Honey co-founder Ryan Hudson defends extension amid fraud detection allegations

A safety researcher uncovered a complicated alleged fraud detection evasion system embedded in PayPal’s Honey browser extension on December 30, 2025, revealing that the coupon-finding device has allegedly been systematically hiding its affiliate fee diversion practices from trade compliance testers since October 2017.

The investigation by content material creator MegaLag documented how Honey co-founders Ryan Hudson and George Ruan allegedly engineered what the researcher termed a “selective standdown” system that adjusts the extension’s habits based mostly on consumer profiling to find out whether or not somebody is a reputable shopper or an affiliate trade insider testing for compliance violations.

Hudson not works at Honey or PayPal and has moved on to launch ZeroClick, an promoting community for AI chatbot merchandise that raised $55 million in August 2025 from lots of the similar buyers who backed Honey. “I not work at Honey or PayPal, cannot communicate for them, and haven’t any present information of the enterprise,” Hudson stated on Twitter. “We bought Honey in January 2020 and I left in early 2022.”

In accordance with the technical documentation, Honey’s system analyzes a number of alerts to determine compliance testers, together with whether or not customers are logged into affiliate community web sites, particular cookies in browsers, e mail addresses containing the phrase “take a look at,” account age, cashback factors amassed, and login standing. When the extension detects these high-risk indicators, it behaves compliantly by respecting affiliate monitoring hyperlinks. For customers who cross all engagement thresholds, Honey allegedly ignores standdown protocols and diverts commissions.

The technical structure reveals that Honey shops standdown guidelines on cloud servers accessible by a selected URL that refreshes each hour, permitting builders to switch habits throughout 14 million Chrome customers with out requiring extension updates or offering transparency to customers or affiliate networks. Archives from the Wayback Machine present these guidelines existed as early as October 2017, suggesting the system allegedly operated for eight years below each Honey’s authentic management and PayPal’s possession following the $4 billion acquisition in 2020.

Safety researcher Ben Adelman independently verified the findings and characterised the system’s goal in an interview included within the investigation. “Honey stands down, however solely generally,” Adelman stated. “They are not doing it randomly. They’re doing it based mostly on articulable components that we will see within the code, we will see within the packet log, and we will even infer their intent based mostly on what we see there.”

Hudson responded to the allegations on Twitter, defending Honey’s practices and characterizing the investigation as misleading. “It wasn’t till I not too long ago went frame-by-frame that I spotted simply how a lot had been fabricated in pursuit of a viral narrative,” Hudson acknowledged. “Past what I’ve proven right here, there are different sections the place I discovered irregularities that make me query the authenticity of what’s introduced.”

The co-founder tried to rebut particular claims about coupon code administration. “I attempted to clarify that is not the way it works,” Hudson acknowledged in response to allegations that corporations may pay Honey to decide on which coupons to show, in keeping with the Twitter exchanges. “He bases this false declare on 1) an quote from a third get together edited to take away context, 2) utilizing self-importance code like HONEY10, and three) submitting his personal codes and them not being revealed.”

Nonetheless, the investigation documented that Honey’s base engagement guidelines initially required zero cashback factors, no minimal account age, and no login requirement in keeping with 2023 archives. Community-specific guidelines for Rakuten LinkShare affiliate hyperlinks and store-specific guidelines for corporations together with TTMX, Reserving.com, Chaos Sports activities, The Udie, and Calming Blanket represented the one exceptions, doubtless indicating these entities raised compliance considerations.

PayPal modified the system’s thresholds after lawsuits started in late 2024, implementing a 65,000 cashback level requirement below base guidelines that successfully limits how incessantly Honey allegedly engages in fee diversion. Nonetheless, builders inadvertently left a Rakuten-specific rule requiring solely 5,000 factors, creating an oversight that enabled the researcher to reveal the system’s continued operation utilizing PayPal’s unmodified, publicly obtainable extension.

The system incorporates what the researcher recognized as a “grasp kill swap” managed from Honey servers that may immediately disable the whole selective standdown structure. This server-side management mechanism operates independently of the browser extension, which means PayPal may deactivate the system globally with out customers or affiliate networks detecting the change by regular extension monitoring.

