If you have been contacted by a brand regarding Attribution Risk, here is a quick reference to the Reason Codes that impact.com uses to break down potentially suspicious behavior.
What does it mean?
Clicks and actions with this pattern are commonly seen when bad actors generate fake clicks on a high volume of unsuspecting user's devices in the hopes that one of them will organically convert, winning the bad actor credit for that conversion, which most likely would have been an organic event. In this scenario, the bad actor is employing a hit and hope type approach like click flooding, with no means of knowing what may or may not convert. The more users/devices that clicks are generated on, the more likely it is that one of those users will convert, which is why we typically see a much lower conversion rate and high volumes of non-converting users with clicks.
How is it determined?
This is a probabilistic methodology that looks for a combination of a low conversion rate either over the last 3 or last 15 days (num_clicks_per_action_3day OR num_clicks_per_action_15day) AND a high number of users that never convert (num_clicks_to_action_userlevel_15days OR num_clicks_per_user_publevel_3day) for the Partner/SharedId.
These metrics are available on the Attribution Risk Details report. Learn more about the Attribution Risk Details report.
What is considered low/high?
Statistical outliers when compared to the mean values for the program for clicks per action and clicks per user.
What should I do about this?
Our general recommendation for this flag would be to optimize away from this source as it is less likely to be providing incremental value and more likely to be claiming credit that is not legitimately earned. See Take Action Against Attribution Risk for more guidance.
False Positives
This pattern can also be seen with incentivized traffic (if a user is earning points of some kind of reward for clicking on links), so if you have an agreement with a partner to use this method, then you can consider disregarding this flag. It's also possible that this is just poor quality traffic or the Partner is not targeting the right kind of audience that would be interested/able to purchase your products/sign up to your service. If you have any other reason to believe this is a false positive, please reach out and let us know by using the help icon in the bottom right hand corner in your account.
What does it mean?
Click to action times follow an expected distribution in terms of time for the typical user journey in your program. In many cases this is relatively close to the action and a longer tail of clicks further away from the action. In some use cases e.g. travel, clicks can be a lot further away from the action, and this trigger may have less value.
When the majority of clicks for a partner are further away from an action than the typical user journey in your program, this can be an indicator that clicks are being faked or may be happening in the background on unsuspecting users' devices. In this scenario, the bad actor is employing a hit and hope type approach, with no means of knowing that a user may or may not convert, hoping that they eventually do and often winning credit from an otherwise organic action.
Since it's just pot luck that the user does convert, clicks will tend to be further away from the actions, as more unsuspecting users convert organically over time. Rather than flooding devices with clicks (low intent), the clicks may be generated in a way that targets a user's normal browser clicks - with hidden landing pages for example.
How is it determined?
This is a probabilistic methodology that looks for a combination of long click to action time for the action (click_to_action) AND a long click to action time for the majority of actions over a 3 or 15 day period (cta_median_3day OR cta_median_15day) for the partner.
These metrics are available on the Attribution Risk Details report. Learn more about the Attribution Risk Details report.
What is considered long?
A statistical outlier compared to the rest of your program data for click to action time.
What should I do about this?
Our general guidance for this flag would be to optimize away from this source as it is less likely to be providing incremental value and more likely to be claiming credit that is not legitimately earned. See Take Action Against Attribution Risk for more guidance.
False Positives
If the partner is using a promotional method that you think is likely to result in statistically longer click to action times than your other partners, you might opt to disregard this flag for that partner.
It is also possible that if a partner has recently stopped promoting your product or service, the click to action times will increase as the remaining clicks continue to attribute actions while they are still valid. Naturally, more of these clicks will be further away from the actions in time. If you have any other reason to believe this is a false positive, please reach out and let us know by using the help icon in the bottom right hand corner in your account.
What does it mean?
When there are abnormally high numbers of clicks on for the device/browser for a partner or shared id compared to your program averages, it can be an indication that either the device has been compromised and that multiple fake clicks are being generated for these devices, or that the device details themselves are being spoofed to mask real data. This is another hit and hope type tactic that a bad actor may use also resulting in a low conversion rate, as users will register inflated numbers of clicks.
Since we might also see inflated clicks if a user is searching for different offers on competing partner sites, this trigger will only flag if the number of partners in the conversion path is within the normal range.
How is it determined?
This is a probabilistic methodology that looks at for a high number of clicks on a specific device/browser - (num_clicks_to_action_userlevel_15days OR num_clicks_per_user_publevel_3day) and a low conversion rate for the partner (num_clicks_per_action_3day OR num_clicks_per_action_15day) with a normal number of different publisher clicks in the conversion path for an action (num_pubs_per_user_15days).
