Fraud Prevention & Trust
Paying users for responses changes the incentive structure. Without controls, your campaign budget gets drained by bots, click-farms, and opportunists. This page explains every layer of defence and how to tune them.
The four-layer defence
| Layer | Catches | You can tune |
|---|---|---|
| 1. Widget-level | Bots without JS, headless browsers, no-consent submissions | No (baked-in) |
| 2. Rate limits | Rapid-fire from same IP / device / email | Yes |
| 3. Quality scoring | Low-effort text, copy-paste, AI-generated content | Yes (rejection floor) |
| 4. Pattern detection | Coordinated multi-account reward farming | Yes (cooldown, per-user caps) |
Layer 1 — Widget-level filtering
Baseline filters that run on every submission, no configuration:
- JS-required. The widget is a JS app — non-JS bots can't submit.
- Browser fingerprint. A lightweight fingerprint (user agent, language, timezone) is attached to every submission. Discrepancies (e.g.
en-USuser agent withAfrica/LagosIP) raise the score threshold. - Shadow DOM isolation. Prevents your site's scripts from auto-filling or replaying submissions.
- Cooldown cookie. A single user can't submit twice in 24h without clearing cookies (cookie name:
p4f_consent, 180-day expiry).
Layer 2 — Rate limits
Every tenant has default limits:
| Limit | Default |
|---|---|
| Submissions per IP per hour | 3 |
| Submissions per device fingerprint per hour | 3 |
| Submissions per email (claim time) per 30 days | 5 |
| Campaign-wide submissions per hour | 200 |
Going over any limit: submission is accepted but flagged as THROTTLED and the user sees a polite "We already have your feedback, thanks!" message.
Raise limits from Settings → Tenant → Fraud Thresholds (Growth plan and up).
Layer 3 — Quality scoring as fraud filter
The AI quality score doubles as a fraud filter:
- Low-effort text (one-word answers, repeated punctuation) scores near zero.
- Copy-paste detection. We compute bi-gram similarity against all submissions from the past 24 hours; >85% similarity → rejected as duplicate.
- AI-generated content heuristics. Long, perfectly-structured, emotionally-flat prose is flagged and its score capped at 50. This is imperfect — we err on the side of false negatives to avoid rejecting legitimate polished writing.
Raise the rejection floor (default 30) to tighten: Settings → Campaign → Advanced.
Layer 4 — Pattern detection
Looks for coordinated abuse across multiple accounts:
- Email clustering. Free-mail domains (
@gmail,@yahoo) submitting similar responses in the same hour get flagged. - Timing patterns. Submissions at regular intervals (bot-like) get flagged.
- Reward concentration. One email claiming >3 rewards from your tenant in 30 days → automatic claim freeze and email-based identity check.
- Geographic anomalies. Campaigns targeted at US users suddenly receiving submissions from Bangladesh get a heightened rejection floor.
All pattern detections go into the Audit Log with a reason code. You can overturn individually.
User-level reward cooldown
Prevent the same user from earning the max reward every day by setting a cooldown:
- Dashboard → Campaign → Advanced → Reward cooldown.
- Default: 10 days between rewards to the same email.
- Range: 0–365 days.
Cooldown is enforced at claim time, not submission time — the user can submit, but if they're still in cooldown they see "You've already earned from us recently; come back after DATE."
What's not filtered
Pay4Feedback does not filter for content correctness. If a user writes an abusive rant that happens to be articulate and detailed, the AI will score it high and you'll pay them.
For content moderation, use Manual Review mode: every submission is read by a human before payout. See Approval Workflow.
Reporting abuse
If you see a submission you believe is fraudulent:
- Open it in the Feedback tab.
- Click Report abuse (top right).
- We investigate within 48 business hours.
- If confirmed, the reward is clawed back (Tremendous-side), the submitter is shadow-banned across all Pay4Feedback tenants, and your budget is credited.