Hudson defended Honey’s method to affiliate commissions and cashback rewards. “At any time when doable Honey shared affiliate commissions with customers as Honey Gold (money again),” Hudson acknowledged on Twitter. “We had been very clear about how our enterprise labored, partly as a result of individuals all the time puzzled if we bought knowledge (we did not).”

He framed the controversy as a query of consumer alternative versus creator compensation. “The video deliberately avoids a dialogue of whether or not customers must be allowed to earn money again, even when they click on on an affiliate hyperlink from a creator,” Hudson acknowledged in keeping with the Twitter thread. “Personally, I feel consumer alternative ought to take precedence any time you’re monitoring customers.”

Honey’s cookie monitoring represents one other invasive ingredient of the structure. The extension tracks cookies from affiliate networks together with Fee Junction, AWIN, Rakuten LinkShare, ShareASale, and competitor Swagbucks. When any of those cookies seem in a consumer’s browser, Honey instantly switches to compliant habits no matter different engagement thresholds.

Database evaluation revealed that Honey claimed to scan “hundreds of thousands” of coupon codes in advertising supplies however maintained solely 85,000 codes on the time knowledge was collected, with 12,000 marked as expired. The system displayed expired codes as “Honey unique” promotions on iOS and Firefox browsers, presenting customers with non-functional coupons whereas censoring the precise code textual content.

Monetization notes left by Honey builders in spreadsheets documented the corporate’s consciousness of affiliate community coupon insurance policies and alleged deliberate violations of these phrases. A number of entries acknowledged variations of “Phrases have the coupon clause. No knowledge on enforcement but” and “The phrases have the coupon clause. We simply added them. So not sure if that is enforced but,” indicating Honey allegedly joined affiliate applications, acknowledged coupon distribution restrictions, however deliberately disregarded insurance policies till enforcement motion occurred.

Main affiliate networks implement standdown insurance policies requiring browser extensions to respect present affiliate monitoring when customers click on referral hyperlinks earlier than reaching checkout pages. The IAB Australia Affiliate Program Compliance Guide launched November 27, 2025, explicitly categorizes cookie stuffing and toolbar violations as technical compliance breaches requiring investigation and enforcement.

Most affiliate networks specify standdown period necessities of their phrases of service, however archives present Honey set arbitrary one-hour standdown home windows in present guidelines, down from simply six minutes in 2023. Neither timeframe aligns with normal affiliate community insurance policies, which usually require respecting monitoring cookies all through the whole procuring session.

The investigation discovered that 27,000 of Honey’s 85,000 coupon codes got here from affiliate networks, 23,000 had been manually added by staff together with 9,000 Honey-branded codes, and 34,000 had been user-submitted. Developer notes from 2016 revealed Honey scraped competitor websites Retail Me Not and Coupon Comply with for added codes, contradicting advertising claims of automated internet-wide coupon harvesting.

Honey’s Shopify app, which stays documented on the corporate’s web site, allowed retailer homeowners to handle which coupons appeared in Honey’s database with out requiring equivalent-value replacements. The FAQ explicitly states shops may “select which of them you’d prefer to make obtainable to Honey members and which of them you’d prefer to take away from the Honey system” with solely a requirement to take care of at the very least one energetic code.

This contradicts statements made by Hudson in a Reddit submit trying to rebut the preliminary investigation. Hudson claimed Honey required manufacturers to switch eliminated public coupons with Honey-branded codes of equal worth as “strict coverage” throughout his tenure. The Shopify app launched in 2021 whereas Hudson remained on the firm.

Hudson concluded his Twitter defense by asserting Honey’s legitimacy. “Merely put, Honey was by no means a rip-off to defraud customers or creators,” Hudson acknowledged.

Safety researcher Vladimir Palant found in 2020 that Honey encrypted particular code sections to hide them from exterior evaluation. Palant’s revealed analysis included screenshots displaying references to “SSD” and affiliate community cookies, offering the earliest public documentation of the selective standdown system’s existence earlier than PayPal’s 2020 acquisition.