These metrics are available on the Attribution Risk Details report. Learn more about the Attribution Risk Details report.
What is considered high?
A statistical outlier compared to the rest of your program data for user level clicks and number of clicks per action.
What should I do about this?
Our general recommendation for this flag would be to optimize away from this source and reverse actions flagged as risk for this source unless you have good reason to believe this behavior is human. See Take Action Against Attribution Risk for more guidance, or to set up automatic reversals.
False Positives
While the occasional action may be flagged as a false positive, this is a very robust trigger and even at 1-2% risk you can be confident that this is not human. If you have any reason to believe this is a false positive, please reach out and let us know by using the help icon in the bottom right hand corner in your account.
What does it mean?
As with Long CTA, when the majority of clicks for a partner are further away from an action than the typical user journey in your program, this is an indicator that clicks are being faked since they don't follow the expected human distribution. When that is combined with an exaggerated number of clicks for each action compared to the rest of the program, this is a further indicator that fake clicks are being generated by the Partner/Shared Id, and that other partner's legitimate clicks may be at risk of losing out on credit.
How is it determined?
This is a probabilistic methodology that looks for a statistically long click to action time for the event and Partner: ( Click_to_action_hrs AND (cta_median_3day OR cta_median_15day)) AND an inflated number of clicks per action for the partner - num_clicks_per_action_3day OR num_clicks_per_action_15day.
These metrics are available on the Attribution Risk Details report. Learn more about the Attribution Risk Details report.
What is considered long/high?
A statistical outlier compared to the rest of your program data for click to action time and the number of clicks in a path for each action.
What should I do about this?
Our general recommendation for this flag would be to optimize away from this source and reverse actions flagged as risk for this source unless you have good reason to believe this behavior is human. See Take Action Against Attribution Risk for more guidance.
False Positives
`This is a very robust trigger, but if you have any reason to believe this is a false positive please reach out and let us know by using the help icon in the bottom right hand corner in your account.
What does it mean?
When there are abnormally high numbers of clicks on for the device/browser for a partner or shared id compared to your program averages, it can be an indication that either the device has been compromised and that multiple fake clicks are being generated for these devices, or that the device details themselves are being spoofed to mask real data. This is another hit and hope type tactic that a bad actor may use also resulting in a low conversion rate, as users will register inflated numbers of clicks.
1. Mobile Devices
Android devices have a broadcast feature, which can be taken advantage of by malicious apps. The malicious code detects when a new app is being download and it will inject an affiliate click at this point. Since the install is typically only registered when the app is opened for the first time, the click will generally fall before the Install thus winning credit for the event. Since this is a very targeted approach you will see a higher conversion rate and click to action times skewed very close to the install action, often as unrealistically close as 0-1 seconds.
2. Web Conversions
Web click injection typically happens when a toolbar extension contains malicious code. The extension will monitor browser activity to see when the user visits a website that contains affiliate links. It may monitor for the user visiting the basket or checkout pages in order to try to ensure it is the last click. This will typically result in a higher conversion rate with clicks abnormally skewed closer to the action.
How is it determined?
This is a probablistic methodology that looks for a short click_to_action time (clicks_per_action_3day OR num_clicks_per_action_15day) and a high conversion rate (low num_clicks_per_action_3day OR num_clicks_per_action_15day)
These metrics are available on the Attribution Risk Details report. Learn more about the Attribution Risk Details report.
What is considered short?
Web is currently fixed at 36 seconds, while Mobile is currently fixed at 32 seconds.
What should I do about this?
Our general recommendation for this trigger would be to optimize away from this source and reverse actions flagged as risk for this source unless you have good reason to believe partner's promotional methods will result in these patterns legitimately. See Take Action Against Attribution Risk for more guidance or to set up automatic reversals.
False Positives
If the partner is using a promotional method that you think is likely to result in shorter click to action times than your other partners, you might opt to disregard this flag for that partner.
This reason code does not currently account for Cashback, Loyalty and Reward type partners who may typically have shorter click to install types as users search for promotions before finally checking out on their purchases.
If you have any other reason to believe this is a false positive, please reach out and let us know by using the help icon in the bottom right hand corner in your account
What does it mean?
The click has been triggered by an image pixel loading on a web page rather that from the action of a user clicking on the link. It's a technique that bad actors use to create clicks on a user's browser without them noticing.
How is it determined?
This is a deterministic trigger that looks for specific information in the details of the click request, which impact.com picks up and flags.
What should I do about this?
impact.com automatically filters these clicks out of your program so you do not need to do anything.
False Positives
There are a few special cases where partners that you may have integrated on your website will generate a click via an image in order to not interrupt the user experience when a user interacts with their service. These scenarios have been accounted for so they will not be filtered out.