Fraud Prevention: Adperio’s Guide to Protecting Your Data
Adperio prides itself on protecting its advertisers with a dedicated Compliance Department and custom-built analytics. Compliance monitors a variety of key metrics to ensure our clients are not exposed to fraudulent traffic. To help identify and prevent falling victim to black hat techniques, our team put together a list of the most common types of fraud in mobile and how to spot them. Read on to learn about some of the key methods Adperio compliance team uses to monitor our clients’ traffic.
- Click spam is among the most common types of fraud wherein fraudsters steal attribution from organic and other paid sources through ad stacking and other methods of creating fake clicks. By doing this, they are hoping to capture the last click in order to be credited for the conversion by the advertiser.
Since the click is fake, i.e. the consumer is not interacting with an ad unit, this can be monitored through various engagement metrics. While other fraud analytic suites only look at one engagement metric (i.e. % of installs under one hour from the click), Adperio has developed a holistic methodology that looks at distribution patterns to ensure human engagement, not fraudulent activity, in the stats.
For example, fraudsters cannot predict which devices or IPs their fake clicks will convert, resulting in random engagement mean-time-to-install distributions:
But when consumers are genuinely engaging with ad units, one expects a predictable pattern. Most consumers who click on an ad for a mobile app will install it shortly after the click. That install results in a distribution that looks like this:
In addition, Adperio looks at a host of benchmarks like the above. Mentioned % of installs in the first hour, including comparing Adperio’s traffic % to that of platforms like Facebook.
- Click injections are another common type of fraud, specific to the mobile space. Adperio defines click injections as mobile attribution fraud that utilizes mobile malware to steal installs. The malware hides inside a Trojan app. When the malware detects an app downloading on the phone, it sends a click to steal the install.
The malware only has the period of time from detecting the download to when the consumer opens the app. This results in very short, often impossible, click-to-install times. While some platforms only tag installs under 10 seconds from click, 30 seconds is a more standard metric. Anything higher than a small % of these too-quick installs should be a red flag for click injection.
Also note that this fraud is only possible on Android devices. Apple’s iOS does not give apps on a device the level of visibility needed to see that another app is being downloaded to the phone.
- Both types of fraud described above represent the theft of real installs. Another type of fraud is non-human installs, bots that can replicate not only what look like installs but even post-install events that give the appearance of quality traffic.
While fraudsters with bot traffic continue to evolve and get more sophisticated, bots can be identified by patterns in data:
- Multiple conversions coming from duplicate IPs (especially when these represent ISPs and not shared mobile carrier IPs)
- Proxy IPs
- Abnormal and clustered times for the conversions
- Disproportionate %s of jailbroken or reset devices
- Disproportionate % of OS versions or device types
- Older versions of attribution SDKs
Using our proprietary fraud technology, Adperio protects its advertisers from the fraud lurking in the mobile acquisition ecosystem. Basic knowledge of fraud prevention is key, along with the tools and diligence to root it out. With fraud out of the way, Adperio is testing and optimizing to achieve high return on ad dollars that will make us heroes at the next quarterly meeting.
Want to learn more about Adperio’s proprietary fraud technology?