The researcher traced the system by almost 300 archived extension variations courting to 2014, discovering encrypted selective standdown code in model 10.5.2 launched October 2017. This timing locations the alleged system improvement below the unique co-founders’ management roughly three years earlier than PayPal’s acquisition.

Affiliate internet marketing operates on last-click attribution fashions the place the ultimate touchpoint earlier than buy receives fee credit score. Browser extensions that insert themselves at checkout allegedly exploit this method by changing earlier referral monitoring, a apply multiple class action lawsuits have characterised as systematic fee theft affecting content material creators who promoted merchandise by affiliate hyperlinks.

Linus Media Group terminated its partnership with Honey after roughly 160 sponsored segments garnering 194 million views when the corporate declined to switch alleged fee diversion habits in keeping with e mail communications reviewed in investigations.

Ben Adelman addressed potential prison legal responsibility through the interview, drawing comparisons to wire fraud statutes. “Legal fees for company misconduct are fairly uncommon in the USA,” Adelman acknowledged. “But when I had been in cost, this type of misconduct the place you deliberately falsify the outcomes that skilled testers get with the intention to advance what you are promoting advantages seems like a violation of wire fraud.”

Adelman emphasised the seriousness of alleged detection evasion ways particularly. “A program that detects testers and hides from testers is extremely irritating,” Adelman acknowledged in keeping with the transcript. “It signifies unhealthy religion within the testing course of. The community must be offended based mostly on the information. Anybody who has an utility below take a look at that’s hiding from the take a look at, they need to be offended about that.”

The investigation documented 13,800 shops in Honey’s database with no cashback gives and no energetic coupons, representing partnerships the place Honey allegedly earned affiliate income purely from consumer visits with out offering any purposeful profit. All 13,800 shops had been partnered with Honey by affiliate networks.

Over 2,000 manufacturers disabled user-submitted coupons by a devoted function flag in Honey’s system, nearly all of which maintained affiliate partnerships with the extension. This contradicts the service’s marketed worth proposition of discovering each working code on the web and making use of the perfect obtainable low cost.

Honey declined from a peak exceeding 20 million Chrome customers to 14 million as of July 2025 following the preliminary investigation revealed December 22, 2024. The extension misplaced one other million customers between the primary investigation and the newest knowledge assortment, suggesting continued exodus as consciousness of alleged fee diversion practices spreads.

Hudson expressed frustration with the delayed response timeline. “It has been irritating to observe what I knew was a misleading video unfold unchecked by information,” Hudson acknowledged on Twitter in keeping with the doc. He acknowledged the delay in his public response, stating “ya fairly delayed. I hoped he would right the file in video #2 however that stopped seeming doubtless. and it was naive of me to assume would occur within the first place however I like to provide individuals the advantage of the doubt.”

When requested why PayPal and Honey didn’t situation an official response to the preliminary investigation, Hudson defined his restricted information. “I do not know – I bought Honey to PayPal over 5 years in the past and left over 3 years in the past,” Hudson acknowledged in keeping with the Twitter doc. “If I had been to invest based mostly on the general public statements the lawsuits shifted the response to authorized as a substitute of product groups working with comms. May very well be an fascinating case research some day.”

PayPal acquired Honey in January 2020 for about $4 billion, representing one of many cost platform’s largest acquisitions. The corporate has had 5 years to determine, examine, and report the selective standdown system to authorities or affiliate community companions however allegedly as a substitute made a number of modifications to the system’s thresholds whereas permitting core performance to proceed working.

Hudson has since pivoted to constructing ZeroClick, described as an promoting community for AI environments. “I am on a mission to make the open web work higher for individuals,” Hudson acknowledged on his LinkedIn profile. “In 2012, I created Honey to assist 30 million individuals save money and time procuring on-line.”

In accordance with an AdExchanger, ZeroClick launched after Hudson based Pie Adblock in January 2024, a browser extension for ad-blocking options with roughly two million customers. “At Pie we’re rebuilding the financial engine of the web with individuals accountable for their promoting expertise,” Hudson acknowledged on LinkedIn in keeping with the profile doc.

