In the mobile industry, some see ad fraud as the cost of doing business, but few are aware of just how serious that cost can be. In the first half of 2019 alone, mobile marketers lost $2.3B to app install fraud. Some marketers believe they’re insulated from that statistic because they work with traffic providers that offer monthly rebates for wasted ad budget. But the truth is that if fraud is permitted as a business practice, these ad networks and publishers aren’t refunding the full amount lost. There’s also an opportunity cost to tying up ad dollars with a network that routinely charges you for your own organic installs.

Ad fraud may be a fact of life, but that doesn’t mean we should give up the fight. By carefully choosing reputable mobile ad partners, advertisers can invest in growth, rather than fabricated metrics. To help, we’ve rounded up the most common fraud tactics and prevention methods, as well as what to look for when partnering with a traffic provider.

Common tactics

Fraudsters engage in numerous tactics with a common goal: giving the appearance of increased performance, which in turn increases their profit. Many of these methods involve misrepresenting or faking user clicks or installs, while others require more technologically advanced schemes.

Some dishonest companies take this to the next level with install farms, which are tasked with installing, opening, and deleting apps from devices en masse. Similar scams have been around as long as the internet itself. Websites have long used click farms to manipulate their rankings and traffic, allowing them to raise ad prices. In the modern mobile era, this type of farming can be done with technology, repeating the process often enough that it looks like an app is being legitimately installed far more often than it actually is.

SDK spoofing, also called traffic spoofing, is another sophisticated tactic that has emerged. This method involves creating what appear to be legitimate installs on devices that never actually had the app installed. This involves a lot of backend manipulation, so it requires tech-savvy. The result is that advertisers who are paying by the install or engagement run through their budget on these fake installs.

In the world of mobile user acquisition, we often encounter a type of fraud called organic poaching. This refers to any kind of fraud in which a traffic provider takes credit for an install that would have happened anyway. Organic poaching is a little different from other types of fraud because the specified engagement, in this case installing an app, actually takes place — it’s just that this action happened organically, rather than because of the efforts of the traffic provider.

The fact is, if you’re unable to recognize these tactics, you’re going to pay for fraud. Even if the traffic provider identifies a certain percentage of fraudulent installs and issues a credit, there’s probably more that hasn’t been identified. Not only does this lead to wasted ad spend, but it also makes it hard for advertisers to determine what quality users actually cost.

 

Advertisers must self-advocate & identify fraud — here’s how

When it comes to mobile ad fraud, publishers often bear the brunt of blame without actually having committed the fraudulent activity in question. Publishers with a suspiciously high number of clicks could be dropped by networks and DSPs, and with enough infractions, they might find themselves blacklisted entirely.

As in many cases, transparency is key. Publishers should work with ad networks and attribution partners to identify malicious behavior at the user level. This might mean recognizing multiple device IDs, suspicious mean time of install, or identical click patterns. No matter the method of fraud, publishers need to take action to protect monetization revenue. In the same vein, ad networks and DSPs can play a larger role in the ongoing fight against ad fraud by proactively identifying bad actors.

That said, advertisers shouldn’t rely on other industry players to have their best interests at heart. In today’s mobile industry, many traffic providers have come to accept the presence of ad fraud and aren’t doing enough to fight it. Moreover, some growth managers simply accept positive reports without questioning the integrity of the results. But to truly maximize growth, and change the face of our industry, advertisers must self-advocate at every opportunity.

How to identify bad actors

Advertisers should enforce these anti-fraud measures to protect their own revenue. The first step is working with publishers, ad networks, and DSPs to detect ads that are running on jailbroken devices, emulators, or rooted devices. After that, advertisers should blacklist suspicious apps, IP addresses, and regions where the fraud has been identified.

Organic poaching can be a bit trickier. Here are some additional steps advertisers can take:

• Perform incrementality tests. A good partner should be equipped to do this for you. These tests deliver a clearer picture of whether traffic providers are delivering incremental growth on top of organic installs.
• Look for odd patterns from publishers. Say you’re getting 20% of installs from a flashlight app — that’s a little strange, right? If a publisher’s report gets your spidey sense tingling, don’t be afraid to dig deeper.
• Check your attribution curve. A normal curve will show the majority of attributed installs taking place in the three hours after the user has seen your ad. If installs spike after that point, or gradually rise as time elapses, that’s likely fraud.
• Look at user-level data. Check device IDs, suspicious mean times to install, and identical click patterns, to name a few.

For both advertisers and publishers, working together with complete transparency can be a necessary step towards eliminating fraudulent behavior in their campaigns and apps. That said, we can’t understate the importance of having the right ad network partner.

 

DSPs: The Last Line of Defense

So who’s actually responsible for preventing and fighting fraud? Does more of the responsibility fall on the publisher or the advertisers? Truthfully, the answer is that no party can eliminate fraud on their own. We’ve already established that working together is critical, but there’s another step advertisers can take: choosing a trustworthy programmatic partner.

Unlike ad networks, demand-side platforms cannot vet every participant in the RTB ecosystem. They can only choose to proactively monitor and block low-quality traffic. Doing so means losing out on revenue from fraudulent impressions, but it delivers better results for advertisers. The right partner will strive to eliminate fraud as a matter of business practice, rather than offering fraud-related ad credit.

Even with good proactive measures in place, DSPs must continue to monitor suspicious attribution patterns. This vigilance can help detect fake clicks, late clicks, multiple clicks from a single impression, and other red flags associated with mobile ad fraud. The problem is, not all DSPs are created equal, and some don’t take these necessary steps to prevent fraudulent activity.

 

The MOLOCO approach

At MOLOCO, we take a proactive approach to fighting mobile fraud. We choose to take every possible measure to eliminate ad fraud on our platform. We continuously work with mobile measurement partners to protect advertisers using methods like click validation. We use machine learning to identify suspicious patterns and avoid apps that aren’t available in either the Apple App Store or Google Play. By sharing our findings with advertisers, we continue to help them in the fight against fraudulent traffic. On top of that, we share impression logs — complete with GAID, IDFA and exchanges names, down to publisher info — with all partners, an essential tool for identifying red flags.

Ultimately, fighting ad fraud is everyone’s responsibility, but not all companies see it this way. Until some major shifts take place in the mobile industry, fraud will continue to be a fact of life. That’s why it’s critical that advertisers know how to identify fraudulent traffic and choose partners that can actually help them grow.

But don’t just take our word for it. Look at the data. Take the steps listed in this article and see if some suspicious patterns emerge. Test different partners. While all partners have access to the same data, not all will take the same actions. At MOLOCO, we’re committed to acting in the best interests of advertisers and the mobile industry in general. As a result, our partners have more ad budget to spend where it counts and more incremental growth.

Want to learn more about how MOLOCO fights mobile ad fraud? Reach out to our team today. We’ll help you run an incrementality test, identify poor traffic sources, and scale your growth.