Mobile Fraud: Open Warfare

This is an article written by Nicolas Saraiva, Head of Delivery at Surikate, part of Mozoo group. Nicolas started his carreer as a Traffic Manager for Surikate in Paris in 2012. In 2013, he moved to London to help launching the Surikate business in the UK market. Currently, Nicolas is Head of Delivery for Surikate and he is making sure that every campaign launched is delivered successfully. As an expert in mobile performance and mobile attribution, fighting against fraud takes a big part of his daily job.

Fraud in the mobile advertising ecosystem is not a new topic; in fact, it is rather well known among industry players generally, particularly in the case of user acquisition for apps. Recently, however, war has been declared on fraudulent traffic. This fraud is the cause of wasted expenditure by advertisers and agencies and ruined customer acquisition plans. In order to optimise your expenditure and obtain the best return on investment (ROI) for your mobile acquisition campaigns, it is important to identify the different types of fraud and to understand how you can combat them.

Humans and robots: two distinct types of fraud

It is estimated that nearly 30% of worldwide mobile traffic is actually fraudulent, which represents a loss of nearly a billion dollars (yes, that’s billion with a b).

At Surikate, we take a pretty hard line on the subject, characterising all non-human activity (robots, algorithms, click farms, etc.) as fraudulent alongside any traffic which does not meet campaign requirements (such as incentivised traffic when the purpose of the campaign is to acquire high quality users).

Even if the result is the same (a wasted budget, and difficulty in obtaining a positive return on investment), it is important to differentiate between these two main categories of fraud as each must be combatted in a different way.

‘A prevention is better than a cure’

This saying has never been truer than when you’re talking about fraud! In fact, the best way to protect yourself against fraud is to take steps beforehand, so that there is nothing to worry about afterwards.

Here, therefore, is a non-exhaustive list of good preventative strategies:

  • Understand your sources and partners properly. It is important for you to be familiar with the methods that they use to promote your app. A minimum level of transparency is therefore essential to ensure that you choose your sources appropriately.
  • Configure the campaign correctly in your tracking tool (SDK). In fact, providing a simple tracking link, without requiring a particular set of information to be provided, will prevent you from correctly identifying the traffic generated by your partners, and thus from identifying any possible fraud or simply optimising your campaign. For example, it’s very important to share sub_IDS (sub-traffic sources) for example, as these provide more granularity in identifying sources.
  • Performing matching on the advertising ID (Google Advertising ID/Identifier for Advertising) is another good solution for ensuring that each device has a unique identifier. This is important in preventing multiple conversions from being recorded against a single device.
  • Provide your partners with your ‘IP whitelist’ in order to prevent any discrepancies between your statistics and their own. In fact, only conversions that originate from the IPs of your tracking solution must be recorded by your sources; the rest is simply outright fraud.
  • Implement an automatic IP filtering solution. In cases of large scale fraud, the vast majority of conversions tend to come from a narrow range of very similar IPs (e.g., 192.168.62.XX). By using this solution, conversions will automatically be rejected and won’t even reach your campaign measurement tool.
  • It is also essential to identify VPNs and proxy servers in order to avoid any activity that originates outside the target country. The majority of fraudulent clicks, installations or ‘post-installation’ conversions attempt to simulate the geographic area that was originally targeted by passing through proxy servers or VPNs in order to be accepted by your system.
Campaign monitoring and optimisation

You are bound to spend a lot of time on this stage, but are you looking at the right information to eliminate the ‘wrong’ traffic?

A series of conversions can look as though they are legitimate of high quality, and appropriate. Nonetheless, it may involve fraudulent or, at the very least, very poor quality traffic. As explained above, incentivised traffic is often used in campaigns where the quality of acquisitions is supposed to be beyond reproach. In this scenario, traffic may appear legitimate at first glance, but you will quickly come to recognise that the users that you acquire are far from being active, let alone loyal.

Often, some very basic validations are all that is required to identify this traffic effectively and eradicate it from your campaign while it is still running:

  • Check the conversion rate by time of day and by sub-source (sub_IDs). Even if the conversion rate for your campaign appears to be correct overall, it is important to monitor it in greater detail. If you notice that some sources generate higher levels of clicks, while others generate higher levels of installations, you will be dealing with incentivised traffic. Similarly, by observing your campaign hour by hour, you can recognise when click levels are high at a certain time of day, whereas installations might peak much later on.
  • Tag your app correctly. This will enable you to access KPIs that can ensure that traffic generated by your sources is of sufficient quality. The number of times that each user opens the app each day, the levels of in-app sign-ups, the time spent using the app, in-app conversions (purchases, reservations, and customer contacts) should be observed continuously in order to rank the sources by quality and to remove the lower performing sources.
  • Take into account all information relating to the device that generates the activity. The make, model, OS version, device ID (IDFA or GAID if correctly configured in advance). When particular information recurs excessively (such as the same version of an OS that is disproportionately common, or a particularly old version), then it’s time to ask questions.
  • Observe the difference in time between clicking on the tracking link and the first time that the app is opened: the ‘time difference’. When the time difference is very small, it’s highly likely that you are dealing with a robot.

You will have worked out that there are multiple ways to prevent and monitor fraud and optimise your campaign, just as there are many different risks from generating undesirable traffic!

However, some simple measures allow you to eliminate a large proportion of fraudulent activity in order to maximise the results you obtain, and with them, your ROI.

Attribution solutions have significantly improved the quality of anti-fraud measures by integrating and working closely with specialist fraud solutions. This ‘cross-industry’ collaboration will soon allow the progressive elimination of ‘bad’ traffic and will help advertisers in their acquisition strategies by allowing them to concentrate on more traditional ways of optimising their campaigns.


Leave a Reply

Your email address will not be published. Required fields are marked *