In the burgeoning field of internet commerce, affiliate programs are a popular way for online merchants to expand visibility and increase sales. An affiliate program may reward a third party (referred to as the affiliate) for directing a customer to a merchant, usually with a percentage of the sale or other small fee upon completion of a qualifying transaction. In the case of an online merchant, the affiliate may direct potential customers to the merchant by providing a web link to the merchant, referred to herein as a referral link. The referral link may direct potential customers to the home page of the merchant or to a particular product page. In order to properly compensate the affiliates, the merchant may track the referrals. For example, the referral link may include a unique identifier of the affiliate. After a user has clicked on a referral link, the merchant website may store or update a cookie in the memory of the user's browser such that the cookie includes the unique identifier of the referring affiliate. When a transaction with the user is completed, the online merchant may then refer to the contents of the cookie to determine the identity of the affiliate to be compensated for the referral.
However, affiliate programs may be susceptible to various types of fraud. For example, in the fraudulent practice known as “cookie stuffing,” an affiliate may cause a user's browser to visit an online merchant without the user's knowledge. The affiliate may cause the merchant's website to be loaded in the user's browser in a manner that is difficult for the user to detect, such as by loading the merchant's website in a very small frame in a web page provided by the affiliate. Even though the user may be unaware of the visit to the merchant, the user's cookie may be updated by the merchant to include the identifier of the affiliate. If the user completes a transaction with the merchant at a later point in time, the affiliate may be improperly compensated for the illegitimate referral. In a similar type of fraud known as “history stuffing,” an affiliate may cause a user's browser to visit a particular product page at on online merchant without the user's knowledge. If the history stuffing is not detected by the merchant, the improperly visited product page may be advertised to the user as a previously visited page. In yet another fraudulent practice known as “clickjacking,” clicks (e.g., button selections) or keystrokes may be hijacked through the use of multiple layers to disguise the identity of the user interface element being used to capture user input. As a result of the clickjacking, any number of undesirable actions or transactions may be performed without the user's knowledge or consent. For example, the user's browser may be redirected to another page without the user's consent, the user's confidential data may be captured by a third party without the user's knowledge, or the user may otherwise be deceived into taking an action.
Some prior approaches have used a client-side scripting language such as JavaScript to detect fraudulent practices such as cookie stuffing and history stuffing. In some cases, for example, a script running in the client browser may detect the use of child frames to load a merchant's web page. However, some browsers are configured to disable JavaScript. If the client-side scripting environment is disabled, then the merchant may be vulnerable to the various types of fraud discussed above.
Accordingly, it is desirable for online merchants to have techniques for detecting illegitimate or fraudulent affiliate referrals as well as other fraudulent activity.
While embodiments are described herein by way of example for several embodiments and illustrative drawings, those skilled in the art will recognize that embodiments are not limited to the embodiments or drawings described. It should be understood, that the drawings and detailed description thereto are not intended to limit embodiments to the particular form disclosed, but on the contrary, the intention is to cover all modifications, equivalents and alternatives falling within the spirit and scope as defined by the appended claims. The headings used herein are for organizational purposes only and are not meant to be used to limit the scope of the description or the claims. As used throughout this application, the word “may” is used in a permissive sense (i.e., meaning “having the potential to”), rather than the mandatory sense (i.e., meaning “must”). Similarly, the words “include,” “including,” and “includes” mean “including, but not limited to.”