Prevent unwanted traffic in your program with ease

Prevent unwanted traffic in your program: Introducing the Event Risk reporting suite

Gain real-time insights into suspicious traffic with Event Risk—a new reporting suite that helps you eliminate non-human and fraudulent activity to create a safer environment for productive partnerships. Event Risk, found in the Protect section of the UI, includes three new reports: 

• Risk by Partner Report: Aggregate-level report showing revenue and payout risk by partner so you can understand the overall quality of users driven by each partner and isolate the highest-risk areas to take action.

• Action Risk Listing Report: Action-level report that helps you isolate and review specific actions flagged as high-risk.

• Same IP Actions Report:  Action-level report that makes it easy to identify when multiple actions are attributed to the same IP, allowing you to eliminate non-compliant activity. 
  

Each report gives you a unique viewpoint to identify, investigate, and eliminate unwanted activity from your program, so you can scale up with confidence. 

Flagging fakes to foil fraud

While the cost per action (CPA) payout model is much less vulnerable to fraud than, say, cost per click (CPC) or cost per lead (CPL), there are still ways that bad actors can attempt to game the system.

We have recently noticed a pattern of spoofed conversions being submitted to our system via our Universal Tracking Tag. Essentially, bad actors are taking advantage of the reward schemes of cashback and loyalty publishers by sending fake conversions through the JavaScript tag, attributing them to various cashback and loyalty publishers, and thereby generating fraudulent payouts for themselves through those publishers.

Anyone using a JavaScript tag to track conversions (on any platform or network) is vulnerable to this type of fraud—its not an impact.com-specific vulnerability.

We have developed a feature that compares each conversion against the expected pattern of your Order IDs and conversion page URLs. Actions that do not pass this validation will be tagged as “Conversion Spoofing” and will be automatically rejected. 

Moving forward, any actions that are rejected on this basis will go into a new “At Risk” tab, found under Pending Payouts in your left nav. You can then cross-reference these orders against your internal order log. If you determine any of these rejected orders to be legitimate, you can mark them as approved and they will be processed appropriately.

In most cases, we were able to detect an expected pattern for Order IDs or conversion page urls for legitimate orders. You can find the rules that we have set by visiting the new Conversion Spoofing Rules report in your account. If you do not see any rules set up for you, but you use the UTT and you know that your Order IDs follow a predictable pattern, please reach out to our support team and we'll configure a rule for you.

To learn more about these validation rules and the Risk Review report, please see these help articles:

• View Validation Patterns for Conversion Events

• Review At Risk Actions

The best way to immunize your program against this type of fraud is to upgrade to a server-to-server (API) integration. Besides preventing this sort of fraud, integrating with our APIs may also boost your program’s performance by catching some conversions that other tracking methods miss. Please note that you will likely need to pull in a developer to perform the new integration. If you have any questions or would like to learn more about upgrading to an API integration, please reach out to your CSM or contact support by clicking the blue button at the bottom of your impact.com dashboard.

Connect with top tech partners in a flash with the Partner Integrations Hub (Beta)

Have you ever wanted to work with a tech partner, but found it hard to actually implement their JavaScript tag? If so, you’re not alone, and we want to make that easier.

We’ve been working on a Partner Integrations Hub, which provides turnkey integrations with several popular tech partners. If you’re integrated via our Universal Tracking Tag (UTT), you can take advantage of that existing JavaScript integration to add participating tech partners without having to go through your IT department.

As of today, the Partner Integrations Hub includes:

• tvScientific

• Upsellit

• intent.ly

We’ve got a big pipeline of partners in the queue, so look forward to more being added soon. But while we work to integrate more partners, we’re moving this feature into an open beta so that more brands can take advantage of these streamlined integrations.

To get started today, you can find the Partner Integrations Hub in your impact.com settings, under “Technical”. You can also read this help article to help you get started.

Note: This feature only works for programs integrated via our UTT. If your program uses another integration method, you will not see that option. If you don’t see the Partner Integrations Hub in your Settings page, but you believe you should, please contact your CSM or reach out to support.

Exclude variants from Shopify product catalog

By default, Shopify product catalogs pull in all the variant details (size, color, etc.) from Shopify. If you do not want to include all those variants in the product catalog you share with your partners — and just have one row per SKU — you can now do that by toggling on “Exclude Product Variants”.

New fields are now available in the Advanced Action Listing (Includes Category/SKUs) report

The Advanced Action Listing (Includes Category/SKUs) report now contains the following fields to help you get an even more granular view into your data: 

• Click id

• Contract id

• Referral landing page

• Conversion Country

• Conversion region

• Conversion city

The ITP Marketplace badge is going away soon

impact.com verifies that each program’s tracking implementation meets a minimum standard to comply with browser restrictions that limit the use of 3rd party cookies, such as Apple’s ITP. Thanks to these standards, nearly all programs on impact.com have first-party cookie-based tracking or better. 

Since 99.8% of brands on impact.com today are ITP compliant, the badge has lost some relevance. Therefore, we plan to remove the badge in our next release. 

The Contract API endpoint now contains Scheduled Terms

Version 13 of Contract API now includes Scheduled Terms. To test out the change, add --header 'IR-Version:13' or query string param IR-Version=13 or upgrade to the latest version: 13

Coming soon: An improved ad asset creation experience

We are gradually overhauling the screens you use to create and edit your ads, starting with Text Link and Coupon. In about a week, you will see a sleek new version of the Create Text Link Ad, Edit Text Link Ad, Create Coupon Ad, and Edit Coupon Ad screens.

If you’re not a huge fan of change (same, TBH), don’t worry! You’ll still be able to do everything you could do before. We have redesigned the user experience to allow you to do everything with fewer clicks and less time spent hunting around the page.

Also, we are renaming “Ad” to “Asset”. It just makes more sense. Anyway, keep an eye out for this first round of changes in the next week or so. After that, we’ll continue making our way through the other ad asset types, until everything is shiny and new.

Oh, and here’s a preview. Slick, huh?

Improved address privacy for unjoined partners

To enhance privacy and improve the user experience in the Partner Prospecting UI, we’ve made an update to how partner addresses are displayed:

• For unjoined partners, you'll now see only the city, state, and country—no full addresses.

• For joined partners, the full address remains visible as usual.

This change ensures that you still get relevant location details while respecting partner privacy.