The different faces of mobile ad fraud

Digital ad fraud is estimated to have cost US marketers $6.5 billion in 2017 (Marketing Week 2017). Fraud prevention is not only a nice to have but a necessity nowadays.

Ad fraud is when an individual or group attempts to defraud advertisers, publishers or supply partners, by exploiting advertising technology with the objective of stealing from advertising budgets. It is particularly challenging for marketers to deal with because it comes in variable forms and it has the capacity to evolve and bypass the latest prevention methods.

Today, there are two forms of fraud in particular that app marketers are grappling with: Fake Users and Attribution Manipulation.

Fake Users

Fraudsters use bots, malware and install farms to emulate clicks, installs, and in-app events, causing advertisers to pay for an activity that is not completed by a real user.

Fake User fraud is most commonly perpetrated via:

Install farms, which consist of humans who are paid to manually install and engage with apps across a large number of devices.

Mobile device emulators that simulate a large number of unique device IDs used in fake installs.

Data centers that host scripts to generate fake installs and other types of events at massive scale.

Proxy servers that are used to reset IP addresses and spoof device-level information (like location, to emulate installs in other countries)

Attribution Manipulation

Fraudsters steal credit for installs by sending fraudulent clicks, which results in attribution systems recording sent clicks as the last engagement prior to the first time an app is opened, thus assigning credit to the fraudulent source and removing credit from an app’s organic or paid sources.

Attribution manipulation is a particularly harmful form of fraud because it not only costs marketers their spend, but it also corrupts performance data, causing marketers to make misguided acquisition decisions.

For example, the damage inflicted by a fraudulent source poaching organic users is twofold: an event reduces the number of organic users in a marketer’s analytics, as well as the perceived impact of organic user traffic on revenue growth. This can cause organizations to shift marketing away from efforts that target organic acquisition such as ASO or content marketing. Additionally, this can make a marketer invest more money in the fraudulent source, thereby diverting spend away from high-performing channels that drive legitimate traffic.

Attribution Manipulation is most commonly perpetrated via:

Click Injection

When fraudsters create apps that are legitimately downloaded by a user but, unbeknownst to the user, monitor the user’s device for installs and insert fake clicks before an app is first opened.

Click Spamming

This occurs when fraudsters send large numbers of fraudulent click reports with real device IDs in an attempt to poach organic users by delivering the last engagement prior to an install. Because attribution windows are typically limited to finite time periods, fraudsters often re-send fraudulent click reports in order to maintain their clicks as the last engagements within the attribution window.

While click injection is focused on sending clicks at the moment immediately before an app is first opened, click spamming is focused on sending clicks that contain a unique device ID in the hope that an ID matches that of an organic user who subsequently downloads the app. Compared to click spamming, click injection is a more sophisticated form of fraud that is easier for fraudsters to control and to hide. Because click injection receives signals that an app has been installed directly from a user’s device, click injection attacks are more targeted and therefore deliver better results for fraudsters.

Thankfully there are indicators to detect such scenarios. Since click injection generates a click after installation is complete, it tends to result in a short click-to-install time. Click spamming, on the other hand, results in abnormally long click install time, due to clicks lingering in the attribution system until a device with a matching ID organically installs the app. TTI analysis is one of the leading mechanisms to fight attribution manipulation and fraud in general.

Other forms of Attribution Manipulation also exist, including:

Network Click Fraud

Networks that report a click when only an impression occurred.

Fingerprinting Fraud

A technique that targets organic users for fraudsters to send clicks with no advertising IDs, causing attribution systems to fall back on fingerprinting — which relies on identifiers like IP address, device model, and OS version — to perform attribution. If an organic user on the same network installs the app, and other identifiers match up, the fraudulent source steals credit for the install from the organic source.

Want to get the full scoop on mobile ad fraud, including a list of the most secure ad networks for app marketers, and the most effective fraud prevention methods? Check out the Singular Fraud Index; the first of its kind to utilize mobile fraud data collected from multiple attribution providers and fraud prevention tools.

Why Some Ad Networks Are Taking Ad Fraud Way More Seriously

At a private event hosted by Singular earlier this month, mobile marketing leaders from Airbnb, Instacart, Sephora and more discussed recent trends in mobile ad fraud. Among the most talked-about subjects was the growing threat of attribution manipulation and how it is pushing some ad networks to step up their efforts in the fight against mobile ad fraud.

Today the majority of mobile ad fraud is perpetrated via attribution manipulation, whereby fraudsters steal credit for installs from organic and paid channels. Each month, attribution manipulation attacks account for roughly 70 percent of prevented ad fraud, according to recent data released by Singular.

“When installs are stolen from legitimate sources, ad networks become the victims of theft too,” said Yevgeny Peres, VP of Growth at IronSource. Payments that should have gone to ad networks for legitimate installs get diverted to fraudulent sources, costing the ad networks money and corrupting marketers’ performance data in the process.

As ad networks have seen attribution manipulation affect their bottom line, their incentive to fight fraud has become more closely aligned with that of marketers.

Fraudsters also steal credit from organic sources, causing advertisers to pay fraudulent sources for organic traffic. “When the KPIs of users attributed to a certain publisher are similar to the KPIs of your organic traffic, it’s usually too good to be true, and a sign that the publisher is stealing credit from your organic sources,” Peres said.

“It’s very hard for marketers to identify the channels that are actually controlling the full funnel of ad serving, as the right due diligence on each partner just isn’t out there,” Peres added. Singular’s Fraud Index — which was presented at the event — aims to add some transparency to the mobile fraud landscape by highlighting the 20 mobile ad networks driving the lowest rates of ad fraud.

Peres was joined on stage by UA leaders from Postmates and N3TWORK who discussed the challenges faced by mobile marketers in preventing mobile ad fraud.

