Key Concepts Explained

before diving into reports and taking action, let's establish a common language these concepts appear throughout marcode and understanding them makes everything else clearer advertiser what it means an advertiser is any entity showing paid search ads on your monitored keywords this is the company name displayed in google or bing search results when someone pays for an ad important to know the advertiser name is usually not the affiliate's name one advertiser might use multiple websites one affiliate might use multiple advertiser names marcode groups ads by advertiser to show patterns example you monitor "yourbrand discount code" the advertiser might show as "click tech limited" (generic company name), but they're actually an affiliate using a fake voucher site where you'll see this dashboard, all reports, alerts share of voice (sov) what it means the percentage of searches where a specific advertiser's ad appeared, compared to all searches we ran how it's calculated times advertiser appeared ÷ total searches run × 100 = share of voice example we searched "yourbrand" 1,000 times in a day your brand appeared 650 times = 65% share of voice hijacker appeared 150 times = 15% share of voice other advertisers 200 times = 20% share of voice what's healthy your brand 60 80% on core brand terms individual hijacker 0% is ideal, 1 5% needs addressing, 5 15% needs urgent action, 15%+ is hugely damaging why it matters higher share of voice = more traffic stolen it's your best proxy for measuring fraud impact and prioritising which hijackers to address first where you'll see this dashboard, hijacking report, infringement report publisher / affiliate what it means in affiliate marketing, a publisher is a partner in your affiliate programme who promotes your brand in exchange for commission in marcode, we use "publisher" and "affiliate" interchangeably the confusion the advertiser name you see in search results (e g , "click tech limited") is usually not the publisher name in your affiliate network (e g , "voucherdeals ltd") why this matters to take action against a hijacker, you need the affiliate id and ideally the publisher id this is the most important piece of information to get, as it allows you to take action to get these we go through a process detect the advertiser name running ads (what google/bing shows) detect the affiliate id via analysis (what's in their tracking links) connect the id to the publisher name via the publisher list of api connection (what's in your affiliate network) marcode helps you make these connections through ad analysis, api connections and publisher list matching where you'll see this hijacking affiliates tab, publisher list uploads publisher list what it is a file you upload to marcode containing all the publishers/affiliates in your programme typically exported from your affiliate network (awin, cj, impact, etc ) what it should include publisher id publisher name domain (this is critical) email address for contact why upload it once uploaded, marcode can automatically identify which bidders are your publishers label them as in reports improve categorisation accuracy how often to update monthly, or whenever you approve new publishers where you'll use this account settings, referenced throughout reports keyword groups what they are organisational folders for your monitored keywords they help you segment reporting and set different alert thresholds example structure 📁 brand core yourbrand yourbrand com your brand 📁 brand + discount yourbrand discount yourbrand promo code yourbrand voucher 📁 product specific yourbrand product1 yourbrand product2 benefits filter reports by group set different alerts per group clearer analysis of fraud patterns better stakeholder reporting where you'll see this keyword management, report filters, dashboard ad analysis what it means for hijacking, clicking on an ad, following all redirects, and extracting the affiliate parameters hidden in the url chain for coupon sites, clicking on an ad, navigating through the site to get to the brand site, and extracting the affiliate parameters hidden in the url chain for browser extensions, triggering the extension in marcode, following the redirects it sends the user through and extracting the affiliate parameters in the url chain why it's needed hijackers use cloaking and fake websites to hide their affiliate ids ad analysis bypasses these tricks to reveal who they really are two types automated marcode runs daily on detected hijackers, coupon sites and browser extensions manual you trigger on demand for immediate results what it reveals affiliate id or click reference sub publisher ids if there the complete redirect chain final destination url where you'll use this hijacking advertisers tab, evidence gathering subnetwork what it means a subnetwork (or sub affiliate network) is a publisher in your affiliate programme who recruits and manages their own sub publishers they act as a middleman between you and the actual promoters how it works your brand → affiliate network → subnetwork → sub publishers ↓ you see the subnetwork's id in reports, not the actual sub publisher doing the work example "performance partners ltd" joins your programme they then recruit 50 sub publishers who promote under performance partners' affiliate id you only see performance partners in your reports, even though 50 different people are promoting why this matters for fraud most hijacking, fake voucher sites and browser extensions come through subnetworks the subnetwork often hasn't properly vetted their sub publishers when you find fraud, you need to work with the subnetwork to identify the actual bad actor some subnetworks are legitimate, others are entirely fraudulent red flags very high sales volume with no obvious traffic source unable or unwilling to identify which sub publisher drove specific sales generic company names defensive or evasive when questioned about hijacking where you'll see this throughout enforcement, especially when dealing with hijackers who are difficult to identify link to docid\ rkf5vn f e1tsj7lndb t working with subnetworks browser extension what it means browser extensions are small programmes users install in chrome, firefox, safari, or edge that modify their browsing experience in affiliate fraud, extensions can inject affiliate cookies or discount codes without the user fully understanding what's happening how extensions work in affiliate fraud user installs an extension (often for "finding discount codes") when they visit your website, the extension fires it drops an affiliate cookie or applies a discount code the extension owner gets credit for the sale user may or may not realise this happened types of extension behaviour legitimate extensions user knowingly signed up for cashback/discounts extension is transparent about affiliate relationships user actively chose to use it fraudulent extensions user doesn't understand they're giving away attribution extension claims to "find codes" but mainly drops cookies no real value provided to the user aggressive last click attribution hijacking why they're difficult user initiated (makes them harder to ban outright) determining "legitimate" vs "fraudulent" is subjective users don't understand the implications where marcode helps extension monitoring report shows which extensions are active tracks frequency and behaviour patterns helps you decide which to allow and which to ban where you'll see this extension report, discount code tracking link to reading the extension report understanding extension fraud quick reference term simple definition where you'll see it advertiser company name shown in search ads all reports, dashboard share of voice % of times an advertiser appeared reports, metrics publisher your affiliate partners publisher lists, enforcement publisher list file of your approved affiliates settings, matching keyword group organised folders for keywords filters, alerts ad analysis process to extract affiliate ids hijacking tab, evidence cloaking methods to hide affiliate details context for analysis subnetwork publisher who manages sub publishers fraud investigations, enforcement browser extension programme that modifies user browsing extension report, policy decisions