RE: SOX Requirements RE: ACTION-216 - Financial Reporting "Exceptions"


I don't want to say too much here but please understand inconsistency in standard signals such as UID/IP address and other factors in themselves can help distinguish fraudulent activity.

- Shane

-----Original Message-----
From: Tamir Israel [] 
Sent: Tuesday, August 21, 2012 2:12 PM
To: Dobbs, Brooks
Cc: Shane Wiley; Lee Tien; Craig Spiezle; 'Chris Mejia'; 'David Wainberg'; 'Jonathan Mayer';; 'Nicholas Doty'
Subject: Re: SOX Requirements RE: ACTION-216 - Financial Reporting "Exceptions"

OK, thanks again, Brooks (and Chris). And I understand why perhaps it isn't wise to discuss in too great details on a public forum.

I'll just ask that you folks think about the added utility of UID/IP addresses, given that a determined fraudster can delete the first and proxy the 2nd.

And with respect to IP addresses, I think this is one that remains in the 'to be decided' pile of the DNT definition .....

On 8/21/2012 5:01 PM, Dobbs, Brooks wrote:
> Tamir,
> So to be clear people don't publish there "secret sauce" on how they 
> identify and remove click fraud, or to be more politically correct 
> "low quality" clicks.  So your question is - do UIDs fix his problem.
> Obviously not knowing the secret sauce I can't specifically answer HOW 
> they help, but I can say they are part of the solution.  With clicks 
> selling for real values in whole dollars and even upwards of tens of 
> dollars, you need to make sure that, for instance, the same user can't 
> create a charge for more than one click.  This presupposes that you 
> can identify "same user".  You may also need to know who someone 
> isn't, as you wouldn't want someone who financially benefits from the 
> click to do the clicking.  The more data you have, the better job of 
> determining the quality of the click.  Now I use click here as an 
> example, but the same really holds true for ad views as well; it is just a question of scale.
> So yes cookies are deleted and some folks have no cookies, but all 
> this can be used to create heuristics that build confidence.  If you 
> don't log IP and you don't log cookies this confidence is pretty hard to come by.
> -Brooks

Received on Tuesday, 21 August 2012 21:17:46 UTC