Patrick Witham, who leads user acquisition at Postmates, spoke about the importance of developing a strong relationship with ad networks and including clauses in ad partner agreements that make it easier to process refunds for fraud. “In many cases, the ease with which you can recoup money for fraudulent installs really comes down to your relationship with the network,” Witham said.

Nebojsa Radovic, Director of Performance Marketing at N3TWORK, pointed out some tell-tale signs that a network might drive fraudulent activity. “When someone reaches out saying they can drive you 30 cent installs, you usually know something is off,” he said. “Often these networks have no idea where their traffic is actually coming from.”

At the event, Singular announced an enhanced version of its Fraud Prevention Suite aimed at helping resource-constrained marketing teams block fraud in real-time, before it can wreak havoc on their budgets and analytics. Singular’s fraud prevention suite utilizes all known prevention methods to ensure maximum protection against existing fraud threats as well as unknown threats to come.

“Time is the biggest problem,” Radovic added. “Most marketing teams just don’t have the resources to figure out what’s real and what is fraud.” With Singular’s enhanced Fraud Prevention Suite, now available to all Singular customers, Singular is hard at work solving this problem.

 

Download The Singular Fraud Index to see The Industry’s Most Active Fraud Prevention Methods & The 20 Most Secure Mobile Ad Networks

Singular Integrates Google Play Referrer API: A Major Step Forward In The Fight Against Mobile Ad Fraud

Singular is excited to announce our integration of the new Google Play Referrer API, a new way to securely retrieve install data from the Google Play Store that will dramatically weaken fraudsters’ ability to steal credit for app installs.

The Google Play Referrer API, which is now fully integrated into the Singular platform, will allow mobile measurement providers to effectively eliminate click injection fraud as a threat to mobile marketing budgets. Singular has been working closely with Google on the API along with a select team of mobile measurement partners.

As Singular’s landmark study on mobile ad fraud recently revealed, click injection attacks account for at least 35% of prevented ad fraud each month, making click injection the single largest threat to mobile advertisers today.

In click injection schemes, fraudsters create malicious apps that are legitimately downloaded by a user but, unbeknownst to the user, monitor the user’s device for app installs. Upon detecting an install, fraudsters steal credit from paid and organic sources in multiple ways:

  1. They send fake clicks that get recorded as the last click, thereby earning credit for the install.
  2. More sophisticated fraudsters also leverage Android’s internal messaging system to send their fake click’s Referrer to the app. Because attribution systems prioritize referrer messages over other touch points, this is a particularly effective way for fraudsters to steal credit for the install.

With the Google Play Referrer API, Singular now protects against both of these attacks with secure Referrer and Timestamp data made available in the new API.   

Referrer Verification

Referrer data provides a unique and versatile mechanism to deal with click injection and click spamming attacks, as it enables attribution providers to know, upon install, which click led to the store session in which the user installed the app.

An investigation by Singular’s Fraud Research Team also uncovered an attack named Referrer Injection, which leverages a security hole in the old implementation of this mechanism. Google’s new API addresses this issue and takes the industry another step forward in the fight against advertising fraud.

Referrer injection

A secure referrer allows Singular to generate a unique referrer for every click in real time while redirecting to the Play Store. The new API also provides a more robust way for Singular to access the referrer information ensuring better coverage and less attributions with no referrer information.

New Timestamps in the Google Play Referrer API

But not all clicks contain referrer data. In the case of organic traffic, or users who land directly in the Play Store, attribution providers don’t receive an ad click and therefore receive no Referrer data to verify.

In these cases attribution providers may lean on measuring the time between an ad click and an install to prevent the fraudulent activity. This method, often called Time to Install (or TTI in short), has proven problematic in the past as it’s hard to decide on the correct thresholds and balance between blocking click injection and accidentally blocking legitimate clicks.

Here, too, the Google Play Referrer API has made such prevention methods dramatically more effective by providing timestamps for different stages in the process, enabling these methods to become much more accurate and deterministic.

Two new timestamps in Google’s new API allow attribution systems to now see when:

  1. A user opens the Google Play Store; and
  2. When a user clicks install in the Play Store.

Here’s an example of the timestamps currently received by Singular following our integration with the Referrer API, with the new timestamps in bold:

  1. User clicks an ad [10:15:01]
  2. Google Play Store opens [10:15:02]
  3. User clicks install in the Play Store [10:15:05]
  4. User opens the app for the first time [10:15:37]

Injected clicks will arrive after Timestamp #3, when the malicious app receives a notification that an install has begun on the user’s device and starts sending fake clicks. Once the user opens the app for the first time the attribution provider would receive Timestamp #2 and all clicks that occurred after that time will be rejected. In such cases, fraudsters have essentially lost their window to inject clicks to steal organic traffic.

We applaud the Google Play Referrer API and Google’s commitment to equip advertisers and their attribution providers with the information they need to stamp out mobile ad fraud.

For an in-depth look at the industry’s most effective fraud prevention methods and the Ad Networks driving the lowest rates of ad fraud, download the Singular Fraud Index, the only study to analyze mobile ad fraud data from multiple ad fraud prevention solutions, revealing a first of its kind view of the mobile fraud landscape.

Download The Singular Fraud Index to see The Industry’s Most Active Fraud Prevention Methods & The 20 Most Secure Mobile Ad Networks

Singular Fraud Index: Analyzing the Industry’s Most Active Ad Fraud Prevention Methods & the Most Secure Mobile Ad Networks

Amid all the noise in the ad industry that data science and performance optimization can defeat mobile ad fraud, mobile marketers still suffer from persistently high fraud costs each year.

The fact of the matter is that while the ad industry loves to talk a big game about fraud, when it comes to actually doing something, the story is much different. More than 60 percent of marketers still lack active fraud prevention in their mobile marketing, recent data shows, emboldening fraudsters to exploit holes in analytics systems and develop new forms of fraud that evade the latest detection mechanisms.

