Authenticating click fraud… Alan Chapell has this to say:
Which leaves me with one thought-- it would seem that the best answer (perhaps, ultimately, the only answer) lies in authenticating clicks. As I've just mentioned, some analytics firms are providing a basic level of authentication by looking at IP addresses and geographic data. If we're really going to get at the root of the click fraud problem, however, we're going to need to understand more about who's clicking.
Yet here's where privacy issues can start to arise. To "authenticate" a click implies having to look closely at consumer data. To make this work, the search engine would need to collect a good deal of information about the click -- and clicker -- that is being authenticated. It might even require that the engines reference a profile of past searches and clicks as a sort of reputation score. After all, this is part of how email senders are authenticated, too.