Google allegedly paid Mastercard millions for data to link online ads with offline purchases

[Shawn Knight]

Why it matters: Google's extensive tracking practices continue to come under fire as details involving a deal with Mastercard to link online ads with in-store purchases surface. Is it for the betterment of products or at some point, does all this tracking start to get a bit creepy?

Google in 2017 announced a service called Store Sales Measurement that allowed advertisers to measure revenue and store visits derived from search and shopping ads. The tool largely flew under the radar although Google’s admission that it captures approximately 70 percent of credit and debit card transactions in the US probably should have raised some red flags.

Bloomberg in a recent piece explores how the process works and details Google’s secret deal with Mastercard that helps power it.

Say, for example, you search for “red lipstick” on Google and click a relevant ad. Ultimately, however, you navigate away and don’t make a purchase. A few weeks later in a brick-and-mortar store, you buy some red lipstick using your Mastercard. Google will generate a report on the purchase and feed it to the advertiser who ran the online ad you initially clicked on.

This only happens if you were logged into a Google account when you clicked the ad and only if you purchase the product offline within 30 days of clicking the ad, Bloomberg says.

Sources familiar with the deal say Google paid Mastercard millions of dollars for the data.

Google in pitching the solution to advertisers said there is no costly integrations or time-consuming setup on their end and that they don’t need to share any customer information. It matches “transactions back to Google ads in a secure and privacy-safe way, and only report[s] on aggregated and anonymized store sales to protect your customer data.”

A Google spokesperson didn’t comment on the deal with Mastercard specifically but said that before launching the beta product last year, they developed a double-blind encryption technology to prevent both Google and its partners from viewing their respective users’ personally identifiable information.

The spokesperson added that users can opt out of ad tracking through the Web and App Activity section in their Google account.

A spokesperson for Mastercard said the company shares transaction trends with service providers and merchants to measure “the effectiveness of their advertising campaigns” but noted that no individual transaction or personal data is shared. “We do not provide insights that track, serve up ads to, or even measure ad effectiveness relating to, individual consumers.”

It’s unclear if Google has similar arrangements with other credit card companies. Depending on your interpretation of Google’s admission that it captures approximately 70 percent of credit and debit card transactions in the US, it could very well have deals in place with other providers as well.

Bloomberg also noted that since 2014, Google has tipped off advertisers when a person clicked an ad then visited a physical retail store using the Location History feature within Google Maps. Google reportedly layered on additional insights in subsequent years which led to the creation of the Store Sales Measurement.

Lead image via Krisztian Bocsi, Bloomberg. Second image via Getty Images

Permalink to story.

https://www.techspot.com/news/76231-google-allegedly-paid-mastercard-millions-data-link-online.html

[/s]

 

[wiyosaya]

All the more reason to avoid gagme.

 

[OutlawCecil]

Oh boo-hoo! I hate ads that are already present but now more relevant to me specifically! Now somebody will know I bought shoes and a new car! My privacy! My precious privacy!

 

[regiq]

Oh boo-hoo! I hate ads that are already present but now more relevant to me specifically! Now somebody will know I bought shoes and a new car! My privacy! My precious privacy!

Why do you even bother reading those articles? Something about it must be really bugging you

 

[wiyosaya]

Oh boo-hoo! I hate ads that are already present but now more relevant to me specifically! Now somebody will know I bought shoes and a new car! My privacy! My precious privacy!

Why do you even bother reading those articles? Something about it must be really bugging you

And he/she must have unlimited income, and cannot help but click on ads and buy things.

 

[wiyosaya]

Oh boo-hoo! I hate ads that are already present but now more relevant to me specifically! Now somebody will know I bought shoes and a new car! My privacy! My precious privacy!

Personally, I call it parasitism.

 

[p51d007]

I haven't used google in years. THERE ARE alternatives. I like duckduckgo.com myself.
Also, if you aren't running a VPN you should.

 

[OutlawCecil]

And he/she must have unlimited income, and cannot help but click on ads and buy things.