But there are some marketers making progress in the fight against fraud. Our team took a deep dive into the latest mobile fraud data to examine how the world’s most sophisticated marketers are blocking fraud in real-time, before it can wreak havoc on their budgets and analytics.

The Singular Fraud Index is the first study of its kind to utilize mobile fraud data from multiple fraud prevention solutions, each with its own proprietary set of detection rules. With this unique dataset, we set out to answer two main questions: Which fraud signals are currently detecting and preventing the most fraud? And which media providers are doing the best job of keeping their sources clean?

We started by analyzing the many signals used by mobile marketers to block ad fraud in real-time. On the front lines of fraud prevention, when traffic is blocked and recorded as fraudulent, prevention systems send information about the signals used to detect the fraud, such as a “suspicious device” or a “blacklisted site”. By normalizing and aggregating these signals across billions of fraudulent engagements we were able to expose a breakdown of the top anti-fraud techniques that currently block the most mobile ad fraud:

One takeaway from this data is the numerous fraud signals that deserve credit for improving the industry’s ability to spot and block fraudulent activity in real-time. From IP Blacklisting to Time To Install (TTI) Anomalies, a multitude of detection methods play an important role in the first line of defense against modern-day attacks.

The most commonly triggered signals also shed light on where fraudsters are focusing their attacks. Hyper-Engagement Filters, Geographic Outliers and TTI Anomalies are all methods aimed at preventing attacks that try to steal credit from organic and paid sources, also known as attribution manipulation. The 70% of prevented fraud collectively blocked by these methods speaks to the prevalence of such attacks.

Attribution manipulation is a particularly destructive form of fraud as it not only costs companies their ad spend but also corrupts performance data, causing marketers to make poor acquisition decisions.

One way fraudsters steal credit for installs is by creating malicious apps that are legitimately downloaded by a user but, unbeknownst to the user, monitor the user’s device for installs and insert fake clicks before an app’s first open.

While marketers can’t do much about malicious apps finding their way onto users’ devices, they can ensure their attribution technologies are optimized to protect against attempts to hijack an install. One way is to utilize a fraud prevention solution that collects the timestamp of when an app’s file was downloaded, rather than the traditional technique of capturing the timestamp of an app’s first open. This capability — currently offered by Singular’s Fraud Prevention Suite — increases the accuracy and overall effectiveness of time to install filters used to block activity with irregular TTI statistics.

As analytics providers develop increasingly sophisticated detection methods and adapt to fraudsters’ ever-evolving attack patterns, so too must mobile ad networks work to ensure their traffic sources are protected.

That’s why we’ve decided to highlight in the report the 20 Most Secure Mobile Ad Networks in the industry. These networks drive significant volume to marketers while keeping mobile fraud rates well below the industry average. Mobile app marketers have long wondered where their ad dollars are safest — and we’re excited to finally provide the answer.

To view the complete list of of mobile ad networks driving the lowest rates of fraud, download the full report here.

With new fraud indicators constantly popping up and research progressing at a rapid pace, there remains much more to be discovered and done.

Singular is committed to advancing fraud research in the industry and offering fraud solutions that leverages all known prevention methods to ensure maximum protection against existing and future threats.

Singular’s newly enhanced Fraud Prevention Suite, which is now available to all Singular customers, analyzes countless fraud signals at the most granular levels to identify illegitimate traffic, while Singular’s fraud prevention engine automatically applies rules at the time of attribution to stop fraud in its tracks, keeping sources clean and media budgets focused on quality users

Learn more about Singular’s enhanced Fraud Prevention Suite here.

Fraud is still a major problem for mobile marketers — and part of the blame lies with the analytics industry. Third-party analytics providers treat fraud prevention as a luxury, offering it to marketers as a ‘premium’ add-on rather than a free feature embedded in the platform. Equally problematic is the complexity of existing fraud offerings — for instance, attribution platforms that place the burden on marketers to run their own statistical analysis to detect fraud.

Singular is rapidly changing this paradigm with fraud prevention that is effective out of the box and free of charge for customers. Our enhanced Fraud Prevention Suite streamlines statistical fraud analysis and equips marketers with the most comprehensive set of built-in heuristics to detect and destroy increasingly sophisticated forms of fraud with unprecedented precision.

Marketers are badly in need of solutions that not only detect fraud across their media providers, but prevent it in real-time, and we’re excited to keep pushing the industry forward in the fight to keep ad dollars secure.

Download The Singular Fraud Index to see The Industry’s Most Active Fraud Prevention Methods & The 20 Most Secure Mobile Ad Networks

Ad Fraud Tutorial Series: What is Device Hijacking?

With the tremendous costs of advertising fraud, it’s natural that advertisers are trying to learn as much as they can about how digital ad fraud is perpetrated and how to protect their businesses from its costs.

Singular wants to help. This series of tutorial blog posts is designed to provide insights and explanations into the causes of digital ad fraud and how data-driven advertisers can protect their app business from every form of digital ad fraud, including forms of ad fraud perpetrated by device emulators.

What is Device Hijacking?

We all have the assumption that what takes place on our phones is entirely under our control. We assume that we decide and are the arbiters of what is downloaded onto our devices, and what information passes from them to outside parties.

———–

Download the Singular Fraud Index

SIngular has just released its 2017 Singular Fraud Index, which reveals the mobile industry’s Most Secure Ad Networks. The Index is the first study of its kind to examine fraud data collected from multiple fraud prevention solutions, each with its own set of proprietary detection methods. Drawing on this unique dataset, the study exposes the effectiveness of today’s most common anti-fraud mechanisms as well as the 20 ad networks driving the lowest rates of fraud.  

Get your free copy here.

