Always Be Testing #112 — Affiliate Networks Drop Honey: What Really Happened

Host: Tye DeGrange
Guest: Ben Edelman
Date: January 23, 2026

Overview

This emergency episode of the Always Be Testing podcast delves into a major scandal in the affiliate marketing industry: Honey, the popular browser extension owned by PayPal, was removed from several major affiliate networks after revelations surfaced of serious, deliberate violations of industry rules. Tye DeGrange and guest Ben Edelman—a noted expert on affiliate fraud and industry ethics—break down what happened, how it was discovered, and what it means for publishers, networks, and the broader world of performance marketing.

Key Discussion Points & Insights

1. The Role and Rules of Affiliate Marketing

[01:06–03:01]

• Affiliate marketing’s intent: To compensate the party that genuinely caused a sale.
• Problem with browser extensions: Extensions like Honey can “pop up” after another affiliate has driven a user to a site, potentially “stealing” credit and commissions.
• The Stand Down Rule: For decades, industry consensus and network contracts require the software plugin to “stand down” and not override other affiliates’ referrals if a user has already been referred to a merchant.
• Violations historically occurred, but Honey’s case is more egregious due to intentional concealment rather than accidental technical errors.

Quote:

“The problem is stand down has been notoriously finicky... The mistakes are always in the direction that provides a financial benefit to the software publisher and takes money away from the normal web publisher.”
— Ben Edelman [02:14]

2. What Happened With Honey

[03:01–08:14]

• Timeline: During Affiliate Summit, Rakuten announced Honey’s removal, followed by Impact and Awin.
• Nature of violation: Honey structured its code to evade detection by quality teams, testers, and affiliate managers.
• How evasion worked:
  • New accounts (less than 30 days old) were excluded from rule-breaking to evade tester detection.
  • Most seriously, Honey read users’ browser cookies to see if they had logged into affiliate network dashboards (such as CJ or Impact). If detected, the plugin followed the rules for these users (presumed to be testers or professionals), while breaking them for everyone else.
• Ethical violation: This deliberate targeting to avoid detection is seen as deliberate fraud and concealment.

Quote:

“If they see that you logged into the CJ dashboard or logged into the impact dashboard... 'Well, we're going to follow the rules for you.' And meanwhile for normal users who haven't logged in... It shows what they are trying to achieve and the fact that they are trying to achieve it is the violation.”
— Ben Edelman [04:27]

3. Impact on Content Publishers and the Ecosystem

[08:14–11:20]

• Example scenario: A legitimate content site (e.g., NYT Wirecutter) refers a user to a merchant. Honey jumps in at the final step, claims the commission, and deprives the content site of revenue.
• Economic impact: Genuine publishers have high operational costs and depend on these commissions; browser plug-ins like Honey don’t have those costs but can siphon off rewards.
• Attribution: The core of the debate centers on who should get credit and whether the rules as written were properly enforced.

Quote:

“It's not like a fake transaction. It's a fake referral. Fake in the sense that the real referral was from Wirecutter, but Honey jumps in at the last second and claims commission on it.”
— Ben Edelman [09:09]

4. Details of the Stand Down Rule and Industry Enforcement

[11:20–15:57]

• Origins: The “stand down rule” dates to at least 2002, designed to ensure fairness for web publishers.
• Implementation: Each affiliate network writes its own contracts, slightly different but with the same intent.
• Merchant motivations: Merchants want to attract high-quality publishers and ensure commissions are paid fairly according to effort and value.

Quote:

“You have to let the web publisher get first chance. Why? ...because it's some notion of fairness that it wouldn't be fair for the software publisher always to get the last chance to be the last click.”
— Ben Edelman [13:13]

5. Network Reactions & Accountability

[15:57–18:26]

• Varying speed of enforcement: Networks like Rakuten, Impact, and Awin responded differently. Some expelled Honey rapidly; others suspended.
• Awin’s unique stance: Required Honey to pay for the “cleanup” of its damage, including forensics and perhaps even expert consultation.
• Financial consequences: Fines and reparations are expected, possibly exceeding Honey's ill-gotten gains.

