Mobile Ad Fraud: Where Were At & Where We Go From Here

Mobile Ad Fraud: Where Were At & Where We Go From Here

If Only Fraud Were As Easy To Detect As.

But In The Real World Mr. Bean Wouldnt Even Make the Click Farm

In The Real World

Mobile Advertising is Big BusinessIn 2017...$99.3B$97.4B

And Where There is Money There Are Those Who Follow It

ImpressionFraud (CPM)Click Fraud (CPC)Install Fraud (CPI)In-App Event Fraud (CPA)Mobile Ad FraudMultiple ads stacked on same real estateInfected apps causing ads to run in backgroundSimulated Bot ClicksInfected apps generating background clicks in legit device Simulated Bot Clicks & InstallsClick flooding to take credit for organic installsSimulated in-app actions (open, registration, purchase via virtual goods transfer) Install farms(real devices)Click farms (real devices)

Impression fraud: publishers stack multiple display ads on the same piece of real estate; or via ads running in the background of a legit device of a user who not knowingly installed an infected app Click fraud: automated script or a computer program (aka bots) that imitate a legitimate user, thereby generating a massive number of clicks on ads in order to incur charges from CPC ad budgets; or via infected apps generating background clicks on legit devicesInstall fraud: simulated bots that create both click AND install; or generating flood of clicks (millions) to randomly catch organic installs and claim them as non-organicIn-app event fraud: This can include using an app, playing a game or making fake in-app purchases (through a transfer of virtual goods where no real money is being exchanged). Ultimately, fraudsters seek to inflate the perceived value of their installs to make it appear real, and justify further spend with a source that supposedly delivered value.

ImpressionFraud (CPM)ClickFraud (CPC)InstallFraud (CPI)In-App EventFraud (CPA)Mobile Ad FraudDifficulty to Pull off

PayoutBRAND-DRIVEN PERFORMANCE-DRIVEN(APPS)

Mobile Ad Fraud

$1.3BInvalid/Fraudulent TrafficBRAND-DRIVEN $1B

Mobile Ad Fraud?

Install Fraud (CPI)

In-App Event Fraud (CPA)

PERFORMANCE-DRIVEN(APPS)

Mobile Ad FraudInstall Fraud (CPI)

In-App Event Fraud (CPA)PERFORMANCE-DRIVEN(APPS)

HOW WE FOUGHT BACK, UP UNTIL NOW...

IP FilteringPROSBlockssuspiciousactivityCONSAn IP can easilybe switched(if door is closed,enter throughthe window)

Data/Distribution ModelingPROSBig datadiscoverssuspicious trends andpatternsCONSPatterns andtrends may notalways signal fraud

Raw Data Deep-Dive & Anomaly DetectionPROSGranularview of dataCONS Detection often a manual process

Receipt ValidationPROSStamp of approvalCONS None!

These Are All Important Measures But Something is Missing...

Device-Level ProtectionRatings: based on over a dozen points of metadata including Cross publisher install dataCross publisher engagement dataBig data: cross-publisher database of 1.4 Trillion interactionsOver 98% of mobile devices already ratedLearning algorithms update DeviceRankTM as devices engage

3x - 12x Better Coverage Than industry standard distribution modeling and IP filtering solutions*Varies based on a number of criteria including region, vertical and platform

Case StudyMedia Source Breakdown

Case StudyPublisher Breakdown

!!!

State of App Install & Engagement FraudInitial Findings Based on

High payoutLow payoutControlled inventorySavvy market

The data shows how fraudsters attempt to target specific countries based on the potential payout. Overall, markets with the highest percentage of fraudulent devices are generally countries with the highest CPI and CPA payouts (i.e. Germany, US, UK, China, Australia), while GEOs with lower payouts (i.e. Indonesia, India, Brazil, Vietnam, Thailand) have a lower fraud rate.

In addition to the potential payout, market size, inventory control and level of sophistication can also play a role in a fraudsters decision whether to target a market or not. As such, Russias high fraud rate is likely more a reflection of its size rather than its mid-range payout. Also, if payout and size were the only factors, the US would no doubt lead the pack (which is the case when looking solely at the absolute number of fraudulent devices rather than the share of fraudulent devices). It is therefore possible that the level of fraud-sophistication in the market is deterring fraudsters from targeting the US - leading to a lower position in the above ranking.

Japan is hardly targeted by fraud despite its market size and the relatively high payout. This can be explained by the tighter control on inventory in this region where most publishers are local. Lastly, despite the size of the market in India, it offers a relatively low payout. As such, a fraudster would rather fake one iOS install in the US than 10 Android installs in India.

AndroidOpen OS, highly fragmented, 3rd party stores

iOSNot fraud free! Better protection in a more closed platform but high payouts attract bad actors

Newer Android Versions Have Higher Fraud Rates High Adoption, New Device, High Payout

The data shows that the highly adopted Android version 4.4.2 has a low fraud rate. However, another popular version (6.0.1) did not fare as well, generating an alarmingly high rate of fraud, especially when taking its scale into account.

In addition, it is interesting to note that newer versions 6.0.1 and 6 have the highest rate of fraud while the older versions 4.4.2 and 4.2.2 have the lowest rate of fraud. This can be explained by the fact that unlike iOS users, Android users are far less likely to have the latest OS on their devices. In general, the newer the device, the newer its OS version. And since new devices usually cost more to target, they are a common target for fraudsters. The opposite is also true: older OS versions are installed on older devices which cost less to target and are therefore less appealing to bad actors.

Newer iOS Versions Have Lower Fraud Rates But Pay Attention to 9.3.3Low adoption, Easier to defraudHigh adoption, improved Apple anti-fraud mechanism compared to 9.33High adoption, high fraud rate

iOS versions 8.4 and 8.3 have the highest rates of fraud compared to other versions. The good news is that their market share is very small. With such limited scale and high fraud rates, some marketers may look to exclude these versions from targeting. However, iOS version 9.3.3 has a high adoption rate and a relatively high rate of fraud, which is a cause for concern. Other top versions (9.3.2, 9.3.4) have lower rates of fraud. It seems Apple has effective anti-fraud mechanism in place in these versions, making it harder for fraudsters to penetrate the platform despite the high iOS payout.

The data also shows that recently-released iOS 10 has a very low fraud rate. We expect this to increase as adoption grows and as fraudsters learn how to manipulate Apples latest release.

Full Report @www.appsflyer.com/library

EAT THAT FRAUDSTERS!

Thanksdaniel@appsflyer.com