———–

Device hijacking violates every aspect of those expectations. With device hijacking, fraudsters take control of your device and manipulate both what takes place on it and what information enters and leaves it.

How Device-Hijacking-Based Ad Fraud is Perpetrated

To gain control of your device, fraudsters have a variety of tactics — each designed to convince you to download and install a malicious app. Here are two ways that this can take place:

  • The app may convince the user to voluntarily download it by offering some appealing but seemingly innocuous function like a flashlight. But inside the app is malicious code.
  • When you download an app, a second app might secretly be downloaded with it. Again, this is usually occurring on third party app stores where attackers have more leeway to deliver apps with malware inserted. Often those apps are invisible to the user.

Naturally, the major app stores spend a great deal of time and money trying to root out any would-be malicious apps. But device hijacking is all too common.

Once a malicious app is on your device, it goes to work creating problems for app advertisers, and potentially consumers as well.

Malicious apps can do many of the bad things that drive up ad fraud costs for app publishers. For example:

  • They can deliver thousands of ad impressions that are unseen by the device owner/user. The bad actor CPM-based media provider thus gets paid for ad impressions that never ran.
  • They can ad stack so that many ads are reportedly running in an ad space even though only one is visible to the user. The media provider is thus paid for many impressions at once.
  • They can (with Android apps) inject false clicks and take credit for installs when other apps are installed on a device.
  • They can accept IAP payments for virtual goods without transferring money to the publisher.

On the consumer side, malicious apps can also create real problems, including:

  • They can collect and transmit personally identifiable information that can be used for other forms of ad fraud
  • They can collect credit card details from consumers who erroneously believe that the app was issued by a reputable company
  • They can use lots of battery- and processing-power unbeknownst to the user

Detecting Device Hijacking in Your App Data

Often, the key to detecting device hijacking is in pattern recognition. When a single device ID delivers large numbers of clicks, for example, it can be a sign of ad fraud. Many times, analytics companies like Singular monitor such activity behind the scenes so that they can identify or block such activity.

Device hijacking can also be used to automatically install and uninstall apps to artificially boost install counts for a bad actor media source. Lots of installs and immediate installs from a single ID can be a vivid sign here.

These are just a couple of ways that device hijacking can be detected and its consequences flagged or blocked.

How Singular Helps Protect Ap Publisher Clients from the Costs of Device Hijacking

Singular offers an industry-leading ad fraud solutions that you can learn more about right here. For a capsule summary of some of the steps we take to detect and prevent ad fraud for our clients, read on.

———–

Singular’s New Anti-Fraud Improvements

Learn about Singular’s new Enhanced Fraud Prevention Suite. See how working with Singular can help protect and defend your business. Click for details.

————

With Singular, app publishers have complete access to digital ad performance, media investment, and revenue data for their business. This also means that Singular has a broad sample of data from many large clients. That provides unique advantages in detecting and protecting clients from digital ad fraud. Our fraud detection and fraud prevention technologies are a mix of the best-known techniques today as well unique proprietary techniques only we can offer.

We constantly examine data flow into our unified analytics platform, looking for signs of fraudulent activity such as illegitimate networks, IP addresses, devices, mismatches in targeting, and more. In addition, Singular IAPs with the appropriate app store to ensure that cash has changed hands before recording a purchase. Also, with full uninstall and user retention insights right in the platform, Singular helps you identify sources and campaigns with suspiciously high uninstall rates.

Additionally, we have pioneered the use of ROI analysis as a fraud detection methodology. Measuring and optimizing to ROI can be a great way of identifying legitimate versus legitimate installs because only legitimate installs will be generating revenue.

No analytics or attribution company will reveal all of the defenses it employs to protect clients from the costs and inaccurate data resulting from ad fraud. But we’ll be happy to provide clients and prospects more insight into our approach. Contact us for more information on the Singular solution and how it can help protect your business.

Download The Singular Fraud Index to see The Industry’s Most Active Fraud Prevention Methods & The 20 Most Secure Mobile Ad Networks

Ad Fraud Tutorial Series: What is Click Injection?

Digital ad fraud is a growing challenge for mobile application marketers. And fraudsters are constantly developing new methodologies to deliver fraudulent installs and other desirable consumer actions. This series of posts is designed to help app marketers understand the key methodologies for perpetrating mobile ad fraud, and how they can detect and defend their businesses against bad actors that would steal digital advertising investment from their brand.

This post is about the challenges that arise from fraudster use of click injection.

What is Click Injection?

The traffic flow for an install is a bit more complicated than for other forms of desirable digital advertising actions. With an install, there are extra steps that need to be considered — steps which provide an opportunity for app ad fraud. Here’s a brief synopsis of the process in five discrete steps.

  1. A user sees an ad and clicks on it, and is redirected to an app store (either Apple App Store or Google Play.) The ad network records the click and sends information about the time the click occurred to the attribution platform.
  2. The user downloads the app and installs it on their device
  3. The user must then launch the app in order for the install to register with the attribution provider.
  4. When the attribution provider receives the signal of an install, it then examines all of the ad signals it has received from ad networks to determine which network(s) deserve credit for that install. In most cases, credit for the install is awarded to the advertiser that delivered the last click before an install.
  5. If no clicks have been registered, then the install is counted as an organic install, and no credit is awarded to an advertiser.

Note: with self-attribution media sources, there’s an additional step, but it is not relevant to understanding click injection.

While sometimes apps are launched immediately after an install, in other cases there is a delay of minutes, hours or days. This delay provides fraudulent actors with the opportunity to claim credit for an install even though they actually did not drive it.

Innocuous-Looking Fraud Apps

The trick they use to do this is to encourage users to download and install a seemingly innocuous free app. For example, a flashlight or toolbar app. The app can function as advertised, but its real purpose is to perpetrate click injection fraud. Often such mobile apps originate in third-party Android app stores.

