From App to Zapp: Detecting and removing rogue and counterfeit apps

October 1, 2013

Morris Wilder

NetNames Online Brand Protection

22

Agenda

1. The mobile channel - the new threat vector?

2. Detecting criminals who are releasing infringing apps for profit and for compromising customers

3. Successful strategies for removing rogue mobile apps and general IP infringements and counterfeits on the internet

3

1. The mobile channel - the new threat vector?

Mobile Aps – some statistics

Google Play on course to exceed number of Apple

apps downloaded by October 2013

Android app code is open source – therefore easily accessible to infringers!

Android has 900 million devices on the market

compared to 600 million running iOS

4

Mobile apps are overtaking the Internet as

the most important channel to market for

some companies

The Apple App store now offers more than 850,000

apps in 155 countries around the world

50 billion apps downloaded to date =

approx. 7 apps for every person on the planet!

Mobile apps are the latest threat vector for cyber criminals

Mobile apps are becoming a

major channel to market for many

customers

Low cost, limited

security and ease of

download = installation of

malicious apps very

easy

Between 500,000 and 800,000 app developers in China alone

5

Mobile app threats getting international exposure

6

Over 25,000 Apple App requests per week!

7

Mobile apps are the latest threat vector for cyber criminals

8

Release of iOS 7 provides an opportunity for infringing app developers

9

Mobile apps are the latest threat vector for cyber criminals

10

Why are mobile users vulnerable?

• Apps are a regular part of our daily life

• Mobile users: • Are less aware of risks and less careful• Download apps without researching the developer• Are less aware of their device security options• Are accustomed to entering user credentials to login to apps

• Login pages for apps are often very simple in design = easier to replicate

• Small screen size = more difficult to view a url and discern if a page is legitimate

11

Major risks facing brand owners

• Visibility of the mobile app marketplace

• Copycat apps, brand infringements to your IP and false claims of affiliation

• Loss of revenue

• Fraud, phishing and malware attacks

• Negative user experience and damage to brand reputation

12

13

2. Detecting criminals who are releasing infringing apps for profit and for compromising customers

Apps monitoring as part of a suite of modular services

• Apple app store• Google Play• Blackberry world• Domain name zone files• Online marketplaces• Deep web crawling• Different languages

Detection

• Test purchasing• Online investigations

Investigation & Countermeasures

• Prioritization (product lines, logo usage, price, quantity offered, score...

• Site content analysis• Clustering of

websites

Assessment

• Takedowns• Domain suspensions• Disruption measures• Analytics & reporting

Action & Reporting

BRAND ABUSE

NetNames Mobile Apps Monitoring

• Software developed specifically to monitor Apple App store, Google Play and Blackberry World

• Detect & remove rogue, fraudulent, unauthorized or infringing apps

• Expert analysis & reporting on scale, scope and origin of threats

• Detection and prioritization of unauthorized or infringing apps by:

• Brand / Title• Developer• Downloads• Marketplace• Rating • Price• Image 15

16

3. Removing rogue mobile apps and staying ahead of IP infringements and counterfeits on the internet

Enforcement of infringing apps

• NetNames can deliver enforcement services against infringing or counterfeit apps on • Google Play • Apple App store• BlackBerry World

• High compliance rate.• Apple and Google in an effort to increase compliance %'s• We enforce on the low hanging fruit as well as the more difficult

cases.• Takedown times – can be only a few days!

17

18

Some of our App monitoring customers

19

NetNamesStaying one step ahead

Detecting and Removing IP Infringements Online

Catch infringements early and make yourself a hard target

 • Monitor the areas of the internet of most importance to your

brand

• Catch infringements early (NetNames can detect whilst the website is still being built!)

• Consider adding an outsourced removal / takedown service

• The overall aim is for you to make your brand a hard target for the infringers so that they target other sectors /companies. 

20

How do we know which infringements to address first?

