Fighting Mobile Ad Fraud Part Two: How to Protect Yourself
To combat ad fraud, many ad networks and ad tech providers, including StartApp, have begun identifying, cataloging, and analyzing mobile fraud. This aids in detecting patterns in order to flag potential fraudsters, laying out strategies to block fraud, and developing methods to prevent fraudulent traffic before it even begins.
As we learned in part one of our Fighting Mobile Ad Fraud series, fraud can take many different forms across any and all aspects of mobile advertising. So, the first key to fraud prevention is creating a cross-discipline team. At StartApp, our fraud team includes Product, R&D, Data, Marketing and Finance specialists. This approach ensures that every part of the company is dedicated to monitoring aspects of fraud.
Of course, human intervention can only do so much. The best fraud protection integrates manual processes with automation.
What Protection Looks Like
Starting from the request stage, data is generated about the user or whoever is standing behind the request. This data allows us to discover suspicious signs even before the impression is served. For example, inspecting the user agent – what type of device makes the request – allows us to know if the request comes from, say, a mobile device or iPad (likely a real request) or a server (more possibly fraudulent). In addition to analyzing related data, we also apply a blacklist mechanism. This enables a black list of suspicious proxy IPs, devices, emulators, and applications. Requests from any of these attributions are blocked and not served.
Note: StartApp doesn’t collect any personal identifiable information, as each data profile is built on the advertising ID or IDFA level.
We also can review impressions and clicks to identify fraud. First, we can detect anomalies in the CTR or detect if an abnormal amount of traffic arrives from the same IP or advertising ID. We also analyze trends related to the time frame in which impressions and clicks arrive. Activity that then falls out of this expected time range is immediately suspicious.
Our technology can also identify the exact position of a click on the screen. Why does this matter? With human clicks, there is an expected distribution of click position. Alternatively, if all clicks come from a single position – or we fail to identify the position at all – then we likely are seeing non-human traffic.
Install events provide the next opportunity to root out fraud. Similar to impression and click events, we also analyze performance and look for anomalies in CR values. In addition, we scan to see if the device has too many applications or if the user uninstalls new apps at a greater rate than normal. Further, we analyze the time difference between the clicks and installs. As with clicks, any activity that then falls out of this expected time range is immediately suspicious.
Post install event data collected from advertisers – including registration events, logins, etc – also helps identify fraudulent sources. For example, analyzing the retention rate helps identify bots or install farms.
Sharing our insights for post-install events with advertising partners becomes a key part of the process: The crosschecking of multiple sources helps complete the puzzle which leads to more efficient detection.
A final, yet crucial, step involves cooperation with our partners and other third-party players, which can include trackers, advertisers, and more. The cooperation involves sharing data, knowledge, and insights that help expand and improve our detection capabilities. We even spend time on “fraudster forums” (yes, they exist!) to keep up with the latest fraud techniques.
The Bottom Line
As you know from any crime show or even the current global obsession with fake news, separating truth from fiction is never easy.
It’s even more challenging in the ad fraud world, where cheaters come in all forms. The key is to take a multi-disciplinary approach that includes multiple layer of protection… that, and the single-minded focus to never stop improving.