To Catch a Thief: Talking Fraud with Ken Miller

For seven years, Ken Miller was responsible for risk and fraud management at PayPal. Today, Miller is CEO of 19-month-old Anchor Intelligence in Mountain View, a third party to about 50 or so ad networks that pay Anchor (known as FraudWall until late last year) to analyze its Web traffic and identify cases of click fraud.

Anchor is another of Ron Conway’s companies. Conway cofounded it along with Miller and Jim Pitkow, a longtime friend and investor who was most recently CEO of Moreover Technologies (it sold to Verisign in 2005 for $30 million, after raising $25 million).

It’s too early to speculate on Anchor’s future, but the market opportunity it’s chasing looks to be huge. Click fraud is the blight of the advertising universe, which is already shelling out about $25 billion a year in online ads — a number that research consultancy IDC predicts will double within five years. In the meantime, fraudulent clicking becomes more sophisticated by the minute.

Little wonder Anchor, which has raised $6 million, has an impressive lineup of backers, including Ram Shriram and Rajeev Motwani, both prolific angel investors who invested in Google alongside Conway; Jeff Jordan, CEO of the online reservation service OpenTable and a former eBay and PayPal executive; former Peoplesoft exec Peggy Taylor, and JK&B Capital.

I caught up with Miller yesterday, about the company, a newish IDC study, and whether or not fraudsters take it easier in the summer, like the rest of us.

First, why leave PayPal and start this company?

Miller: Well, I met Jim Pitkow [Anchor’s chairman and cofounder] through Ron, who I knew through a mutual friend. We all started to chat about what we could do in the space, and where online advertising was going, and what need there was for a trusted third party.

What’s your business, in a nutshell?

So you can imagine an ad network that’s displaying tons of ads all over the Internet has a need to ensure that it’s monitoring and screening and filtering who is clicking on its ads to ensure that the network is charging its own clients for legitimate clicks. A lot aren’t equipped to do that, though, or their systems are getting older, and they’re realizing that analytics and fraud aren’t their core competencies. That’s where we come in, providing them with real-time quality scoring systems. We can deconstruct each traffic event into over one hundred attributes, then use those attributes to score each event on a quality scale. That’s also how we identify malicious activity.

Your customers are ad networks?

Our clients are ad networks and search networks and [individual] advertisers.

Where does your software reside?

We integrate with a client’s existing web servers, billing systems, and reporting systems so that we can enable them to make real-time decisions.

And you charge these clients on a monthly subscription basis?

Processing is a per-click subscription.

Can you give me a range of per-click subscription prices, based on a few scenarios?

Pricing can really vary depending on a number of factors including type of integration desired, customization requests by the client, volume, real-time needs, and so forth. It’s generally easy to provide a quote after only one conversation with a customer.

Drat. Okay. What do you make of the recent IDC study that found overall internet advertising revenue will double from $25.5 billion in 2007 to $51.1 billion in 2012. If IDC is right, that’s an awfully big jump in not a lot of time.

It is a big jump, but a jump that’s easy to believe. It was just reported yesterday that we’ve crossed the 1 billion PC mark worldwide, and that number is expected to double by 2014. What that means is a significant increase in both eyeballs and ad inventory. But, at this point, the growth to $50 billion is still an opportunity and not a certainty.

With the online advertising industry maturing and advertisers increasingly shifting a meaningful portion of their ad budget to the Internet, there’s a new set of expectations and accountability that comes with that for all parties involved.

And you’ll be there to protect them?

We’ll be there to protect and optimize ROI and growth by providing transparency and accountability for all parties involved.

Are you currently raising another round in anticipation of what’s to come?

No, we’re not currently looking to raise additional funds.

What about the several other startups targeting the same problem, like Authenticlick and Click Forensics? What do you do differently?

We’ve focused on several things here at Anchor: Our massive network of data and shared intelligence on both good and bad actors that feed into all our scoring systems; a real-time scoring system that can handle any volume of traffic; and what I think is unmatched analytical rigor. We’ve assembled a team of technicians and scientists from financial services, payments, academia, and search, and it’s as good as the team I had at PayPal.

There’ve been recent lawsuits against Yahoo and CitySearch around quality and fraud. What services are each using to audit their traffic, and if not yours, have you reached out to them, or vice versa?

I’ll let both those organizations speak as to how they address traffic scoring, but these lawsuits are definitely emblematic of the vulnerability to the IDC projections and reinforces the role we’re filling.

Is there anything that tends to slow down malicious behavior? I don’t suppose fraudsters go on summer vacation with their families?

These guys are operating all over the globe, at all hours of the day, and usually doing it in a highly automated way, using computer scripts and multiple machines. In fact we’ve detected a strong shift recently where they are using more techniques than ever to try and resemble common Internet usage patterns. Things like spreading out their click activity over days and weeks, conducting clicks during traditional peak periods for legitimate users, and randomizing the location they “appear” to be clicking from.

Those bastards. What kind of fraud is most common?

There are many, many incarnations of fraud activity, how it’s conducted, and what the incentive is. But at its core the most common buckets of fraud activity are content publishers’ sites that generate artificial clicks to make money or companies generating artificial clicks on their competitor’s ads to deplete a competitor’s ad budget and/or damage the competitor’s ad position and ranking.

Where are you seeing new schemes pop up?

In particular, the industry is seeing a ton of growth in ad inventory through organically generated content like blogs and social networks. It’s an explosion of the long tail, and that growth is exciting, but fraudsters are aggressively targeting these types of sites as a way to game the system, make money, and exploit unsuspecting ad networks.

Are certain types of advertisers more susceptible to fraud than others?

The reality is all advertisers are vulnerable to attacks and ROI hits. The issue cuts across advertisers of all size, keywords, and ad types, though it’s fair to say fraudsters often disproportionately attack both highly common keywords, and high-priced keywords, like “lending,” “insurance,” and “real-estate.”

Ron Conway is a cofounder. What does that mean? How active is he?

Ron is super involved. We have weekly management meetings that he participates in. We chat daily. He’s not involved operationally but in terms of leading a lot of our business development opportunities, he does a lot. If you can imagine it, he’s also been the driving force behind our fund-raising activities.