———–

Download the Singular Fraud Index

SIngular has just released its 2017 Singular Fraud Index, which reveals the mobile industry’s Most Secure Ad Networks. The Index is the first study of its kind to examine fraud data collected from multiple fraud prevention solutions, each with its own set of proprietary detection methods. Drawing on this unique dataset, the study exposes the effectiveness of today’s most common anti-fraud mechanisms as well as the 25 ad networks driving the lowest rates of fraud.  

Get your free copy here.

———–

It does this by listening for an “install broadcast” — a signal that an app has been launched for the first time on a device. The signal can include a campaign id, and the attribution provider uses this to determine which media source drove the last click.

When the install broadcast is sent, the app goes into action, informing the attribution provider that they just registered an ad click for the campaign, even though no click has taken place. By timing the fraudulent click to the moment of install, the fraudster ensures that it is the “last click” — it will get credit for the install when the app is actually launched for the first time.

An Android Phenomenon

Click injection is a type of ad fraud unique to Android, because only Android sends install broadcast messages to the apps on a user’s device at the moment of first launch. That broadcast is necessary to alert the fraudulent app to send a click signal to the attribution provider.

How Click Injection Hurts Your Data

The clicks that these fraudulent app claim to have occurred never actually occurred. Instead, they falsely claim credit for installs driven by other ad networks. Thus they can significantly distort attributions and through them budget allocations.

Detecting Click Injection

The primary way that companies detect possibly injected clicks by examining the timing of the reported click versus the first launch. With click injection, the timings are likely very close to one another. With other installs, the timings tend to take place farther apart, and follow a fairly consistent distribution. This pattern recognition is an important part of how companies detect and prevent ad fraud.

Defending Your Business Against All Forms of Ad Fraud

Click injection is one of the many ways that app businesses can be affected by ad fraud. Here are a few strategies to help you detect ad fraud in a variety of forms, and protect your business from the costs of ad fraud.

  • Anti-Fraud Tools: Some attribution and analytics suites offer tools to help marketers identify and prevent ad fraud. SIngular, for example, automatically offers many protections. Such tools often use signals like IP addresses, click and install pattern detection, and activity monitoring to pinpoint campaigns, partners and buying models that are driving suspicious app installs.
  • Common Sense: A deal that sounds too good to be true is likely to result in low-quality app installs.Marketers must constantly resist the temptation to sign up for media deals that sound too good to be true.
  • Focusing Resources on Trusted Partners: Most brands spend a great deal of money on installs. It makes sense, then, to focus dollars on partners that you know and trust.
  • Leveraging Retention and Uninstall Data: By comparing the set of user traffic attracted by different media companies, brands can learn a lot about user quality. Low user retention or high uninstall rates increasingly are seen as signals of possible fraudulent activity.
  • Use ROI Analytics as a Primary KPI:.When app publishers measure and optimize to ROI, you get both a true picture of the value of the user traffic that you are driving, and a powerful way to optimize your digital advertising investments.

Even a cursory review of this list reveals that seriously addressing ad fraud on your own requires a significant investment of time and money. That’s one of the reasons why companies look to their attribution and analytics providers to carry much of the water. Fortunately, Singular clients are protected from many of the costs and hassles of ad fraud with an unsurpassed set of fraud detection and prevention capabilities.

Singular and Ad Fraud

Singular offers an industry-leading fraud solutions that you can learn more about right here. For a capsule summary of some of the steps we take to detect and prevent ad fraud for our clients, read on.

With Singular, app publishers have visibility into ad performance, media investment, and revenue data. That provides unique advantages in detecting and protecting clients from fraud.

———–

Singular’s New Anti-Fraud Improvements

Learn about Singular’s new Enhanced Fraud Protections. See how working with Singular can help protect and defend your business. Click for details.

Download The Singular Fraud Index to see The Industry’s Most Active Fraud Prevention Methods & The 20 Most Secure Mobile Ad Networks

————

Our fraud detection and fraud prevention technologies are a mix of the best known techniques today as well unique proprietary techniques only we can offer. We constantly examine data flow into our unified analytics platform, looking for signs of fraudulent activity such as illegitimate networks, IP addresses, devices, mismatches in targeting, and more.

In addition, Singular verifies all Android and iPhone app IAPs with the appropriate app store to ensure that cash has changed hands before recording a purchase. Also, with full uninstall and user retention  insights right in the platform, Singular helps you identify sources and campaigns with suspiciously high consumer app uninstall rates.
These are just a few of the ways that Singular helps protect our clients from fraud. Contact us for more information on the Singular solution and how it can help protect your business.

 

Advertising Fraud Tutorial Series: All About Device Emulators

Advertising fraud is on many marketers’ minds these days. In a 2016 survey conducted by our team and VC firm Thomvest Ventures, 78% of enterprise app marketers reported that they were concerned about the costs of ad fraud.

At Singular, we consider it our duty to help those marketers by both providing outstanding anti-fraud services and by offering succinct and actionable education on ad fraud. As the leaders in the mobile app marketing analytics industry, Singular has spent tremendous time and resources analyzing:

  • Ad Fraud on mobile devices
  • Risk points for apps and app marketing
  • Key ways that marketers can work to mitigate the risks

All of this research has shown that the more clients understand about the risks and costs of fraud, the better prepared they are to act.

This post is all about device emulators and how fraudsters use simulated devices to perpetrate multiple forms of ad fraud.

What are Device Emulators?

Mobile devices send distinct signals. Attribution and analytics platforms collect and interpret those signals to record user actions and traffic to determine the provenance of installs and re-engagements.

