In February 2016, we put a series of new fraud control measures into operation in all our contests. Organizers weren’t aware that these controls were in place, but we were assessing in beta. Since then, we’ve received just three fraud queries: we resolved two of these easily; the third helped us to develop and refine our controls. Our new measures were clearly working.
NOTE: the new anti-fraud control system is, by default, always active and enabled for any type of voting contest, regardless of version: Basic, Premium or White Label.
Voting contests: benefits and bad practices
Contests based on voting – whether for photos, videos or texts – are one of the most popular promotion mechanisms because they provide brands with the following benefits:
- Delegating winner selection to users
- Boosting virality:
- 98% of participants share their entries in order to obtain votes
- 46% of voters become brand followers
- The contest receives a higher number of page views, bringing greater visibility to the brand
- In some countries, such as Spain, the 10% prize tax is not charged when winner selection is not carried out randomly.
On the other hand, voting contests encourage users to compete among themselves, and when your contest is shared across social media networks, you lose control over who participates, and small arguments between participants may grow in scale and intensity. This means that the contest organizer must deal with such incidents and find a way to verify the votes. Mismanagement of these two points can give a brand a bad image – something which spreads quickly online.
Voting contest controversies happen because of the bad practices of some participants attempting to gain more votes. If a participant is very keen to obtain a prize but is not in a position to win the contest, this participant is at risk of engaging in a bad practice. The most frequent bad practices are:
- Buying votes online: there are websites, Facebook groups, and Facebook users selling votes. You can buy votes for an average of 80€ per 500 votes.
- Using fake Facebook accounts: some users manage multiple Facebook accounts which they use to cast votes. As indicated in Facebook’s Community Standards, an account is considered fake when there isn’t a person with an authentic identity behind it.
- Using stolen accounts: there are techniques, such as Facebook Phishing, designed for stealing accounts from real Facebook users. The offender can then use these accounts to cast votes.
- Computer programs for automatization or semi-automatization of voting: IP controls are very simple. A user with an average, or even below-average, knowledge of computing can easily exploit such tools to change their IP address, as well as other connection parameters, in order to falsify a vote’s origin.
Objectives of the new Fraud Control System
The Fraud Control System has been designed to achieve the following 4 objectives:
- Prevent fraudulent actions: Technical mechanisms of deterrence ensure that users who’ve committed fraud in the past can’t do so again.
- Block invalid votes: The system blocks invalid votes in real time, making sure they’re not counted.
- Detect patterns of fraud: Sometimes a single vote does not appear to be fraudulent, but becomes so when analyzed as part of a series of votes.
- Provide tools to organizers in order to conclusively determine the validity of a contest participant: An organizer can evaluate the contest entry – checking whether it complies with the Legal Bases – and certify its validity using objective data, thus avoiding any polemic with participants.
What have we done to control fraud?
1. We’ve analyzed online vote sellers: We’ve studied how online vote buying works. We know who the leading sellers are, how they advertise, and how they communicate. We’ve built a complete picture of who they are and how they behave.
2. We’ve purchased votes online: Our team set up a one-off voting contest, which only they could access, to act as a honeypot. We then bought votes from the leading sellers in order to:
(1) analyze their M.O.
(2) register the votes obtained and add them to our database
(3) analyze their conduct and develop algorithms for detecting behavior patterns
(4) analyze the profile of voters and create a profile of the types of voters engaged in vote buying
(5) evaluate the effectiveness of new antifraud measures. They work. In all cases we were able to successfully detect fraudulent votes
3. We’ve analyzed all past contests: thanks to our analysis of vote sellers we’ve been able to detect patterns and broaden our database of accounts suspected of vote buying.
4. We’ve developed new technical mechanisms: the purchase of online votes has enabled us to view the M.O. of sellers and to program countermeasures designed to detect and block them.
Anti-fraud system controls and alarms
- The anti-fraud control system has 11 different security controls. When a user casts a vote, the system checks it against each of these 11 security controls. If the vote does not pass each of these controls, it won’t be counted.
- The user is shown a message explaining exactly why the vote hasn’t been accepted.
- An alert associated with the participant is registered. This alert is available to the administrator. The alert might be severe or minor.
There are security controls that evaluate patterns of vote-buying, fake or suspicious accounts, IP manipulation, frequency of voting, etc. You can read a description of each of these security controls, and its associated alert, in this link.
In addition to these 11 security controls, two extra systems have been added to help prevent fraud:
- Use of Google’s Captcha system in order to minimize vote automatization. The Captcha is always obligatory.