Quote:

“AWIN to its credit says Honey will be paying those costs, with an implied or else. If they don't, maybe they'll start to see a worse suspension or an expulsion…”
— Ben Edelman [17:54]

6. The Forensics: How Honey Was Caught

[18:26–22:19]

• Ben’s approach: Both hands-on testing and inspecting Honey’s source code (Chrome plugin code can be analyzed, though it’s obfuscated).
• Cross-validation: Code, config files, and telemetry all confirmed intentional evasion and concealment.
• Tricks used:
  • Stand down periods as little as 6 minutes (not contractually compliant).
  • Separate, obfuscated lists in code to hinder detection by outside investigators.
• Result: All evidence proved Honey was selectively obeying rules only when likely being observed/tested.

Quote:

“Six minutes is clearly wrong. Six hours is dubious too... Six minutes is really just enough to trick a tester.”
— Ben Edelman [21:52]

7. Legal and Industry Implications

[22:19–26:42]

• Litigation: Evidence now strongly supports class action suits against Honey; Ben predicts affected publishers will win and receive damages.
• Other plugins: No evidence others took similarly concealed steps, but Ben implies there may be more yet to be revealed.
• Internal fallout: PayPal (Honey’s parent) is blaming Honey’s prior leadership; evidence shows both pre- and post-acquisition culpability.
• Regulation: Unlikely in the U.S. (B2B context), but more likely or already present in Europe.

Quote:

“With these facts, they have a winning case. With the facts as they pled it. I don't know if they had a winning case, but now they do.”
— Ben Edelman [25:30]

8. Advice for Brands, Agencies, and the Industry

[26:42–28:13]

• Agency skepticism: Tye expresses that many agencies have long been wary of downloadable browser extensions.
• Need for education: The industry still faces knowledge and perception gaps around these issues; ongoing, open discussion is crucial.
• Ben’s invitation: Offers his expertise for those who want to understand, investigate, or protect themselves from affiliate fraud.

Notable Quotes & Memorable Moments

• Ben on ethical issues:

  “Frankly, not to steal other people's candy, not to jump in at the last second and claim commissions that were supposed to flow to others.” [07:32]

• On the future of accountability:

  “The fine is supposed to deter and discourage... When you start thinking about it that way, there could be a lot of money for testers, there could be money for networks to convene thought leaders.” [17:09]

• On where to reach Ben:

  “Type my name into Google and up it pops. I'm also advising a company called VPT Visible Performance Technologies, where we test things like this with automation at scale.” [28:13]

Important Timestamps

• [01:06] — Affiliate marketing fundamentals and the “stand down rule”
• [03:01] — Affiliate Summit and the industry’s reaction to Honey
• [04:27] — How Honey evaded detection using cookies and account age
• [08:33] — Detailed walkthrough of a typical commission hijacking scenario
• [13:13] — Rationale behind the stand down policy
• [17:54] — Awin’s decision to make Honey pay all remediation costs
• [18:54] — Details of forensic investigation and code review
• [21:05] — Honey’s “stand down” windows as short as 6 minutes
• [24:56] — Internal disputes between PayPal and Honey’s founders
• [25:30] — Prediction of class action success against Honey
• [28:13] — Ben shares how listeners can contact him for more help

Conclusion & Next Steps

This episode exposes a significant, deliberate breach of affiliate network standards by Honey—a browser extension giant. The discussion by Tye and Ben not only details the technical and legal aspects of the violation but also highlights broader industry lessons: the need for vigilance, more consistent enforcement, and continued education regarding the risks inherent with browser-based affiliate tools. The episode encourages brands, agencies, and publishers to re-examine their partnerships and due diligence processes as the fallout from the Honey revelations continues.