———–
Download the Singular Fraud Index

Singular has just released its 2017 Singular Fraud Index, which reveals the mobile industry’s Most Secure Ad Networks. The Index is the first study of its kind to examine ad fraud data collected from multiple ad fraud prevention solutions, each with its own set of proprietary detection methods. Drawing on this unique dataset, the study exposes the effectiveness of today’s most common anti-fraud mechanisms as well as the 25 ad networks driving the lowest rates of digital advertising fraud.

Get your free copy here.
———–

Fraudsters try to fake clicks and other marketing-related actions by creating simulated devices that send signals they hope will be interpreted as if they come from bona fide mobile devices. A simulated device associates actions with faked device advertising IDs.

Device emulators can fake ad clicks as well as first launches that are intended to be interpreted as legitimate installs. Without robust ad fraud protection, a brand will erroneously believe that a legitimate install has occurred, and may pay the fraudster for that install (with CPI-based media) or credit that install to the fraudster (with CPC or CPM media buys.) In either case, the fraudster stands to garner undeserved budget from the app marketing team.

Naturally, device emulation isn’t perpetrated on a onesy twosy basis. Rather, a bad actor will array large numbers of device emulators in an attempt to secure large amounts of marketer spend.

Detecting and Preventing Emulated Device Ad Fraud

The greed of fraudsters often acts as an avenue into ad fraud detection. For example:

Device emulators might send a set of click/install/launch signals associated with a large numbers of faked IDs, then send an uninstall signal and repeat the install reporting. Too many installs rapid fire from a set of IDs is a great indicator of ad fraud.

Device emulators might send signals that they have installed an app with a fake ID, then send another set of ad click/install/launch signals with a different faked ID. Too many installs from heretofore unknown device IDs is a strong indicator that emulated devices are being used in an attempt to defraud the brand.

One faked install on an emulated device would be very difficult to detect. But fraudsters perpetrate their crimes in volume to steal large amounts of revenue. That makes the patterns much easier to spot.

There are many other ways that we at SIngular identify likely device emulators, many of which rely on pattern recognition using similar principles as above.

The Singular Approach to Mitigating the Costs and Risks of Ad Fraud

Singular offers an industry-leading fraud solutions that you can learn more about right here. For a capsule summary of some of the steps we take to detect and prevent ad fraud for our clients, read on.

Singular believes that the best way to help clients address the ad fraud challenge is with a combination of ad fraud detection and prevention. By layering detection and prevention, brands can enjoy maximum protection with minimum time resources dedicated to the challenge.

We take a different approach than do some others in the space which focus primarily on detection. Many companies focus primarily on detection because it is easier, and puts the primary onus of protecting a business on the client. After all, it is often easier to detect fraud after it occurs than prevent it from occurring in the first place. By contrast, we focus the majority of our time and resources on prevention to simplify and streamline your anti-fraud resource investments and mitigate the need for restitution in many cases.

———–

Singular’s New Anti-Fraud Improvements
Learn about Singular’s new Enhanced Fraud Protections. See how working with Singular can help protect and defend your business.
————

Singular monitors all of the campaign and spend data into our app analytics platform, looking for signs of fraudulent activity such as illegitimate networks, fraudulent clicks, suspicious IP addresses, faked devices, mismatches in targeting, and more. We also see all sides of a user relationship — ad metrics, spend, and post-install engagement/purchases. That helps give us and our clients a broad view into all of the key KPIs marketers use to analyze their businesses.

Further, the scale of our client footprint means that you benefit from the signals we collect and interpret across many large app businesses.. Singular’s client base of many of the largest players in gaming, retail, travel, on demand services and other verticals gives us a massive data footprint to examine so that we can stay ahead of the curve and provide unprecedented levels of protections for our valued clients.

With this extraordinary visibility into a large portion of the mobile app industry, Singular can detect and create prevention regimens with extraordinary speed and thoroughness as fraud approaches emerge and evolve.

To learn more about our comprehensive approach to fraud prevention, click here.

Download The Singular Fraud Index to see The Industry’s Most Active Fraud Prevention Methods & The 20 Most Secure Mobile Ad Networks

Mobile Ad Fraud Tutorial Series: What is Deceptive App Advertising Fraud?

Mobile ad fraud is on the mind of virtually every app marketer. While estimates vary, few dispute the assertion that app fraud costs our industry hundreds of millions of dollars per year.

To help app marketers better understand and respond to app fraud, Singular has launched a series of app fraud tutorial posts.

This post continues that series, providing information on mobile app fraud types, how they can harm your business, and how to protect yourself from specific types of app fraud. Here we also provide a topline summary of how Singular protects its clients from various forms of app fraud, and how you can learn more about the Singular fraud protection difference. Today’s post is about deceptive advertising app fraud. Deceptive app advertising refers to situations where a bad actor media partner creates and delivers a false advertising message to drive up campaign performance metrics and capture the maximum amount of brand marketing investment spending.

———–
Download the Singular Fraud Index

Singular has just released its 2017 Singular Fraud Index, which reveals the mobile industry’s Most Secure Ad Networks. The Index is the first study of its kind to examine ad fraud data collected from multiple ad fraud prevention solutions, each with its own set of proprietary detection methods. Drawing on this unique dataset, the study exposes the effectiveness of today’s most common anti-fraud mechanisms as well as the 25 ad networks driving the lowest rates of digital advertising fraud.

Get your free copy here.
———–

Savvy marketers know that the ads for their install and remarketing campaigns need to showcase the utility of their offerings, but be truthful. Deceptive app ad fraud usually occurs when a marketing team contracts with an ad network that makes its own ads in support of the marketer’s objective. Sometimes that forewarn clients that they want to make special ads for their properties that they believe will perform better than client supplied creative. Other times, they don’t provide notification to the client at all.

