Cookie stuffing, cookie dropping, forced clicks, or cookie sprinkling is a blackhat marketing method used by affiliates to record tracking cookies on the end user’s machine, without the prior consent of the user, and with the purpose of creating an impression that the customer/user referral is to be attributed to the blackhat affiliate’s marketing.
Looking into the problem of cookie stuffing, Ben Edelman starts from the essence of how the affiliate marketing mechanism works, and only after that, gets to the core of the issue. Edelman writes:
Affiliate tracking systems are intended to pay commissions to independent web sites (“affiliates”) when users click through these sites’ links to affiliate merchants. Merchants are not intended to pay commission when users merely visit affiliates’ sites. Instead, commission ordinarily only becomes payable in the event that a user 1) visits an affiliate’s site, 2) clicks through an affiliate link to a merchant, and 3) makes a purchase from that merchant.
However, some affiliates use “cookie-stuffing” methods to cause affiliate merchants’ tracking systems to conclude that a user has clicked through a tracking link (and to pay commissions accordingly) even if the user has not actually clicked through any such link. If the user subsequently makes a purchase from that merchant — immediately, or within the “return days” period specified by the merchant’s affiliate program — the affiliate then receives a commission on the user’s purchase. [source]
Essentially, what happens is an abuse of the system by taking advantage of (a) the technological imperfections, and (b) the “last cookie gets the credit” rule.
Edelman gets into greater details and examples in his above-quoted text, and if you want to get a full picture of how bad things can get, I highly encourage you to take a few minutes to read through his text, and watch the videos he is using to back up his observations.
Additionally, it is important for me to emphasize here that cookie stuffing affects both (i) the affiliates in the program that has the cookie stuffer on board, and (ii) the merchant’s overall online marketing. With other affiliates, the blackhat affiliate overwrites their tracking cookies that have already been recorded on the customer’s machines (though pop-ups, toolbars, etc), hijacking the commission that legitimately belongs to other affiliates. With merchants, on the other hand, the cookie stuffer cannibalizes the other marketing channels that the e-business is employing. Watch Haiko de Poel’s videos here, and pay a special attention to how both the affiliates, and the merchants (the SEO and PPC achievements of the latter) get hurt.
Conclusion: by keeping a cookie stuffer aboard an affiliate program, you let them (a) hurt the program’s healthy development, and (b) distort the metrics of your other online marketing campaigns (making you overspend too!). The only method that works here is spotting them, and booting them out of the program.
I am fairly new to affiliate marketing and this is the first time that I have heard about cookie stuffing. This article seems to be almost a year old. Have the companies that offer the affiliate programs gotten more advanced to stop this form of “stealing”?
Bill, thank you for your question. Regardless of the “age” of the article, the problem is still a very real one. Speaking of “companies that offer the affiliate programs” and prevention of cookie stuffing, if you’re talking about affiliate networks: yes, there are several (ShareASale, AvantLink, buy.at) that openly stand against such techniques, and affiliate programs that are run on these platforms are less likely to have cookie stuffers on board. Having said this, much depends on the merchant’s own stance on the question. When in doubt, consult with fellow-affiliates in forums.
Thanks Geno. I guess there would not be any companies with affiliate programs that would promote this kind of marketing?
When a company knows what’s going on, they are generally against it. The problem is that it is not unusual for the company not to have any idea that they have a cookie stuffer on board of their affiliate program. That is why I’m posting what I’m posting. Education is still desperately needed in our industry.
There is no better word to explain cookie dropping than spam, fraud and all the bad words. Cookie are small files attached to a specific affiliate that allow it to be recognize by the merchant system. Due to the flaws of these systems affiliate use them to exploit merchants and fellow affiliates.
Although cookie dropping gives enough referral check, but it’s not a good ethic it’s black hat seo. It might you in trouble with search engines and merchants one day, so stay clear of it. Always practice white hat seo, it’s an honest way to make money on line.
I find the article quite interesting, however it is reasonable to take a look from another perspective. I am from Thailand and in our country, we have quite a few affiliate networks, and all of them work on an ad view basis – from your perspective “cookie stuffing” – that basically all merchants accepted.
The reason behind is that if you see the merchant’s ad (let’s say 50% off on a last minute vacation) on a website and don’t click, but go home, talk to your wife about it, and the next day go directly to the merchant’s website and make the purchase – the affiliate does not make any money. So to overcome this problem, Swedish affiliate networks provide their programs and revenues based on ad views (users get the cookie upon views and not clicks), but the returning days are usually only 1-3 days.
The “last cookie gets the commission” still works here, but since all affiliates are working based on the same system, it is quite fair. Honestly, I don’t see this that harmful, and again, these programs are all approved by the merchants.
I wonder if this is just unique to my country that the market has developed this way or are there affiliate networks like this in the US as well? Or are they all click-based?
Moses and Pal,
What are you talking about?
Read this article one more time!
Please!
Geno, хорошая статья! Спасибо.
Geno,
Does an iframe for setting the cookie open your website to vulnerability to attack?
Bill, just to clarify your question: you’re talking from a standpoint of an affiliate who uses iframes?
In case you’ve missed this: 2 cookie-stuffing affiliates are now facing the prospect of a 20-year imprisonment + significant fines (precisely for the above-described black hat technique of stuffing cookies in the eBay’s affiliate program). More in Kellie Stevens’ Affiliates Indicted For Cookie Stuffing post.
To generate those kind of commissions their stuffing must have been brutal and they may have used techniques that go beyond the simple popups that are mentioned on your post. This is cookie dropping on massive scale.
Pingback: Deceitful Tricks of Dark Affiliates
any website name u can suggest me to generate cookie stuff code…must be geniune one..
Sure: AffiliateFairPlay.com. Details here.
Thank you for this article. I’m new to the industry and appreciate a resource for learning! Can you suggest any other articles I should read if I’m new?
Thank so much,
Erin
Erin, if you are absolutely new to the industry you may find this compilation of help: Online Guide to Affiliate Marketing [for Merchants].
Also, take a look at my books on affiliate management (especially, the most recent one, “Affiliate Program Management: An Hour a Day”).
Additionally, we’d love to see you at our upcoming Affiliate Management Days in San Francisco on April 16-17, 2013.
Thank you Geno. All the advice is so much appreciated!
Best,
Erin