• Utilizing web traffic statistics to “Score” the threat

• Sort results by ‘quantity of items offered’ or price on a particular site

• Focus on particular region where items are shipping from

• ‘Cluster’ websites together for efficient takedown operations (i.e. domain registrant – reverse whois)

21

Linbing8666: Fake Cartier Jewelery http://www.cartierladieshop.org/

Linbing8666: Fake Puma Footwear http://pumashoessalesite.org/

24

Calculate potential ‘sales uplift’ or ROIhttp://www.hunterboots-sale.net// ….traffic: 4,620 web visitors per day

Domain registrant:

chen shouchengxiamenshisimingquxianyuehuayuanFujian360000CNhunterbootsale@163.com

25

Calculate potential ‘sales uplift’ or ROI

• Take the example of www.hunterboots-sale.net

Daily domain visitors 4,620

Annual domain visitors (assuming 25 – 50% repeat visitors) 843,150 to 1,264,725

Assumed percentage of visitors who place an order 1%

Average order value $67

Potential annual sales uplift / recoverable revenue

$569,126 to $853,689

…per year

Proprietary Logo Recognition Technology

In-House Language Skills

Afrikaans Arabic Bengali BosnianSerbian

CantoneseGerman

GreekGujaratiJapanese

HindiItalian

CroatianCzech

DanishDutch

French LithuanianMandarinNigerian

Norwegian

PolishPortuguese

RussianSpanishSwedishTurkish

Decrease in enforcements over time

Extensive analytics outlining enforcements completed

How does this help you stay one step ahead?

• Making yourself a harder target

• Minimizing lost sales to counterfeiters

• Protecting revenue

• Combating brand dilution

• Using analyst experience, language skills and relationships with marketplaces from a 3rd party (such as NetNames) -> faster, more effective actions

31

Enforcement in ChinaWebsite takedown through the domain name registrar

Enforcement challenges in ChinaThe NetNames advantage

Registrars do not check their

abuse e-mail inbox regularly

Constantly modifying

policy

They often do not offer 24/7

service for abuse service

Personal relationships

often more important than

regulations

Onerous supporting

evidence and IPR documents

Non-compliance of some service

providers & marketplaces

Different law practice with regards to IP

rights

Enforcement team will follow up with them via phone calls in their native language

The UK Time zone is overlapping

with China – more time for effective and in-depth

communication

Daily conversation with marketplaces,

ICP, and registrars to maximize

the impact Adaptive is also the

key!

Comprehensive Service sets ups prior carrying out enforcement to ensure efficiency

The NetNames Enforcement Team

• Rogue site enforcement - suspension at registrar level

• Enforcement with great focus on Chinese marketplaces such as Taobao

• Rogue sites operation disruption - Ad words/organic results removal/ Payment gateway suspensions

• Careful analysis on infringements and research on counterfeit trend

• Good understanding of IP policy and domain name policy in multiple jurisdictions

• Established connection with Chinese Registrars and ISP’s to maximize the impact

• NO Machine gun approach – we are targeted, moral & lawful. Less time spent on retraction notices.

• Alternative approach rather than simply using cease and desist letter and host deactivation

End-to-end case study – Domain Suspension

The workflow of the enforcement:

Step 1: Automatic detection of the infringementStep 2: Confirmed and reviewed by enforcement analysts and further reviewed by the client

After initial contact with the registrar, the registrar tracked down over 25 additional rogue sites and suspend them because of our relationship and credibility.

Result:Within 2 days, all the domain names in question were suspended by the registrar

35

Invalid WHOIS Details

Illiterate Registrants Careless Registrants

36

Documents needed for Chinese Registrars

1. Authorization letter from a brand owner

2. Trade mark certificate(s) registered in China

3. Careful explanation in Chinese if applicable

4. Screenshots of rogue websites

5. Screenshots of WHOIS details

3737

Summary – How NetNames keeps you One Step Ahead

• Make your brand a harder target

• Consider using intelligent technology and expertise to help keep you one

step ahead of IP infringements online...especially in the emerging area of

mobile apps

• Suspending rogue websites at a registrar level is the most effective –

NetNames gets over 85% compliance to takedowns

38

Contact

TelephoneEmail

Morris Wilder

Corporate Sales Manager

(212) 514-4182Morris.Wilder@NetNames.com

Thank you!