I would like to build an Advertising project with PHP, MySQL, and Javascript. I am talking about something like…
- Google Adsense
- BuySellAds.com
- Any other advertising platform
My question is mainly, what do I need to look out for to prevent people cheating the system and any other issues I may encounter?
My design concept. An Advertisement is a record in the Database, when a page is loaded, using Javascript, it calls my server which in turn will use a PHP script to query the Database and get a random Advertisement. (It may do kore like get an ad based on demographics or other criteria as well) The PHP script will then return the Advertisement to the server/website that is calling it and show it on the page as an Image that will have a special tracking link.
I will need to…
- Count all impressions (when the Advertisement is shown on the page)
- Count all clicks on the Advertisement link
- Count all Unique clicks on the Advertisement link
My question is purely on the query and displaying of the Advertisement and nothing to do with the administration side. If there is ever money involved with my Advertisement buying/selling of adspace, then the stats need to be accurate and make sure people can't easily cheat the system. Is tracking IP address really the only way to try to prevent click fraud?
I am hoping someone with some experience can clarify I am on the right track? As well as give me any advice, tips, or anything else I should know about doing something like this?
Best Answer
Nobody has paid for "random advertisements" since 1998.
Serving random advertisements is a useless endeavor. How valuable are feminine product advertisements on sites aimed at men, or vice a versa. I would say they have negative value to me as an advertiser. Doing more sophisticated ad delivery implies a much more sophisticated set of metadata about the viewer, that is for all purposes anonymous unless you are Google in 2012.
PHP and RDMBS for systems like this don't scale.
See what Mochigames did for their in house custom Ad distribution server solution. hint: it isn't PHP or traditional database based.
IP Addresses aren't good for anything other than what they were designed for.
Tracking IP Addresses is the absolutely wrong way to approach this problem. IP Addresses are for routing to its location, nothing more. They are not a globally unique id, and are less than useless as such.
IP addresses aren't unique because of NAT.
IP addresses aren't unique because of spoofing.
IP addresses aren't unique because of anonymous randomizing proxies.
IP addresses are useless in detecting bot nets, the most common click fraud mechanism.
IP addresses are useless in detecting human nets as well.
Deep Pockets
Google and the other big players spend 10s of millions of dollars on this problem every year, maybe more. They can't stop it with all that money and Phd.s in pocket, I doubt some PHP and client side Javascript ( which by definition is useless ) would have any impact at all.
The only way to detect and marginalize click fraud is to apply very sophisticated machine learning algorithms ( this is where the Phd comes into play ) after the fact to look for very broad patterns of behavior ( this is where the money comes into play ) and have that algorithm adapt over time to become more accurate.
Some Click Fraud Acceptance is Inevitable
But even then you have to tune the results in favor of false negative, that is you have to be willing to accept some actual click fraud, because not paying for false positives would completely undermine your trust worthiness to your legit customers.