On the Security of Pay-Per-Click and Other Web Advertising Schemes next up previous
Next: Introduction

On the Security of Pay-Per-Click
and Other Web Advertising Schemes

Vinod Anupam Alain Mayer Kobbi Nissim Benny Pinkas[*] Michael K. Reiter
Bell Laboratories, Lucent Technologies Department of Computer Science and Applied Math Bell Laboratories, Lucent Technologies
Murray Hill, NJ, USA Weizmann Institute of Science, Rehovot, Israel Murray Hill, NJ, USA
{anupam, alain}@research.bell-labs.com {kobbi, bennyp}@wisdom.weizmann.ac.il reiter@research.bell-labs.com

Abstract:

We present a hit inflation attack on pay-per-click Web advertising schemes. Our attack is virtually impossible for the program provider to detect conclusively, regardless of whether the provider is a third-party "ad network" or the target of the click itself. If practiced widely, this attack could accelerate a move away from pay-per-click programs and toward programs in which referrers are paid only if the referred user subsequently makes a purchase (pay-per-sale) or engages in other substantial activity at the target site (pay-per-lead). We also briefly discuss the lack of auditability inherent in these schemes.

Keywords: Electronic Commerce, Secure Systems, On-line Advertising, Pay-Per-Click.



 

Mike Reiter
3/9/1999