I think now-a-days there is no shortage of people who are paranoid about privacy to the point they think some person in a room somewhere is watching them. In reality, Google doing this should have no affect on anything. Again, it's all automated and encrypted so no actual people would set eyes on the data. Secondly, and I say this all the time, nobody cares what "Joe Smith" bought one year ago on October 26th 2017 but if it replaces his pregnancy support group ads with more relevant "trade your car in today" ads, who was harmed? Nobody has his personal info, he sees ads more relevant to him, and other companies increase their likelihood of sales. It's the way the world should be when not dealing with true personal data.

 

[treetops]

These same companies put pop ups in your face back in the day, you really think they have our best interest at heart? Yes they are trying to make more money that is what companies do, but how else will they use your data to make money? Political talking points? Someone somewhere would love the recipe on how to take away our rights in a way that we would not retaliate against. They scan our emails, social media posts, social media messages, texts, location data, browser history, forum posts and the nsa records our phone calls. Now our offline purchases.... Every little bit sounds like a small thing, but it could add it up.

 

[Evernessince]

And he/she must have unlimited income, and cannot help but click on ads and buy things.

I think now-a-days there is no shortage of people who are paranoid about privacy to the point they think some person in a room somewhere is watching them. In reality, Google doing this should have no affect on anything. Again, it's all automated and encrypted so no actual people would set eyes on the data. Secondly, and I say this all the time, nobody cares what "Joe Smith" bought one year ago on October 26th 2017 but if it replaces his pregnancy support group ads with more relevant "trade your car in today" ads, who was harmed? Nobody has his personal info, he sees ads more relevant to him, and other companies increase their likelihood of sales. It's the way the world should be when not dealing with true personal data.

Paranoid insinuates that they are worrying about nothing yet there are almost daily articles about just how much these companies do collect. You've seen more then the tip of the iceberg and yet you ignore it's mass.

You are telling me to trust corporations with my private data and no real laws governing how they are allowed to use it? I hope I don't have to pull out a history lesson of the industrial revolution and just how far companies will go when unregulated. Machiavelli knew over 500 years ago that any system that can be exploited will be and private entities had no moral value, only that of that dollar.

Paranoid? No, people just know the obvious. If they were in the same position almost anyone would exploit the lack of data protection laws for maximum profit. They are a company after all, that is their goal.

 

[captaincranky]

@Shawn Knight Quote, "Depending on your interpretation of Google’s admission that it captures approximately 70 percent of credit and debit card transactions in the US"...[ ]..!

What should be of overarching concern about this, is whether or not 70% of all credit card transactions are done online.

Because if Google is capturing transactions at local store terminals, that sounds like a job for the FBI. You'd at least think they could take a run a Google for unlawful surveillance. Jus' sayin'.

This links to the "targeted advertising", you'll find on your Gmail page.

Not to mention the fact they have the raw ballz to ask you, "tell us why you dismissed that ad". Right Google, I get right on replying to that.

(So many new emoticons, and yet still no :":flipsgooglethebird;")....

 

[Cubi Dorf]

I cannot believe people not understanding the danger of have these kind databases exist. people really think this data can never be used for other than advertising?! it is just waiting to be hacked and abused. or even just abuse because this is google. it very easy to phish someone when you know everything about them, and that is only scratch the surface of the danger. people who don’t understand the risk are certainly not going to resist getting tricked by phishing. it only a matters of time. database can even be a tool for genocide, which is happen in the world today. one sql query on location database and adolf hitler could have had a list of every person name and address who visited jewish temple. americans are foolish because their government protects them so good they don’t understand danger anymore.

 

[regiq]

I truly believe that our reaction to these dealings shapes the future of the civilization. And it seems much bigger now then just a year ago on this forum.

 

[senketsu]

I think now-a-days there is no shortage of people who are paranoid about privacy to the point they think some person in a room somewhere is watching them. In reality, Google doing this should have no affect on anything. Again, it's all automated and encrypted so no actual people would set eyes on the data. Secondly, and I say this all the time, nobody cares what "Joe Smith" bought one year ago on October 26th 2017 but if it replaces his pregnancy support group ads with more relevant "trade your car in today" ads, who was harmed? Nobody has his personal info, he sees ads more relevant to him, and other companies increase their likelihood of sales. It's the way the world should be when not dealing with true personal data.

