company MechMedia, estimates that loss of commissions due to theft is “in the single digits” and “part of doing business that you should expect.” Not-So-Grand Larceny Commission theft generally falls into two categories: when tracking mechanisms meant to follow visitors from an affiliate or advertiser to a merchant are ignored or overwritten, or when someone claims a commission from a merchant for a transaction that they did not initiate. Unethical affiliates can stealthily overwrite competitors’ cookies during visits to their sites, or they can “advertise” with companies that disrupt the buying process by launching pop-up windows that falsely create commissions by erasing the true referring ID. Like its brother nemesis click fraud, commission stealing has existed since before the Web was dynamic and will likely always plague online marketing. In 2002, networks Commission Junction, Be Free (which was subsequently acquired by CJ) and Performics agreed to address the problem by creating a code of conduct for affiliates to follow. LinkShare developed it’s own formal code of conduct. CJ and Performics agreed that affiliates should insert a text identifier known as “afsrc=1” in their query strings to identify themselves to merchants and publishers. Affiliates and software developers should look for that string and back off from attempts to claim their own fees. Performics’ Adams says employing afsrc=1 “will protect against software used by a lot of marketers who play by the rules,” and distribute applications that respond accordingly when they detect the code. The affiliate code of conduct has been revised twice since its inception, and Adams still advises new affiliates to implement the afsrc=1 code. Implementing the afsrc=1 code “protects from a narrow class of programs” such as consumer rebate software like Upromise or eBates that follow the rules, according to attorney and adware/spyware expert Ben Edelman. But many adware companies do not conduct themselves along these guidelines, according to Edelman. Affiliates rely on the networks and each other for policing with “some affiliates paying bounties to those who turn in others,” he says. The afsrc=1 parameter and affiliate code of conduct is not enforced consistently and “gave too much wiggle room to the networks,” according to Kellie Stevens, president of Affiliate Fair Play. Stevens, whose company provides affiliate consulting services, says “afsrc=1 is now a moot point,” because it is not uniformly implemented and is ignored by adware applications. “Many affiliates have no idea [about afsrc=1] and don’t know they are supposed to be using it,” according to Stevens. Adware from companies such as Zango (formerly known as 180solutions) and DirectRevenue enable their advertisers, who are affiliates or merchants, to insert pop-up windows that can interrupt the buying process and cancel commissions from other affiliates and/or create commissions for themselves. These applications, which consumers download in order to receive free software, music or videos, have led to several lawsuits (some of which were dismissed) claiming unfair business practices. Zango recently settled a case with the FTC over charges of deceptive practices with consumers and paid a $3 million fine, but did not admit guilt. Dave Methvin, software expert and chief technology officer of PCPitstop.com, began studying how Zango’s software works because customers who had their PCs scanned at his website were emailing him about problems browsing the Web. “It became a crusade because so many of our users had infected computers,” he says. Methvin installed the Zango software and watched as his visit to a Verizon website was interrupted by a pop-up window that created a commission for an affiliate whose site he had never visited. “When I started the transaction, Verizon wouldn’t have owed anyone a commission,” he says. “Clearly there are unfair things going on,” says Methvin, who likened Zango’s enabling of partners to interfere with affiliate relationships to someone who provides a criminal with a gun and bullets but doesn’t want to be held accountable when it is used in a crime. Zango’s software looks for keywords contained on a website or for specific URLs, and when found, launches a Web page or pages from affiliate websites in pop-up windows that have been observed to generate as well as overwrite commissions. Zango director of public relations Steve Stratz says his company’s software does not itself overwrite cookies or otherwise subvert affiliate commissions. However, Stratz confirmed that Zango’s terms and conditions with its advertisers does not prevent them from altering cookies or creating pop-up windows that interfere with transactions, and he has no intention of asking them not to. Stratz says Zango sells to its advertisers all of the URLs and keywords that are used by its clients to open up pop-ups, including pages that open up only when someone visits a merchant’s shopping cart. Zango’s software will load pop-ups when a trademarked product names appears on a page. “For us to regulate the world of cookies and the various and sundry ways that they are used goes beyond the scope of our mission as a company,” says Stratz. He says if companies want to protect their home pages or trademarks from pop-ups, they can always outbid their competitors. “We don’t apologize for the aggressive nature of our ad network,” Stratz says, adding that 200,000 people willingly download Zango software each day. (For more on Zango, see the Affiliate’s Corner column on page 94.) Network Protection Technology does not exist that can prevent cookies or affiliate links from being ignored or to proactively defend against commission theft, according to attorney Edelman. It is impossible to prevent cookies from being overwritten, although consumers can protect their computers by installing applications that detect adware or spyware. Since there is no panacea for protecting commissions, affiliates should employ the strategies for limiting loss, which foremost requires carefully selecting and