How Ad Platforms Detect Multiple Accounts (Meta, Google, TikTok)

Understanding how ad platforms detect linked accounts is not academic — it is operational intelligence that directly determines whether your multi-account infrastructure survives or collapses. Every isolation decision you make should be informed by knowledge of what the platform is actually checking and how sophisticated those checks are.

This article provides a technical breakdown of the detection systems used by Meta, Google, and TikTok. These three platforms represent different generations and philosophies of detection technology, and understanding each one helps you build infrastructure that accounts for all of them. What follows is based on observable platform behavior, reverse engineering of detection scripts, patent filings, and industry research — not speculation.

Detection Signal Categories

Before examining each platform, it helps to understand the categories of signals that all platforms use. Every detection system draws from the same fundamental signal types, though each platform weighs them differently.

IP Fingerprinting

IP fingerprinting goes beyond simply recording your IP address. Platforms analyze:

IP reputation scoring:

Every IP address has a reputation score based on its history. IPs previously associated with spam, fraud, or policy violations carry lower scores.
IP type classification: datacenter, residential, mobile carrier. Each type carries different trust levels.
ASN (Autonomous System Number): The network operator for the IP. Known proxy service ASNs are flagged.

IP behavioral patterns:

How many ad accounts have logged in from this IP historically?
How many ad accounts were created from this IP?
What is the ratio of banned accounts to active accounts from this IP?
Is the IP associated with a known CGNAT range (mobile carrier)?

IP consistency analysis:

Does the account consistently log in from the same IP or IP range?
How often does the login IP change?
Does the IP geography match the account’s claimed location?

Why mobile carrier IPs are treated differently: Mobile carriers use CGNAT, which means a single IP address is shared by thousands of legitimate users simultaneously. Platforms know this and cannot use a mobile carrier IP alone as a strong linking signal. This structural characteristic is why mobile proxies are the only proxy type that reliably passes IP fingerprinting checks across all major platforms.

Browser and Device Fingerprinting

Fingerprinting collects dozens of attributes from your browser and device to create a quasi-unique identifier.

Canvas fingerprinting: The browser renders invisible canvas elements and the resulting image data is hashed. The hash varies based on:

GPU hardware and drivers
Operating system and version
Browser engine and version
Anti-aliasing and sub-pixel rendering differences

Canvas fingerprinting produces a hash that is not perfectly unique but is highly distinctive. Two sessions with the same canvas hash are very likely from the same device.

WebGL fingerprinting: Similar to canvas but uses 3D rendering:

WebGL renderer string (e.g., “ANGLE (Intel, Intel(R) UHD Graphics 630)”)
WebGL vendor string
Supported WebGL extensions
Rendering behavior differences between GPUs

Audio fingerprinting: The AudioContext API processes audio signals that produce device-specific output based on audio hardware and drivers.

Other fingerprint components: Font enumeration (installed fonts vary by OS and configuration), navigator properties (platform, CPU cores, device memory, language), and screen properties (resolution, color depth, pixel ratio) all contribute to the composite fingerprint.

Behavioral Analysis

Behavioral signals are the most difficult to fake because they emerge from how you use the platform, not from technical configuration.

Login patterns: Time of day, session duration, and frequency of logins create a behavioral profile.

Campaign management patterns: Click sequences during campaign creation, budget amounts, audience configurations, and creative upload patterns are tracked.

Creative similarity: Image perceptual hashing identifies visually similar images even with modifications. Text similarity analysis, landing page comparison, and video frame analysis extend this to all creative types.

Spending behavior: Budget ramp-up speed, spending distribution, and billing timing contribute to the behavioral profile.

Payment Linkage

Payment signals create the strongest, most permanent links between accounts:

Card number (hashed and stored permanently)
PayPal account ID
Bank account details
Billing name and address
Payment failure patterns (same card declined across accounts)

Phone Number and Email Graphs

Platforms build relationship graphs from phone numbers and email addresses:

Phone numbers used for account verification
Phone numbers associated with recovery options
Email address domain patterns
Email address naming patterns (sequential numbering, similar prefixes)

Meta’s Detection System

Meta operates the most aggressive and sophisticated multi-account detection system in the advertising industry. Understanding it in detail is critical for anyone managing multiple Facebook or Instagram ad accounts.

