Embed Size (px)
Citation preview
Copyright © 2008 Keio University
Digital Marketing AntiPattern
- in security and privacy -
Keiji Takeda
Keio University
W3C / MIT
2015/9/17 W3C Web and Digital Marketing Convergence
2
Background and Motivation
Background:Recursive Failure in Digital Marketing Practices.
Motivation:By sharing knowledge on bad practices in digital marketing, similar risks can be managed or mitigated.
Objective: Develop a catalog of common failures/misunderstanding
in digital marketing practices.
Clarify border between what should be avoided or what can be done.
3
AntiPattern
“a literary form that describes a commonly occurring solution to a problem that generates decidedly negative consequences.
The AntiPattern may be the result of a manager or developer not knowing any better, not having sufficient knowledge or experience in solving a particular type of problem, or having applied a perfectly good pattern in the wrong context. “
W. J. Brown, R. C. Malveau, H. W. McCormick, and T. J. Mowbray. AntiPatterns: Refactoring Software, Architectures, and Projects in Crisis. Wiley, 1998.
4
Digital Marketing AntiPattern Examples
Malvertising
Inescapable Tracking
User Data Inspection
Accidental Data Exposure
Local Optimum
... and more
5
Malvertising
Malvertising (Malicious Advertising)Name
AntiPattern Problem
Solution
An online criminal methodologyuse of advertising networks to spread malicious software
Screening of advertiserDevelop detection mechanismDevelop secure advertising network technology
DoubleClick, AppNexus, engage:BDR, ExoClick (2015/8 )Yahoo!(2015/8)
6
Malvertising
DoubleClick, AppNexus, engage:BDR, ExoClick (2015/8 )Yahoo!(2015/8)
(SC Magazine, 2015/09/07) (Fox News, 2015/08/24)
7
Inescapable Tracking
Inescapable TrackingName
AntiPattern Problem
Solution
Use of unchangeable persistent ID for user tracking.
Avoid using unchangable persistent unique ID for user trackingUse Cookie or temporal ID that user can delete or reset
(UDID/IMEI, MAC, SerialNumber, SIM, SIM Number, social security number, fingerprint/biometrics, super cookie)2011 IMEI Docomo Media Player2012 UDID leakage from Apple
8
User Data Inspection
User Data InspectionName
AntiPattern Problem
Solution
Inspect user data (DPI, storage, installed application etc.) for marketing or advertisement.
Ask explicit user permission or consent for private data access.Or limit data access in minimum scope for purpose.
DPI advertisement (NebuAd, Phorm)Use of address book(contact list) on smart phones.Retrieving application Listing on smart phones
9
Accidental Data Exposure
Accidental Data ExposureName
AntiPattern Problem
Solution
Information leakage caused by putting data or application program as accessible to public on web servers.Sending e-mail message with enumerated addresses.
Avoid placing valuable data on front end web server.Configure proper permission setting and use compartmentalization mechanisms. (chroot, jail, etc.) Use special applications to send bulk messages.
Google Hacking
10
Local Optimum
Local OptimumName
AntiPattern Problem
Solution
Construct a platform with too much optimization to local (technological, legal) environment. It becomes not able to deploy globally.
Use standard technology.Avoid using localized technology.
Web services for Japanese feature phone
11
Browser Share ( US )
Source: http://gs.statcounter.com/
12
Browser Share ( JP )
Source: http://gs.statcounter.com/
13
Browser Share ( CN )
Source: http://gs.statcounter.com/
14
Search Engine ( US )
Source: http://gs.statcounter.com/
15
Search Engine ( JP )
Source: http://gs.statcounter.com/
16
Search Engine ( CN )
Source: http://gs.statcounter.com/
17
Social Media ( US )
Source: http://gs.statcounter.com/
18
Social Media ( JP )
Source: http://gs.statcounter.com/
19
Social Media ( CN )
Source: http://gs.statcounter.com/
20
Conclusion
Share issues and bad experience in digital
marketing
AntiPattern for risk avoidance and mitigation
Malvertisement is significant threats and an
intersection of marketing, security and
technology.
Environment and premise varies by countries
but standardization would help digital
marketing.