working with your network partner. The primary responsibility for monitoring commission theft lays with the networks, according to Steve Sauve, chief technical officer of network MaxBounty. “The merchant is paying a network for a service, and it is our responsibility to do quality control,” he says. Sauve says that on average his company terminates two to three affiliates per month for commission stealing. In his experience defrauding merchants is a bigger problem than affiliates stealing from one another. “You need to actively monitor the network and watch to see where the traffic comes from,” he says. If an affiliate’s commission is out of alignment with the historical conversion rates, Sauve says the network should investigate. Performics’ Adams says networks need to be proactive to make certain that affiliates aren’t participating with adware software vendors. “One of the most transparent things is anomalous performance. If they’ve been in a network for a while without showing results, then jump up to the top 20,” then something is likely amiss, he says. Performics tracks daily and trailing averages, and has a network performance group to monitor how affiliates drive traffic. “Looking at geography [of the initiating IP address] is also a good clue [for identifying bogus commissions], as illicit activity is often offshore,” according to Adams. If affiliate reports show an unwarranted boost in performance, or if another affiliate has suspicions, Performics undertakes a remediation process to determine if the affiliate should be bounced from the network. Affiliate Fair Play’s Stevens says if an affiliate isn’t getting enough support from the network in battling lost commissions, then it is time to shop around. However, larger affiliates “have to participate with the big networks because they need big brands to draw the traffic.” She says that networks need to be more candid in instructing new affiliates about the occurrence of commission theft and more closely monitor the commission-reporting process. Merchants should aid affiliates by terminating relationships with those who are known to steal commissions, according to Stevens, but they are constrained by a lack of information. She says that if a dishonest affiliate is part of a large network, it may be hard to identify that specific affiliate, and so the merchant would be forced to terminate the entire network; a difficult decision if the network overall is performing well. Merchants sometimes make side deals with known cheats because of the revenue they generate, Stevens says. Networks such as ShareASale are drawing affiliates by being selective about the companies that they choose to do business with and promoting their “clean” affiliate relationships, according to Stevens. Selectivity According to AdValiant’s Matheny, networks could eliminate 50 percent of the lost commissions by caring for their affiliates properly. His company is developing MediaTrust, a custom link-generation technology that would make it more difficult for software to circumvent the referral process. Matheny, who has a background in Internet security, says that the system is similar to a public and private key system used in encryption software where each side (in this case the affiliate and the network) holds part of the information necessary to complete a transaction. The software, which is due in the first quarter of 2007, would make it more difficult for an application to fake a referral transaction. The best method for understanding if, or how, commissions are being stolen is for an affiliate to set up a test computer and install any suspicious software, according to Performics’ Adams. He recommends you visit your site and your merchants’ sites with the “infected” computer and watch for deceptive behaviors. Since the networks have offered little details about commission theft, affiliates should search forums and message boards for links to investigations of adware by software experts. “There is not a lot of centralized factual information,” advises Edelman, who says affiliate forums are the best places to start. Affiliate Fair Play’s Stevens says that lack of a concerted voice among those in the industry is hindering the fight against commission stealing. More sharing of information between networks would deter affiliates from bad behaviors because they wouldn’t find it so easy to hop from partner to partner, she says. AdValiant’s Matheny says he recently spoke with a competitor about starting a consortium for sharing information and establishing industry standards. Presenting a unified front amongst competitors would have a psychological effect, according to Matheny, if commission thieves believe that “we won’t let you get away with it.” Affiliates who take undeserved commissions “should be flagged,” by those in the industry, Matheny says. MaxBounty’s Sauve says his company would volunteer data about affiliates to a group effort, “but there would be a danger of false positives.” Sharing too much information would reveal how commission thieves are tracked and bad affiliates could use the knowledge to avoid detection, according to Performics’ Adams. His company prefers handling issues with clients privately to establishing a blacklist of affiliates who have cheated. “We wouldn’t want to throw them under the bus.” JOHN GARTNER is a Portland, OR-based freelance writer who contributes to Wired News, Inc., MarketingShift, and is the Editor of Matter-mag.com. Filed under: Revenue Tagged under: 15 - January/February 2007, Adware, affiliate networks, Commission, Cookies, CPA networks, Features, Fraud, mtadmin About the Author Chris Trayhorn, Publisher of mThink Blue Book Chris Trayhorn is the Chairman of the Performance Marketing Industry Blue Ribbon Panel and the CEO of mThink.com, a leading online and content marketing agency. He has founded four successful marketing companies in London and San Francisco in the last 15 years, and is currently the founder and publisher of Revenue+Performance magazine, the magazine of the performance marketing industry since 2002.