Meta’s Technical Architecture

Meta’s detection draws on multiple internal systems:

The Social Graph: Maps relationships between all entities — personal profiles, Business Managers, Pages, ad accounts, pixels, apps, and payment instruments. Any connection creates a permanent link.

The Integrity Systems: ML models trained on billions of data points identify patterns associated with linked accounts, fake accounts, and policy evasion.

Real-time JavaScript telemetry: Every Meta page loads JavaScript that collects canvas/WebGL fingerprints, font detection, plugin enumeration, CPU benchmarks, mouse movement patterns, and screen dimensions. This runs constantly, updating the fingerprint associated with your session.

Meta-Specific Detection Signals

Beyond the general categories, Meta uses some platform-specific signals:

Pixel associations: If two ad accounts fire the same Meta Pixel, they are linked. The Pixel ID is a direct connection between the accounts and the website where the Pixel is installed.

Page connections: If two Business Managers are associated with the same Facebook Page (even if the association is later removed), the historical connection persists.

App associations: If two ad accounts promote the same app (same App Store or Google Play listing), they are linked.

Domain verification: Meta’s domain verification creates a strong link between a Business Manager and a domain. A domain can only be verified by one BM.

Profile relationships: If the personal profiles that admin different BMs are “friends” on Facebook, or share mutual friends, or have interacted (comments, likes, messages), the BMs are associated.

Meta’s Enforcement Actions

Meta’s enforcement follows a flag-restrict-review-link-cascade pattern. The detection system flags accounts based on signal scores, restricts them (ad rejection, spending limits), then both automated and human review examine the flagged accounts. If linking is confirmed, enforcement cascades to all linked accounts.

Critically, enforcement is often delayed. An account might be flagged and linked but continue operating for weeks before action is taken. This delay leads operators to believe their setup is working when it has already been detected.

Google’s Detection System

Google’s detection is sophisticated but approaches the problem differently from Meta.

Google’s Technical Architecture

Google has unique advantages in detection:

Cookie ecosystem: Google’s advertising cookies are present on a vast number of websites via Google Ads, DoubleClick, and the Display Network. Browsing the web with Google cookies active across multiple ad account sessions links those accounts through shared browsing behavior.

Cross-product signals: Google correlates signals across its entire product suite — Chrome sync data, Gmail, Search history, YouTube, Analytics, Android devices, and Maps. This creates an identity graph far richer than what happens in the Google Ads interface alone.

IP and ASN analysis: Google operates one of the largest DNS services (8.8.8.8), and Google Analytics runs on millions of websites. Combined with high-accuracy IP classification (carrier, ISP, datacenter, VPN, proxy), Google builds detailed activity profiles for IP addresses.

Google-Specific Detection Signals

MCC structure: How accounts relate within Manager accounts affects trust scoring. Shared creatives, landing pages, or billing across MCC accounts raises flags.

Landing page analysis: Google crawls ad landing pages and compares content similarity, domain registration patterns, hosting infrastructure, and template structures across accounts.

Conversion tracking and Chrome sync: Shared Google Analytics properties, GTM containers, or conversion tracking IDs link accounts. Chrome browser sync across profiles meant for different accounts inadvertently links them through Google account associations.

Google’s Enforcement Pattern

Google builds trust gradually with new accounts and often suspends with an appeal option rather than issuing permanent bans. Enforcement can target individual accounts or entire MCCs. Cascade enforcement is less aggressive than Meta’s, though circumventing enforcement triggers cascading bans.

TikTok’s Detection System

TikTok’s ad platform is newer than Meta’s or Google’s, and its detection system is evolving rapidly. What it lacks in historical data depth, it compensates for with modern ML techniques and aggressive fingerprinting.

TikTok’s Technical Architecture

TikTok’s detection reflects its mobile-first heritage:

Device fingerprinting: Heavy emphasis on canvas/WebGL fingerprinting, device-level identifiers (IDFA/GAID), and hardware configuration.

IP reputation: TikTok checks IPs against commercial proxy databases that list known datacenter, VPN, and residential proxy ranges. Mobile carrier IPs are absent from these databases because they are legitimate carrier IPs shared via CGNAT.