- The system of double opt-in via email can also be enabled. This is optional. When users vote, they will receive an email with a link to validate their vote. Until users click on the link, their vote will remain pending.
Fraud Index and Validity Report
As entries receive votes and alerts are registered, the system calculates the Fraud Index of each participant.
The Fraud Index calculated by Easypromos represents the probability that a participant is obtaining votes fraudulently. This Index is between 0% and 100%. If the value of the Fraud Index is equal to or more than 100%, Easypromos will consider the entry fraudulent.
Contest organizers can access the participants list from their Dashboard. For each participant the organizer can view the number of votes and the Fraud Index of each vote:
By accessing the Fraud Index, the administrator can see a list of all the security alerts registered for this user.
Recommended use of the Fraud Index is as follows: The administrator can include the Fraud Index, calculated by Easypromos, in the Legal Bases of the contest as a factor for determining the validity of participations. In this way, the organizer has an objective value with which to verify the participant of a voting contest.
Once the voting period is over, the anti-fraud system provides the organizer with a Validity Report certifying the value of the Fraud Index calculated for each participant. The organizer can use the Validity Report in case one of the participants asks to see the value of their Fraud Index.
Here’s everything you need to know about the Fraud Index: what it is; how it’s calculated; what text to include in the Legal Bases; plus recommendations for use.
Good practices and recommendations
There’s no such thing as definitive and permanent fraud control. Users who engage in bad practices will always try and find new ways of getting their hands on prizes. That is why the struggle against fraud and the analysis of current contests, user behavior and so on, must be carried out on a day-to-day basis.
Below, we present a series of tips which will serve you well in your voting contests:
Don’t award the prize to the most-voted user.
If you award the prize to the most-voted participant you’ll be inciting greater competitiveness among participants. This increases the likelihood that a participant will be tempted to use bad practices to obtain the prize. We suggest you use one of these two mechanisms instead:
- A jury chooses the winner from among all participants obtaining a minimum of 30 votes.
- A random sweepstakes is carried out among all participants obtaining a minimum of 30 votes.
Instead of employing social network functions such as Like, Favorite or RT, utilize a specialized voting system.
Features such as Like in Facebook and Instagram, or Retweet and Favorite in Twitter were designed for users to express their feelings about social media content, and not as specialized voting mechanisms. Since these functions were not intended to be used as voting tools, they provide more opportunities for carrying out fraud. An online vote seller is only too happy to be asked to vote for a Facebook photo by Liking it, as this method of voting isn’t subject to any fraud control mechanisms.
Whenever you organize a voting contest, make sure you use programs or mechanisms that have been specially designed for monitoring votes. This will enable you to minimize fraud.
Don’t disqualify a user until the voting period is over
It is not good practice to disqualify users while the voting contest is still active. Participants may react badly to being disqualified and attempt to sabotage the contest by posting offensive comments, making false accusations, questioning the validity of other contestants’ entries or even casting false votes for other entries.
It’s true that a participant who’s carrying out fraud and obtaining many votes may discourage those who want to do it correctly from taking part. But it’s still better to disqualify the fraudulent user at the end and avoid putting your contest at risk from sabotage. In the long run, disqualified users will either realize that they aren’t winning any contests and stop participating, or they’ll be permanently blocked from taking part in further contests due to recurrent use of fraud. Another alternative is to hide the vote counters during the voting period and wait until the end of the contest – once fraudulent users have been disqualified – before publishing them.
Use your Legal Bases to inform participants that you’re going to apply the Easypromos Fraud Index to determine the validity of each entry.
We recommend that you only disqualify a participant flagged up by the Fraud Index once the following three conditions have been met:
- The voting period has ended.
- You’ve indicated in your Legal Bases that the Fraud Index will be used as a factor for determining whether participants’ entries are valid.
- The value of the Fraud Index is greater than 100%.
Use the following text in your Legal Bases:
“The contest organizer advises that the validity of votes received by contest participants will be assessed using the “Fraud Index” tool developed by EASYPROMOS. Using this tool the Organizer can determine, upon finalization of the voting period, whether the participant has engaged in fraudulent practices in an attempt to obtain more votes. If the Fraud Index of an entry is equal to, or more than, 100%, the Organizer reserves the right to disqualify the participant and declare his or her participation void.”
Don’t believe all allegations made by participants
Some users will make false allegations in an attempt at sabotaging a contest or casting doubt over the validity of other participants’ entries. You should have a generic response prepared to thank the participant for his or her report and explaining that the validity of participations will be ascertained at the end of the contest using the Easypromos Fraud Index.
Would you like to find out more? Contact our Support Team!