Trust Tokens
Jump to navigation
Jump to search
Google's Trust Tokens are “issued” by one organization (a trust provider) and “redeemed” across different publishers.[1] Redemption requires the consent of the issuer. The token state is stored local to a web client.[2]
Impact
By removing the technographics that are often used to detect non-human traffic via Privacy Budget, marketers would not be able to rely on existing fraud detection and prevention services. Moreover, by not being able to detect which publishers' sites have relatively more non-human traffic more of marketers budgets will be spent on fraud.
Open Questions
- Can organizations other than Google create Trust Tokens? And if so, how can their quality of trust be compared?
- What validation service can redeeming organizations rely upon to ensure that a token is not copied from one web client to multiple others?