Why can they not be upfront about what they are collecting and how it is used and,
Why can I not opt out of it if I so choose?

 

[wiyosaya]

I think now-a-days there is no shortage of people who are paranoid about privacy to the point they think some person in a room somewhere is watching them. In reality, Google doing this should have no affect on anything. Again, it's all automated and encrypted so no actual people would set eyes on the data. Secondly, and I say this all the time, nobody cares what "Joe Smith" bought one year ago on October 26th 2017 but if it replaces his pregnancy support group ads with more relevant "trade your car in today" ads, who was harmed? Nobody has his personal info, he sees ads more relevant to him, and other companies increase their likelihood of sales. It's the way the world should be when not dealing with true personal data.

Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety - Ben Franklin

I'll paraphrase - Those would would give up details about their private financial transactions because it affords them simplicity in choosing what they buy deserve neither private transactions nor simplicity in choosing what they buy.

So you are willing to give up details of your credit card transactions because it will present ads to you in which you may have an interest?

Tell me, how much detail is gagme collecting? What's that? You can't? Why? Because gagme is not forward about it? And what else are they not forward about? What's that? You cannot tell me again because gagme is not forward about it? And what else is gagme not telling you?

It's plain to me that some out there just do not understand that financial transactions are not for the world to see, nor record in databases. Just look at Equifax - or read the quote below. There is simply no telling what hands this type of data might fall into, and sincerely, I hope you never have to deal with identity theft. If you ever do, my bet is that you would quickly change your tune.

I cannot believe people not understanding the danger of have these kind databases exist. people really think this data can never be used for other than advertising?! it is just waiting to be hacked and abused. or even just abuse because this is google. it very easy to phish someone when you know everything about them, and that is only scratch the surface of the danger. people who don’t understand the risk are certainly not going to resist getting tricked by phishing. it only a matters of time. database can even be a tool for genocide, which is happen in the world today. one sql query on location database and adolf hitler could have had a list of every person name and address who visited jewish temple. americans are foolish because their government protects them so good they don’t understand danger anymore.

 

[OutlawCecil]

So you are willing to give up details of your credit card transactions because it will present ads to you in which you may have an interest?

Why can they not be upfront about what they are collecting and how it is used and,
Why can I not opt out of it if I so choose?

Paranoid? No, people just know the obvious. If they were in the same position almost anyone would exploit the lack of data protection laws for maximum profit. They are a company after all, that is their goal.

A stolen fingerprint, social security number, address, phone number, health records...etc are privacy issues. Your shopping list isn't and should be. Would you panic if you dropped your slip of paper with your shopping list when walking around Walmart? Not a single one of you pointed out what the harm is (other than your hurt feelings) in someone knowing that "card number xxxx xxxx xxxx 1234 purchased a new pillow" is. Give me the worst case scenario. Lets say a hacker hacks in, somehow breaks through the military-grade AES 256 encryption, and knows THAT card bought THAT pillow. GO!

In the end, it really is paranoia. This is one of those things that easily SOUNDS bad but is really a non-issue. Why aren't they upfront about it? Because paranoid people LOVE stuff like this. They were hoping to avoid putting gasoline on a flame.

 

[Evernessince]

A stolen fingerprint, social security number, address, phone number, health records...etc are privacy issues. Your shopping list isn't and should be. Would you panic if you dropped your slip of paper with your shopping list when walking around Walmart? Not a single one of you pointed out what the harm is (other than your hurt feelings) in someone knowing that "card number xxxx xxxx xxxx 1234 purchased a new pillow" is. Give me the worst case scenario. Lets say a hacker hacks in, somehow breaks through the military-grade AES 256 encryption, and knows THAT card bought THAT pillow. GO!

In the end, it really is paranoia. This is one of those things that easily SOUNDS bad but is really a non-issue. Why aren't they upfront about it? Because paranoid people LOVE stuff like this. They were hoping to avoid putting gasoline on a flame.