The ZeroClick enterprise introduced a $55 million funding in August 2025 from lots of the similar buyers and funds that backed Honey. “I am excited to announce that ZeroClick has acquired Modern,” Hudson acknowledged on LinkedIn in keeping with the doc. “The way forward for AI is greater than a chatbot. It is AI that involves you. AI that understands what you are doing proper now and helps you do it higher. AI that lives in your browser the place you truly work and make selections.”

Hudson instructed AdExchanger that ZeroClick works by permitting publishers, retailers, or builders to embed the product into their very own AI-based options. “I strongly consider the native advert format for AI goes to be – and we’ll attempt to make it’s – paid consideration on the reasoning time,” Hudson acknowledged in keeping with the AdExchanger article.

The ZeroClick founder defined the pivot from contextual promoting to AI-based merchandise. “After we realized what we might constructed was extremely relevant to AI environments,” Hudson acknowledged within the AdExchanger interview. He famous that the challenges of advert blocking and AI promoting are comparable, with customers wanting procuring adverts for merchandise they had been eager about relatively than all adverts eliminated.

Hudson positioned ZeroClick as an alternative choice to potential monopolistic management by main AI platforms. “I feel the entire AI gamers [OpenAI, Google, Microsoft, et al.] are going to have one thing like this, and my sense is they’ll wish to personal it,” Hudson acknowledged in keeping with AdExchanger. “I would desire for it to exist exterior the partitions of any core incumbent.”

The ZeroClick crew consists of about 30 full-time staff, most of them previously of Honey, engaged on integrations that enable AI instruments, chatbots, or brokers to entry paid data assets contributed by shoppers. “We realized that regardless of how huge we made Pie,” Hudson acknowledged in keeping with AdExchanger, “it was going to be subscale as an advert system.”

Federal Commerce Fee enforcement actions reveal regulatory consideration to e-commerce fraud, with the company securing over $20 million in judgments towards Click on Revenue operators in August 2025 for systematic deception involving false earnings claims and enterprise alternative misrepresentations.

Related advertising fraud cases have resulted in prison fees, together with the Close to Intelligence scheme the place executives confronted wire fraud indictments for manipulating income by fictitious promoting transactions that misled buyers and audit companies.

The advertising group faces implications for affiliate attribution accuracy and marketing campaign measurement. Browser extensions with important consumer bases can allegedly systematically disrupt last-click attribution fashions that stay normal throughout e-commerce platforms, making dependable efficiency analysis difficult when monitoring interference goes undetected.

Content material creators and affiliate entrepreneurs who depend on fee income from referral site visitors face direct monetary impression when browser extensions allegedly substitute their monitoring cookies at checkout. Class motion litigation in search of damages exceeding $5 million progressed after federal courts denied PayPal’s movement to compel arbitration in November 2025, permitting plaintiffs to pursue collective treatments relatively than particular person arbitration proceedings.

Affiliate networks now confront proof that one in all their largest companions allegedly engineered refined techniques particularly designed to evade compliance testing whereas systematically violating standdown insurance policies. The alleged detection evasion ways—monitoring affiliate community cookies, scanning for test-related e mail addresses, and profiling consumer engagement—reveal alleged intentional efforts to hide non-compliant habits from oversight mechanisms.

Google implemented restrictions affecting affiliate content material visibility throughout main writer websites in September 2024, with Forbes Advisor, CNN Underscored, Wall Avenue Journal Buyside, and Marketwatch Guides experiencing substantial site visitors declines because the search engine changed affiliate sections with e-commerce outcomes and AI-generated overviews.

Privateness implications lengthen past alleged internet online affiliate marketing fraud to invasive browser monitoring practices. Honey scanned cookies solely unrelated to coupon-finding performance, monitoring whether or not customers visited affiliate community platforms or logged into trade accounts. This surveillance operates with out consumer consciousness or consent, doubtlessly violating knowledge safety laws throughout a number of jurisdictions.