Behavioral ML models: Trained on multi-account behavior patterns including account creation velocity, campaign similarity, creative asset matching (including video frame-by-frame analysis), and engagement patterns.

TikTok-Specific Detection Signals

TikTok Pixel linkage: Similar to Meta’s Pixel, TikTok’s tracking Pixel creates links between ad accounts and websites. Shared Pixels link accounts.

Creative matching: TikTok’s content analysis is particularly strong for video:

Video fingerprinting identifies similar videos even with modifications (speed changes, overlays, cropping, re-encoding)
Audio fingerprinting identifies the same music or voiceover across accounts
Text overlay extraction and comparison

Shop and commerce linkage: TikTok Shop and TikTok Commerce create additional linking signals:

Product catalog similarities
Shipping address and return address
Seller verification documents

TikTok’s Enforcement Pattern

TikTok’s enforcement is still developing:

Faster automated action: TikTok relies more on automated enforcement than human review, leading to faster but sometimes less accurate enforcement actions.
Appeal process: TikTok offers appeals, but the process is less mature and less responsive than Google’s.
Region-specific enforcement: TikTok’s enforcement strictness varies by region. Markets where TikTok is investing heavily in advertiser growth may see more lenient enforcement.

What Triggers Automated vs. Manual Review

Understanding the trigger differences helps you calibrate your risk.

Automated Triggers

These signals trigger immediate automated review:

Datacenter IP at account creation or login
Known proxy IP at account creation
Identical payment method across accounts
Identical browser fingerprint across accounts
Rapid account creation (multiple accounts in short time period)
Identical ad creative submitted across accounts
Account circumventing a recent ban (same device or payment from banned account)

Manual Review Triggers

These signals accumulate and eventually trigger human review:

Gradually increasing similarity scores between accounts
Pattern-matching on business names or documentation
User reports or competitor complaints
Content policy violations that are ambiguous
Unusual spending patterns combined with other weak signals

The Detection Lag

Detection is not always immediate. Platforms may delay enforcement while accumulating confidence, queuing for human review, or gathering evidence for a broader enforcement action. This lag creates a false sense of security — an account operating for months can still be banned based on signals detected during its first week.

Implications for Multi-Account Infrastructure

Understanding these detection systems leads to specific infrastructure recommendations:

Network Layer

Use mobile carrier IPs exclusively. They are the only IP type that all three platforms treat as high-trust.
Ensure IP consistency per account. Frequent IP changes trigger anomaly detection.
Route DNS through the proxy to prevent DNS-based linking.
Disable or mask WebRTC to prevent real IP exposure.

Browser Layer

Use anti-detect browsers with genuinely unique fingerprints per account.
Verify fingerprint uniqueness at sites like browserleaks.com and creepjs.
Ensure fingerprint internal consistency (OS, GPU, fonts all matching).
Isolate all cookie and storage mechanisms per profile.

Payment Layer

One unique payment method per account, no exceptions.
Unique billing name and address per account.
Retire payment methods associated with banned accounts permanently.

Identity Layer

Unique email, phone number, and business details per account.
No shared assets (pixels, pages, apps, domains) across accounts.

Behavioral Layer

Vary login times, session durations, and management patterns across accounts.
Do not reuse creative assets or landing page templates.
Stagger campaign creation and budget changes across accounts.
Avoid predictable patterns in how you interact with the platform.

Next Steps

This technical understanding of detection systems should inform how you build your multi-account proxy infrastructure. Each isolation decision should map to a specific detection signal you are countering.

For practical implementation of the full isolation stack, see our ad account IP isolation guide, which provides a step-by-step checklist for every isolation layer.

For the broader context of how proxies fit into affiliate marketing operations, see our affiliate marketing proxies guide.

For the most common mistakes that lead to detection despite having good infrastructure, read our guide on affiliate proxy mistakes that get accounts banned.

Ready to build infrastructure that accounts for how these platforms actually detect? DataResearchTools provides mobile proxy IPs with carrier-grade trust — the network-layer foundation that all three platforms treat as legitimate user traffic. Start with the right IP infrastructure and build your isolation stack on solid ground.