This presentation is from Affiliate Summit East 2017 (July 30 - August 1, 2017 in New York).
Session description: Ad fraud is rising. This session uncovers the sophisticated ways mobile advertising fraud is being perpetrated and gives ideas on how it can be identified and how to mitigate the risk.
7. Who Is to Blame ?
The rest
• The App Stores
• The Operating System
• Publishers/Developers
• Ad
Networks/SSPs/Exchanges
• Attribution
companies/Solution
Providers
• Advertisers/DSPs
The bad guys
• Intentional criminals
8. Types of Fraud
Areas to consider:
• Impression // CPM
• Click // CPC
• Install // CPI
• Lead // CPL
• Injection // Adware
• Domain Spoofing
• CMS // Fake Publisher
• Blending // Audience Extension
10. Non-Human Traffic - Bots
Type
• Simple Bots – simple scripts that run
from hosting servers with consistent
patterns.
• Complex Bots – sophisticated tactics
mimicking normal behavior.
• Botnets – array of devices that have been
compromised by bad actors. Send
commands that perform tasks like
‘loading’ or ‘clicking’ on ads or
‘installing’ and ‘opening’ other apps
Detection
• Patterns can be identified then blocked
eg. IDs; agents; known data center IP
addresses.
• More difficult as less consistent pattern.
Rotating IP; user agents; ids; timings; ctr.
• Hard to detect and block. When
discovered by law enforcement effectively
shutdown. Patterns can be uncovered by
experts.
11. Type
• Invisible ads – hidden ads with zero
being seen aka Ad stacking
Detection
• Very low CTR/high CTR with other
characteristics. Detectable using off
the shelf ad verification tools like
Integral Ad Science.
Human Traffic – Invisible Ads
12. Type
• Domain Spoofing – publishers are
declare their own domain and label
They misrepresent by identifying as
domain. Other cases the publisher
spoofed within the request.
Detection
• Digging deeper and doing proper
verification and validation of
publishers.
Domain Spoofing
13. Type
• Click Spam – clicks, clicks and
generated in hope of “winning” or
install.
Detection
• Low/fixed conversion rate
• High amount of clicks
• Patterns in click frequency
Click Spam
14. Example of Click Spam
Installs
Even distribution (flat lines) over a number of hours
is an indication of spamming activity
Early Installs show a normal pattern
0
1,000
2,000
3,000
4,000
5,000
6,000
7,000
8,000
Hours
Install Time Analysis
15. Type
• Click Injection – a process on the
to “broadcast intents” for app
a click before the app is opened in
the install due to last click
Detection
• Android only
• Conversion rates are 100%
• Low CTIT/MTTI
• High concentration of installs within
moments of click
Click Injection
16. CLICK TRACK DOWNLOAD OPEN
NEW CLICK !
Last Click
Wins Attribution based
on “open” event
Click Injection
17. Example of Click Injection
Installs
Extremely short install times (within seconds) indicate an injection pattern
Install Time Analysis
Seconds
18. Type
• Click Farms - a large group of low-
are hired to click on paid
Detection
• Very difficult as visitors are real
• Repeated patterns
Click Farms
25. Prevent Mobile Ad Fraud In The First Place
Detection:
Look for Deviations from Patterns / Baselines
• Establish a baseline; Compare activity against it.
• Flag/report any abnormalities, discrepancies asap
Monitor and measure everything
Notice Installs from Suspicious Sources
Assign an Internal Stakeholder
• Dedicated internal person to look at performance
26. Prevention:
Buy Direct When Possible
• Direct relationships improve quality and transparency
Buy Premium
• Cheap traffic comes at a high price
Partner Up
• Ad fraud security services
• Measurement + attribution partners
Research
• Reputations matter
Protect Yourself
• Contract that outlines what you will/will not accept
Prevent Mobile Ad Fraud