The researcher revealed complete knowledge information documenting Honey’s retailer database, coupon stock, and selective standdown guidelines for unbiased verification. Ben Adelman plans to launch extra technical evaluation on his weblog inspecting packet logs and code construction that assist the fraud allegations.

Ryan Hudson initially contacted the researcher on Twitter providing to debate findings, then requested full authorized identify and deal with for licensed mail supply, which the researcher characterised as litigation threats. Hudson subsequently posted a prolonged response on Reddit trying to rebut allegations however offered no documentation contradicting the technical proof or database contents.

Hudson characterised the investigation as containing fabrications and distortions. “I get why individuals are offended after watching Jonathon’s video – the story sounds damning,” Hudson acknowledged on Twitter in keeping with the doc. “However hopefully when you see by the distortions driving his narrative you may have some questions for him. The accusations do not even maintain as much as proof offered within the video itself.”

PayPal has not disclosed who developed the selective standdown system or when executives grew to become conscious of its existence and performance. The corporate’s assertion following the preliminary investigation claimed data was “factually incorrect” with out specifying which findings had been disputed or offering opposite proof.

Affiliate networks together with Rakuten LinkShare, AWIN, Fee Junction, ShareASale, and Influence.com implement program phrases requiring publishers to make use of solely authorised promotional codes distributed by official channels. These insurance policies shield manufacturers from unauthorized coupon distribution whereas sustaining management over low cost methods and margin administration.

The investigation estimated potential wire fraud legal responsibility based mostly on eight years of operation allegedly affecting 1000’s of content material creators throughout hundreds of thousands of transactions. Whereas prison prosecution stays unsure given regulation enforcement useful resource constraints and technical complexity, civil litigation has already superior by federal court docket with class certification proceedings underway.

For digital entrepreneurs evaluating browser extension impression on marketing campaign attribution, the Honey case demonstrates how middleman instruments can allegedly systematically distort efficiency knowledge whereas concealing interference by refined detection evasion. Advertising and marketing attribution turns into unreliable when last-click fashions are compromised by extensions that allegedly inject themselves between buyer journey touchpoints and ultimate conversion monitoring.

Hudson’s transition from Honey to ZeroClick represents a continuation of his work in browser-based commerce instruments, although the alleged fraud revelations have forged a shadow over his earlier enterprise. The co-founder maintains that Honey operated transparently and in customers’ pursuits, positioning cashback rewards as reputable consumer alternative relatively than fee theft from content material creators.

The controversy highlights basic tensions in internet online affiliate marketing economics between consumer profit, creator compensation, and platform monetization. Hudson’s protection facilities on consumer empowerment and selection, whereas critics level to alleged systematic evasion of trade compliance mechanisms designed to forestall precisely the fee diversion practices documented within the investigation.

As Hudson builds ZeroClick with former Honey staff and buyers, the alleged selective standdown system raises questions on detection evasion practices doubtlessly extending into new enterprise ventures. The LinkedIn profile exhibits Hudson labored at Honey from October 2012 by March 2022, spanning the whole interval when archives doc the selective standdown system’s improvement and operation.

Hudson’s background consists of an MBA from MIT Sloan Faculty of Administration and a BS in Operations Analysis and Laptop Science from Cornell College. He beforehand labored as a Product Supervisor at OpenX from 2013 to 2015 on “Cellular and desktop merchandise to forestall adtech fraud and abuse,” in keeping with his LinkedIn profile, suggesting experience within the precise compliance mechanisms that Honey allegedly evaded.

The AdExchanger article notes that regardless of ZeroClick’s positioning as an advert community, it doesn’t at present combine with OpenRTB environments or operate as a conventional programmatic promoting platform. “I feel there is a world sooner or later the place we do faucet into a complete bunch of value-added suppliers bringing demand to the desk, whether or not that is businesses or different networks bidding into the platform on behalf of advertisers,” Hudson acknowledged in keeping with the article.

