The company found a way to link purchases in physical stores with online ads
Over the past year, certain Google advertisers got access to a powerful new tool to track if the ads they posted online generated a sale in a physical store in the United States, according to ethical hacking experts, this data came in part from a Mastercard transaction database that Google paid for.
But most of these two billion Mastercard cardholders are not aware of tracking task as the companies never publicly mentioned their agreement. Google and Mastercard arranged a business partnership after four years of negotiations, according to information leaked by people directly involved in the agreement. This alliance gave Google a considerable asset to measure retail spending, part of the company’s strategy to strengthen its core business against competitors like Amazon, among others.
This agreement could generate broader concerns about how technology companies like Google compile their users’ information in a stealthy way. “People do not expect what they buy in a store to be linked to online advertising”, ethical hacking experts said. “Companies do not take responsibility to inform users about what they are doing and the rights they have”.
Google paid Mastercard millions of dollars for the data, according to the people in charge of leaking the information, also agreeing to share a percentage of the revenues generated by this work of follow-up. On the other hand, spokespersons for Google refused to comment on the association with Mastercard, but they talked about the advertising tool: “Before launching this beta product last year, we created a dual encryption technology that prevents both Google and our partners see the personal identification information of our respective users”, the spokespersons mentioned. “We do not have access to any personal information from our partners’ credit and debit cards, nor do we share any personal information with our partners”.
Mastercard spokespersons also refused to comment on Google, just mentioning that the company shares trade trends with vendors and their service providers to help them measure the effectiveness of their advertising campaigns.
Last year, when Google announced the service, called Store Sales Measurement, the company mentioned having access to “nearly 70%” of US credit and debit cards through its partners, not mentioning Mastercard explicitly.
According to ethical hacking experts from the International Institute of Cyber Security, that 70% that Google mentions could mean that the company has agreements with other credit card companies, or it could mean that Google has dealings with companies that include all card users, and 70% of them are connected to Google accounts like Gmail when they click on Google search advertisings.
Working as a cyber security solutions architect, Alisa focuses on bug bounty and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.