Exploring the dangers of mobile ad fraud

By:

Date: 10 May 2023

Exploring the hazards of mobile ad fraud

Standing up against ad fraud often feels like a losing game - attackers are always one step ahead. Every time a scheme is uncovered, a new one emerges. Mobile apps used to be pretty well guarded by mobile measurement partners (MMPs) until ad fraudsters tapped into the vulnerabilities of these tools.

As such, mobile ad fraud is a major threat to advertisers: in the past three years, marketers have seen a 62% increase in fraudulent activity. The total losses range between $6.5 billion and $19 billion per year.

In this post, I will cover top ad fraud methods and explore ad fraud detection strategies.

Impact of mobile ad fraud on different ecosystem players

Before diving deeper into the intricacies of mobile ad fraud, it’s essential to understand the scale of its impact. The effects of ad fraud ripple throughout the entire industry.

Advertisers:

  • Loss of ad budget
  • Reputation damage
  • Opportunity cost

Publishers:

  • Revenue losses
  • Reputational losses

Adtech vendors:

  • Increased pressure for transparency from advertisers
  • Lower revenue driven by flatlining ad spend
  • Loss of market share

Publishers and adtech vendors are equally affected by misattribution, spoofing and other tactics - which is why the ecosystem needs to acknowledge the problem and join forces in finding viable solutions.

Top mobile ad fraud tactics

Mobile ad fraud has many faces. Some tactics are relatively easy to see through, but because advertisers don’t have an action plan, attackers can go through with their threats. Understanding the mechanics behind widely-used fraud schemes will help the ecosystem fight them off more effectively.

Install farms

Method:

  • device farms, locations filled with mobile devices, that install apps and reset identities 24/7.
  • server-based bots generate in-app events and are trained to avoid detections by simulating real user journeys.

Implications:

  • the technique tampers with marketing data and drains CPA.

Detection mechanism:

  • monitoring New Device Rate spikes and improving pattern-based recognition.

SDK spoofing

Method:

  • attackers take advantage of the security vulnerabilities of an attribution provider and hack into SDKs to simulate clicks, installs and other engagement signals.

Implications:

  • advertisers pay for fake data signals.

Detection mechanism:

  • tracking installs from specific SDKs, watching out for spikes, and analysing the security infrastructure.

Click injection and spamming

Method:

  • the tactic allows fraudsters to claim an install generated by a different network.

Implication:

  • misattribution of installation that both drains an advertiser’s budget and hijacks a benevolent publisher’s revenue.

Detection mechanism:

  • abnormally low CTIT (click-to-install-time) is a common tell-tale sign of click injection.

In-app purchase (IAP) fraud

Method:

  • fraudsters generate fake purchases by leveraging return policy loopholes or using stolen credit cards.

Implications:

  • both publisher revenue and the reputation of the application are affected.

Detection mechanism:

Emerging solutions to address mobile ad fraud

While fraudsters are always on the lookout for ways to outsmart fraud detection mechanisms, it’s worth noting that the ecosystem is not turning a blind eye. Year after year, adtech vendors roll out new tools that help detect fraudulent inventory. IAB Tech Lab also released app-ads.txt to prevent domain spoofing.

Statistical-based and fact-based anomaly detection

Anomaly detection practices help detect out-of-the-ordinary impression patterns in a campaign.

  • Statistically-based anomaly detection helps detect traffic through a list of standard parameter checks to identify suspicious activity by flagging non-browser users, pre-rendered traffic, crawlers or hijacked devices. #
  • act-based detection helps identify outliers - events that stand out from the average distribution - a series of in-app events.

Adoption of industry standards (app-adds.txt)

App-ads.txt, as mentioned above, is a way to authorise publishers and protect adtech vendors from selling low-quality inventory, and advertisers from poorly allocating their budgets.

To adtech platforms, SSPs and DSPs, the tag is a powerful stronghold against ad fraud.

Advanced fraud analytics tools

The more data an adtech provider can collect for each ad request, the higher the precision of traffic analysis will be. Capturing the IDs associated with each request will help segment traffic and spot anomalies.

Why should adtech vendors partner with a team of expert developers to build fraud prevention tools?

As complex systems, ad fraud prevention tools have a robust technological backbone. That’s why adtech vendors would benefit from partnering with a team of skilled engineers equipped both with domain expertise and technical skills needed to bring the platform to market.

Reduced time-to-market

Collaborating with engineers who can support the project with a component library that includes key features of a fraud prevention platform (rate limiting, IP address filter, analytics and more) can also help increase development speed.

In-depth understanding of mobile data fraud challenges

Building adtech solutions is tricky, as the industry is riddled with regulations and privacy laws.

Working with a tech partner who specialises in adtech won’t leave you worried about privacy standards, as the team you are working with has a commitment to following the trends and understanding the privacy landscape.

Ability to deploy machine learning algorithms that detect fake traffic

Domain expertise is crucial for a bump-free collaboration with an adtech development partner, but so is the team’s technical skill set. Ad fraud evolves rapidly - and so should the tools that plan to fight it.

A growing number of vendors leverage machine learning and data science for real-time fraud prevention or to calculate the probability of a fraudulent placement.

Skills for building high-load scalable ad fraud detection platforms

Building an adtech platform means building a high-load platform, with all its challenges. These constraints limit the range of architecture choices developers have at their disposal. That’s why it’s important to partner with engineers who know how to make the most out of tech innovation under latency limitations.

Ad fraud has been one of the biggest challenges of the adtech ecosystem in the last decade. Exploring fraud detection mechanisms, leveraging innovative technologies and connecting with other platforms through APIs and integrations are ways to stop resource-siphoning in adtech - and to help advertisers and publishers get the full value of their campaigns and platforms.

Copyright 2023. Sponsored post made possible by Maria Novikova, cmo, Xenoss.

What does the * mean?

If a link has a * this means it is an affiliate link. To find out more, see our FAQs.