You do realize that your phone number and address are already shared freely correct? It's not illegal for companies to share that information. You do also realize that Equifax lost millions of American's extremely sensitive information including SS numbers and they got zero punishment. But yes, let's ignore the ballooning cost of cyber theft and identity thieves, which cost the US billions each year.

Your comparison to losing your shopping list is terrible and completely misses the point. Walmart doesn't collect Name, PIN, Fingerprint, Face, Address, social security number, location, location history, browser history, passwords, usernames, recently purchased products, activity data, and more. That's just Google and that's assuming they don't broker data from any firm. Would you be worried if someone dropped a slip of paper with that information on it? I hope so. Even impartial data sets from something as simple as a shopping list can be corroborated with other sources of information to make a very compelling profile. The government understood this and it's why they made the PRISM program. To summarize, the point is that innocuous information when paired in a string can easily build a dangerous personal profile. The fact that there is a lack of penalties and a lack of laws concerning how this data is handled means anyone can get this information without fear of persecution.

And don't be silly about the military grade encryption. Do you know how many companies only encrypt the transmission of the data and not the actual data itself? You aren't going to sit there and tell me every company is 100% competent, especially not after what we've seen recently.

 

[OutlawCecil]

Even impartial data sets from something as simple as a shopping list can be corroborated with other sources of information to make a very compelling profile.

So you are against this, not because of what this article is about, but that it's in conjunction with other privacy concerns? If you want to throw in other offtopic privacy concerns, yes in conjunction, this could be used to create more of a profile on people. But staying on topic here, THIS information is trash and other privacy concerns should be the ones that get publicized and fixed.

 

[Evernessince]

So you are against this, not because of what this article is about, but that it's in conjunction with other privacy concerns? If you want to throw in other offtopic privacy concerns, yes in conjunction, this could be used to create more of a profile on people. But staying on topic here, THIS information is trash and other privacy concerns should be the ones that get publicized and fixed.

You still aren't getting it. This information needs to be protected just as every other bit of personal information does. As I pointed out before, each piece of information is but a building block for these companies. You telling everyone to forget the less important personal information is like playing chess without using the pawns. All you'd end up with is weak legislation that has to somehow make a case by case determination on which personal information is important and which isn't. Is is such a grand concept that all personal information not be privatized? At least without due consent?

 

[Danny101]

Data collection as ubiquitous as the air we breathe will eventually give the controllers the power to choke us all off from it. That which is benign today can just as easily be malignant tomorrow. Anticipation of malevolence is an unfortunate burden as long as evil lives among us.

 

[regiq]

So you are against this, not because of what this article is about, but that it's in conjunction with other privacy concerns? If you want to throw in other offtopic privacy concerns, yes in conjunction, this could be used to create more of a profile on people. But staying on topic here, THIS information is trash and other privacy concerns should be the ones that get publicized and fixed.

The data from various sources IS used in conjunction, that's the definition of profiling and the whole point of this discussion.

Just read 1984 and try not to dismiss it as paranoid.

 

[OutlawCecil]

You still aren't getting it. This information needs to be protected just as every other bit of personal information does. As I pointed out before, each piece of information is but a building block for these companies. You telling everyone to forget the less important personal information is like playing chess without using the pawns. All you'd end up with is weak legislation that has to somehow make a case by case determination on which personal information is important and which isn't. Is is such a grand concept that all personal information not be privatized? At least without due consent?

Evernessince, the moment you leave your house, you begin to leave a paper trail whether you like it or not. Cameras will record you walking past, microphones will hear you talk, and records are made when you buy things. It cannot be helped and all those things will exist whether you like it or not. You are getting upset that these things are going from one person to another when the fact is, they aren't yours anymore. You do not own other people's pictures of you, other people's recordings of you, nor other peoples records of you. It's up to other companies to make their own policies to encourage you to utilize their businesses but its up to YOU to avoid ones you don't trust. Yes, the government can lay down laws to limit this stuff but in the end, you need to let go of your assumption that everything about you is yours to own. You shopped somewhere and gave them your information. It's their record of you now. Not yours forever.

There is no assumption of privacy anytime you go into public. Welcome to America and a culture of consumerism.