For now, ZeroClick focuses on letting retailers or AI builders combine to subsidize their very own merchandise. Hudson expressed hope that the AI promoting ecosystem would keep away from monopolistic management. “I would desire for it to exist exterior the partitions of any core incumbent,” Hudson acknowledged in keeping with AdExchanger, echoing themes of decentralization and consumer management that characterised Honey’s advertising positioning.

The controversy surrounding Honey’s alleged detection evasion system continues to unfold by ongoing litigation and regulatory scrutiny, whereas Hudson builds his subsequent enterprise within the quickly growing AI promoting panorama.

Timeline

• October 2012: Ryan Hudson co-founds Honey with George Ruan
• 2013-2015: Hudson works as Product Supervisor at OpenX on fraud and abuse prevention
• October 2017: Honey model 10.5.2 launched containing earliest documented selective standdown system code in keeping with archive evaluation
• January 2020: PayPal acquires Honey for about $4 billion
• October 2020: Safety researcher Vladimir Palant publishes investigation revealing Honey encrypts code sections to hide performance from evaluation
• 2021: Honey launches Shopify app permitting retailers to handle coupon availability with out requiring equivalent-value replacements
• March 2022: Ryan Hudson departs PayPal/Honey after nine-and-a-half years with the corporate
• 2023: Archived standdown guidelines present six-minute compliance home windows and minimal consumer engagement necessities for selective enforcement
• January 2024: Hudson founds Pie Adblock, browser extension for ad-blocking with consumer management options
• December 22, 2024: Preliminary investigation exposes alleged fee diversion practices affecting content material creators
• April 2025: Hudson posts Twitter thread and Reddit AMA defending Honey’s practices and characterizing investigation as fabricated
• July 2025: Honey declines to 14 million Chrome customers from peak exceeding 20 million
• August 2025: ZeroClick proclaims $55 million funding from buyers who beforehand backed Honey
• September 2025: AdExchanger profiles ZeroClick launch as AI promoting community with former Honey crew
• November 7, 2025: Federal court docket denies PayPal arbitration motion, permitting class motion to proceed in federal court docket
• November 27, 2025: IAB Australia releases compliance framework categorizing cookie stuffing and toolbar violations as technical compliance breaches
• December 2025: ZeroClick acquires Modern to convey AI capabilities to browser-based purposes
• December 30, 2025: Technical investigation exposes alleged selective standdown system engineering and detection evasion structure

Abstract

Who: Ryan Hudson, co-founder of Honey who left PayPal in March 2022 and now leads ZeroClick, an AI promoting community that raised $55 million in August 2025 from buyers who beforehand backed Honey. Hudson defends his former firm’s practices whereas constructing a brand new enterprise with roughly 30 former Honey staff.

What: A classy selective standdown system allegedly engineered throughout Hudson’s tenure to cover affiliate fee diversion from compliance testers by profiling customers by engagement metrics, affiliate community cookies, e mail addresses, and login standing. Hudson characterizes the allegations as fabricated distortions whereas sustaining Honey operated transparently in customers’ pursuits by cashback rewards that prioritize consumer alternative over creator affiliate commissions.

When: System improvement traced to October 2017 by archived extension variations, allegedly working repeatedly throughout Hudson’s nine-and-a-half years with Honey from October 2012 by March 2022, three years earlier than the preliminary investigation revealed December 22, 2024. Hudson responded in April 2025 with Twitter and Reddit defenses whereas persevering with to construct ZeroClick.

The place: Detection evasion structure operates by cloud-based guidelines saved on Honey servers affecting affiliate transactions throughout 1000’s of e-commerce platforms. Hudson now operates ZeroClick from Los Angeles with former Honey staff, positioning the AI promoting community as an alternative choice to monopolistic management by main platforms like OpenAI, Google, and Microsoft.

Why: The system allegedly allows systematic fee theft price doubtlessly hundreds of thousands of {dollars} by exploiting last-click attribution fashions whereas avoiding detection from compliance testing. Hudson defends the practices as prioritizing consumer alternative and cashback advantages, framing the controversy as a query of consumer empowerment versus tracking-based monetization whereas constructing a brand new promoting enterprise focusing on AI environments with comparable browser-based integration approaches.