Deceptive App Ads and Fraud

Deceptive app ads are designed to drive higher response rates that will improve campaign metrics for a network. Some examples of deceptive app install ads include:

  • Ads that are deliberatively designed to mimic app UI
  • Messages designed to look like alerts or warnings from the user’s device
  • Creative executions that appear to be government warnings or messages
  • Advertising benefits that are not actually delivered by the app
  • Ads that use trickery or adult images to drive extra clicks and installs
  • Ads that offer rewards for installs that are never actually delivered

As you can see, many of these tactics represent both a consumer fraud and a fraud scam against the business.

While deceptive app ads can result in more of the desired consumer action, like installs, they are usually developed and fielded without a review by the client. For example, the publisher of an anti-virus app might contract with a network to drive quality installs, only to learn later that they created their own ads for the app that erroneously implied that the user’s device was already infected and that the only way to solve the problem is to download the client’s app immediately.

The Quality Problem

Deceptive app ad practices drive lower quality installs — individuals that rarely or never use them, or who never make in-app purchases. Thus, deceptive advertising fraud significantly limits a brand’s efforts at attracting and retaining profitable users. In this way, every install or user action driven by deceptive advertising represents theft to your iOS or Android app business.

Protecting Your App Business From Deceptive App Advertising Fraud

Almost every fraud strategy, including deceptive ap advertising, results in a data anomaly, like seeing far more installs from one ad network than average.Because fraudsters are greedy, they often max out their use of a fraud strategy like deceptive advertising — their actions can thus be relatively easy to stop.

That said, you have to be looking for fraud to spot it. Because most app marketing teams struggle with the amount of data that pours into their organizations each day, it can sometimes be difficult to detect fraud before it has cost your business signifciantly.

In addition to data signals, it can also be useful to monitor your customer service feedback loop and any communities where your suers congregate. You will be amazed at how quickly people will report fraudulent mobile advertising and inform your team of problems. But again, you have to be listing to hear the messages.

Some app publishers are naturally concerned that deceptive ads might put their businesses at risk of consumer backlash, ANA fines, FTC actions, lawsuits and other legal claims, or other punitive actions. Frequent violations of deceptive ad practice policies can also get brands blacklisted — something no advertiser wants to see happen to their business. One step some brands take here is to require that any media source planning to make its own ads for your app submit the messages for approval before they are released. That won’t stop fraudsters intent of perpetrating bad trade practice– but can help you mitigate the risks of a well intentioned but overzealous ad network.

Singular and Mobile Ad Fraud Fraud

Deceptive app advertising is just one of the forms of fraud that Singular monitors and works to prevent for its clients. Singular offers an industry-leading fraud solutions that you can learn more about right here. For a capsule summary of some of the steps we take to detect and prevent fraud for our clients, read on.

———–

Singular’s New Anti-Fraud Improvements:
Learn about Singular’s new Enhanced Fraud Protections. See how working with Singular can help protect and defend your business.
————

As mentioned above, the greed of would-be fraudsters is often the best tool we have to thwart them. The more they leverage a specific tactic to steal your money, the more visible will be the patterns and performance anomalies. Since Singular collects, cleans, enhances, and associates ad performance, cost and revenue data in a single place, our platform offers enormous power as a fraud detection and prevention emchanism.

With Singular, app publishers have visibility into ad performance, media investment, and revenue data. That provides unique advantages in detecting and protecting clients from fraud. Our fraud detection and fraud prevention technologies are a mix of the best known techniques today as well unique proprietary techniques only we can offer.

Singular monitors the flow of data into our platform, looking for signs of fraudulent activity and fraud schemes. W constantly scrutimize client data for peculiar performance and data patterns from ad networks, IP addresses, devices, mismatches in targeting, and more.

Further, Singular verifies every in-app purchase (IAP) with the appropriate app store to ensure that you recognize revenue from every reported purchase. With full uninstall insights right in the platform, Singular helps you identify sources and campaigns with suspiciously high uninstall rates. These are just a few of the ways that Singular helps protect our clients from fraud.

Mobile Ad Fraud Detection and Mobile Ad Fraud Prevention – Why Both Matter

As more and more marketers focus time and resources on mobile ad fraud, it’s important to talk about the best mix of approaches to protect your business. Broadly, there are two different kinds of fraud actions marketers and their mobile advertising partners can take:

  1. Fraud Detection Approaches: Fraud detection refers to technology and approaches designed to spot fraud and fraudulent activity in your data. Detection is about doing things after the fact of fraud.
  2. Fraud Prevention Approaches : Fraud prevention refers to ways in which we stop fraud from occurring or impacting our data. Prevention is about doing things before the fact of fraud.

These two concepts entered consumer pop culture in the US over the past several months as identity theft and identity fraud companies poked fun at competitors that focused on one or another approach. Here’s an example of one such ad.

While this commercial above discounts the value of detection as part of one’s protection strategy, the reality is that both detection and prevention play a critical role in protecting an individual or a business from fraud. In the context of the app industry, both detection and prevention play critical roles in protecting your marketing investments. Let’s explore the role that each should play for you.

The Key Role of Ad Fraud Detection

App fraud can affect your business in a variety of ways:

  • It can rob your business of marketing investment
  • It reduces your revenue and ability to monetize your IP
  • It creates major inaccuracies in your data
  • It inhibits your ability to optimize based on performance

Ad fraud detection helps to mitigate some of these dangers by identifying suspect actions so that marketers see them and can follow up. By constantly examining your marketing data for anomalies, suspicious patterns, and potentially fraudulent installs, events and purchases, fraud detection helps you to identify risks to your business along with pinpointing specific results that should be questioned or disputed.

With detection, the key to being able to spot possible fraudulent activity is granular data. We learn about bad actors and fraud tactics through ad fraud detection. The challenge of fraud detection is that the advertiser learns about fraud after it has impacted your business. It’s a great discovery tool, but does nothing to protect the advertiser from fraud as it occurs.

