16 Jul 2024 19:40

Mobile & Digital

Unmasking The Next Generation of Mobile Fraud

On April 1st, the tech industry celebrates April Fools Day. Today, April 2nd, we declare that we are #FoolsNoMore.

As marketers, we are sick and tired of mobile fraud and we aren’t going to fall for the same old pranks anymore. To kick this off, we are opening our doors, sharing never-before-seen insights into how fraud works, where it hits, where it’s heading and how we tackle these emerging issues with Protect360.

Back in November, Forrester reported that mobile marketers’ biggest challenges are data visibility, a lack of knowledge, a lack of transparency and mobile ad fraud. Today, we are going to close that fraud gap. Today, we are #FoolsNoMore.

Fraud Is Evolving and Growing

Fraud is evolving faster than ever before. In 2014 fraudsters tried spoofing our SDK, so we added encryption and shut it down. It took fraudsters almost six months to find a new attack vector. In contrast, fraudsters now adapt to new anti-fraud solutions in weeks, and sometimes even days.

To compound matters, fraud isn’t just getting faster, it’s hitting harder. In September, we predicted that by the end of 2017, 1 in 10 attributed installs would be driven by fraud, exposing the industry about 2.2 – 2.6 billion dollars in annual loss. By the end of Q1 2018, we passed an 11.5% global fraud rate, a 15% jump from the 2017 average fraud rate. However, this figure can be misleading. Rising CPI rates and overall industry growth has increased the financial impact of fraud by 30% exposing 700 and 800 million dollars in mobile advertising to fraud over just three months!

Fraud Comes In Waves: The Rise of Bots

Fraud comes in waves. When a marketer is found to be vulnerable, fraudsters will generally double down, hitting even harder. When new protection hits the market, fraudsters are forced to adapt.

When we introduced Protect360 in September 2017, DeviceID Reset Fraud rates were very high. These rates quickly dropped as fraudsters tested new DeviceID Reset Fraud patterns, and new fraud types. Though we saw fraud attack vectors evolve, the old techniques never really went away. In early Q4 2017, there was a resurgence in nearly every type of fraud. With this sudden resurgence, a number of bots tried to spoof our SDK in limited pockets around the world. While many of these bots were blocked, we geared up for a new wave of bot innovation.

Scaling and Automating Protection For The Next Generation of Fraud

Over the last six months, we have partnered with leading mobile businesses, diving deep into new anomalies and emerging fraud types, as well as finding and testing new fraud signatures using our proprietary, cross-publisher database. Since launch, our Protect360 database has grown to over 5.7 billion devices and over 1 trillion monthly events. Thanks to this scale, we are able to detect and block new fraud types, including bots and behavioral anomalies with unmatched speed and effectiveness.

This investment in data-centric innovation has born remarkable fruits. We partnered with Google to introduce the new Google Referrer API and started blocking referrer hijacking, a new class of install hijacking. In addition to upgrading our protection against install hijacking and introducing customizable install hijacking protection with Validation Rules, we automated our click flooding protection. With the recent resurgence of bots, we added additional security measures to our SDK as well as automated blocking based on our proprietary bot signature database. Thanks to the unique scale of our database we further developed a new technology that automatically detects behavioral anomalies, and will soon roll out automated protection against sources trafficking this non-human activity. In response to changing DeviceID Reset Fraud patterns, we updated our DeviceRank algorithms a number of times, blocking more fraudulent activity with each update.

Bottom Line

The game has changed for anti-fraud providers. Rather than building and deploying new fraud solutions on a typical agile model, releasing a new fraud protection every few months, we must now operate like anti-virus provider – continuously scanning data, finding abnormalities and updating our protection.


Written by Jon Burg,Head of Product Marketing at AppsFlyer

(Visited 4 times, 1 visits today)