Adobe Analytics

zahid15001577 · 12/3/20

Since Adobe Analytics has front-end implementation, anyone can copy your tracking script or entire page source and use it on their domain. How to prevent tracking calls made from domain other than you own. May be something like not considering those calls so as to save tracking call cost and keep the data clean?

Thank you,

Andrey_Osadchuk · 12/3/20

As an option you may want to populate a variable with a page URL (or hostname) and then configure a VISTA rule to filter the beacons from undesired websites. However, this will unlikely bring you a positive ROI if the key objective is to reduce the number of server calls as VISTA setup is not free, and I am not sure if filtered server calls are not counted...

If you would like to get rid of the data from undesired websites, consider creating a segment and a virtual report suite with it.

Best wishes,
Andrey Osadchuk | Inspect Launch Implementation, Automate Classifications & Data Sources, Essential Bookmarks

View solution in original post

Andrey_Osadchuk · 12/3/20

As an option you may want to populate a variable with a page URL (or hostname) and then configure a VISTA rule to filter the beacons from undesired websites. However, this will unlikely bring you a positive ROI if the key objective is to reduce the number of server calls as VISTA setup is not free, and I am not sure if filtered server calls are not counted...

If you would like to get rid of the data from undesired websites, consider creating a segment and a virtual report suite with it.

Best wishes,
Andrey Osadchuk | Inspect Launch Implementation, Automate Classifications & Data Sources, Essential Bookmarks

Jacob-DDdev · 12/3/20

Piggy-backing off of @Andrey_Osadchuk 's answer, you could also set up your beacons to only fire on conditional events. In particular, create a condition within each rule that the domain meets the specific criteria.

The only drawback would be that if someone were that highly motivated to commit fraud, they could just send a ton a requests directly to Adobe's tracking server. Ultimately, you may want to look into what laws your country has to protect against fraud. For example, this would be very easy to prosecute under the United State's Computer Fraud and Abuse Act.

Brian_Johnson_ · 12/3/20

I'd go with something like this...

function checkValidDomains(host) {
  var validDomains = ['x.example.com', 'y.example.com'];
  if (!(validDomains.indexOf(host) > -1)) {
    s.abort = true;
  }
}

s.doPlugins = function (s) {
  checkValidDomains(document.location.hostname);
};

If you don't already have doPlugins set up in Launch (or your AppMeasurement.js library), it's easy to do, and if someone happens to copy and use your analytics script verbatim, you'd be covered on ALL analytics calls. No need for rule-specific conditions or anything more complicated.

Jacob-DDdev · 12/4/20

Seems like a good solution, but doesn't hide the value of the tracking server. @Ishan_Sinha_ 's answer is the only one that completely masks all tracking activity from a client.

Brian_Johnson_ · 12/4/20

@Jacob-DDdev - Agreed, but that wasn't what the OP was asking for.

Jacob-DDdev · 12/4/20

True. Might be worth taking your solution to the next level and not only aborting AppMeasurement, but also putting malicious code on the page if the domain doesn't meet the criteria.... Simple solution would be to hide everything on the page.

Brian_Johnson_ · 12/4/20

I thought about that, as well. The options there are only limited by your creativity!

Ishan_Sinha_ · 12/4/20

You may also want to opt for server side implementation to mitigate such concerns.

Adobe Analytics

How to restrict tracking calls from domains other than you own?

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe