Page 1 of 1
Protecting against fraudulent reviews
Posted: Mon Jun 04, 2007 12:37 am
by directone
What's the best way to get some medium level security for my web site's product reviews. What I want to protect against is someone logging in from one computer with multiple user names and writing lots of rave reviews about their own product.
I know a cookie can help, but don't most people disable or clean cookies these days?
Anyone know how amazon et.el. do this kind of thing?
What about eBay's shill bidding algo. Is this in the same field.
Looking for some jump off points to get my research going. Even clues on the right keywords to search for would be great.
Any help greatly appreciated.
Posted: Mon Jun 04, 2007 7:13 am
by superdezign
I'd create a sort of rating system for the users themselves. Keep track of the time the user has been a member, the average review score that they give, and base how much affect they have on the overall score on that.
As for preventing them from even writing the review.. That sounds unfair.
Posted: Mon Jun 04, 2007 10:59 am
by maliskoleather
log the IP address of each comment posted, then when say, 2 or more post(reviews) by the same IP show up, have it throw a flag to the admin or something, so that it can be checked out. Or just plain deny more than one comment on an item by the same IP.
Posted: Mon Jun 04, 2007 11:25 am
by TheMoose
The length of membership isn't exactly reliable, though. If a client has been a member for 8 years but is spamming their product, those reviews should be considered irrelevant. Likewise, if a client has been a member for a day, but provides a valid review of a product, it should weigh a little more than someone who's spamming reviews.
You can cookie a product, but that isn't reliable. You can track IP, but again, unreliable. I'd suggest something like Newegg and a lot of other sites. Don't restrict reviews, but instead have a rating of the specific review itself. People can click "Was this review helpful?", yes/no, and given a certain limit, hide that review. Say if 40% of the total number of votes (either pro/con) for ALL reviews on that product clicked No to a review, you hide that review because it was deemed irrelevant, or invalid. You should still allow them to go to that review, however, by means of a "show all reviews" type setup.
Posted: Wed Jun 06, 2007 5:52 pm
by directone
There seem to be lots of sites that can remember your settings even if you have cookies disabled or cleaned up by a sweeper.
I'm thinking of sites like amazon and ebay that bring up things like "Hello, mr.user! (Not you? Sign in)"
How do they do that if not with cookies?
Posted: Wed Jun 06, 2007 8:43 pm
by feyd
Likely, IP. They may do a bit more intensive look or tracking, but it most likely is based on IP.
Posted: Wed Jun 06, 2007 8:51 pm
by AKA Panama Jack
Most sites key the review the the invoice for the item that was sold.
In otherwords only people who actually bought the product from you would be able to post a review on the product. You give them the option to post a review for up to 30 days after the item shipped. You key it to the invoice and product number in the invoice with ship date.
Not that hard and prevents spamming as only buyers can actually post a review.
Posted: Thu Jun 07, 2007 8:35 am
by christus
Unfortunately that model would restrict a buyer of the same product from another site from posting a useful review.
Posted: Thu Jun 07, 2007 10:40 am
by AKA Panama Jack
christus wrote:Unfortunately that model would restrict a buyer of the same product from another site from posting a useful review.
If you don't do something similar your product reviews will be overtaken by link spammers fairly quickly. Then you need to have someone full time going through and deleting review spam everyday. I know from experience.

Posted: Tue Jun 12, 2007 3:27 am
by Rovas
My idea one: register users that review and one review per user it can edit later if he wanted. It' s much more simpler to implement and many sites do this. You can propose prizes for members or rebates, etc to attract registered users.