Different advertisers have different approaches to iPhone and Android ad fraud detection. One Singular innovation, is the ability to set alerts that will notify you when data anomalies warrant your attention.

The Key Role of Ad Fraud Prevention

Enter fraud prevention. Prevention helps protect a business by blocking fraud from affecting your business, data and bottom line. Some examples of ad fraud prevention include:

  • Automatically blocking IP addresses known to be used by cloud computing services from submitting app install or purchase signals. Such IP addresses don’t represent mobile web traffic — ergo, we know signals from them are likely fraudulent.
  • Blocking fraudulent sub-publishers from claiming app installs or post-install revenue events.
  • Automatically flagging any traffic whose timing indicates click spamming or the like.

Marketers love prevention strategies because these stop fraud before it occurs. This is clearly preferable to having to demand refunds or other corrective action from partners. Prevention is thus great when a business is under assault from previously detected fraudsters and fraud methodologies/

That said, prevention is far less effective at protecting an advertiser from new, rare, or more advanced fraud tactics. That’s because prevention by definition presupposes that a platform has been set to spot and block actions. That requires foreknowledge. New types of signals and patterns are much harder to prevent from impacting an Android or iPhone app business.

A Symbiotic Relationship Between Detection and Prevention

When you get granular and examine detection and prevention as concepts, it’s easy to see why both play a role in a robust anti-fraud strategy. Prevention can provide a barrier against known fraudulent actors and approaches, while detection can help identify new risks while ensuring that you can take corrective action where necessary to ensure the veracity of your data and revenue figures. In turn, detection can spot new forms of fraud that can then be stopped with new prevention approaches, rules and tactics.

Singular’s Approach: Fraud Detection AND Prevention

Singular offers an industry-leading fraud solution that you can learn more about right here. For a capsule summary of some of the steps we take to detect and prevent fraud for our clients, read on.

Unlike some players in the attribution and analytics space, who focus on the easier and less costly detection side of anti-fraud, Singular combines detection and prevention in its antifraud offerings, with a robust emphasis on both approaches.

Singular monitors the flow of data into our platform, constantly evaluation all of the signals for signs of fraudulent activity such as illegitimate networks, IP addresses, devices, mismatches in targeting, and more.

In terms of purchase verification, Singular verifies every in-app purchase (IAP) with the appropriate app store to ensure that you recognize revenue from every reported purchase. With full uninstall insights right in the platform, Singular helps you identify sources and campaigns with suspiciously high uninstall rates. These are just a few of the ways that Singular helps protect our clients from fraud.

———–
Singular’s New Anti-Fraud Improvements
Learn about Singular’s new Enhanced Fraud Protections. See how working with Singular can help protect and defend your business. Click for details.
————

Another key fraud advantage for Singular is the scale of its client footprint. Singular’s client base of many of the largest players in gaming, retail, travel, on demand services and other verticals gives us a massive data footprint to examine so that we can stay ahead of the curve and provide unprecedented levels of protections for our valued clients. With this extraordinary visibility into a large portion of the mobile app industry, Singular can detect and create prevention regimens with extraordinary speed and thoroughness as fraud approaches emerge and evolve.

Singular’s outstanding visibility into BOTH the ad performance and spend sides of the install category gives us unique advantages in detecting and protecting clients from fraud. Our fraud detection and fraud prevention technologies are a mix of the best known techniques today as well unique proprietary techniques only we can offer.

———–
Download the Singular Fraud Index

SIngular has just released its 2017 Singular Fraud Index, which reveals the mobile industry’s Most Secure Ad Networks. The Index is the first study of its kind to examine ad fraud data collected from multiple ad fraud prevention solutions, each with its own set of proprietary detection methods. Drawing on this unique dataset, the study exposes the effectiveness of today’s most common anti-fraud mechanisms as well as the 25 ad networks driving the lowest rates of digital advertising fraud.

Get your free copy here.
———–

Ad Fraud Tutorial Series: What is Ad Fraud?

Definition: Ad fraud is the practice of deliberately attempting to drive ad impressions that have no potential of being seen by a real person. Digital ad fraud is a crime – it is deliberate, premeditated, and designed to rob advertisers of value for their advertising spend.

Digital Ad Fraud v. Bot Impressions

Much ad fraud is driven by bots – software designed to automate repetitive tasks online. Google, for example, uses bots to examine millions of pages and apps every day to understand what content they offer. They use this data so they can deliver the best possible results with their search engines.

Google bots are obviously not malicious. They are not designed to defraud advertisers, though it is possible that a Google bot can trigger an ad impression while doing its job.

Bot-driven ad fraud is different. These bots are deliberately developed to load ad views so that the criminal entity earns advertising dollars. So, impressions delivered to bots are not necessarily ad fraud. It is the malicious intent that makes some of them fraudulent.

How Digital Ad Fraud is Perpetrated

There are a multitude of ad fraud tactics, which include:

  • Bots that secretly take over consumer PCs and spawn pageviews unseen by the user.
  • Networks of hijacked computers (“botnets”) that fake consumer traffic.
  • Virtual machines that mimic consumer-used PCs and rapidly spawn thousands of pageviews.
  • Videos that automatically play but which are extremely small or even invisible on the page.
  • Software that emulates multiple clicks occurring every time a consumer makes a real click.

These are just a few of the methods used. Ad fraud, and fraud detection, is a continuing arms race, with each protection breakthrough spawning an innovative approach to perpetrating fraud.

How Prevalent is Ad Fraud?

All researchers who have studied ad fraud identify it as a significant amount of total web traffic. The Association of National Advertisers (ANA) and online fraud detection firm, White Ops, conducted one of the largest industry studies, in which data showed that 11% of display and 23% of video impressions were caused by bots and botnets. Another leading industry association, the Internet Advertising Bureau (IAB), stated that almost 36% of web traffic was fake.

———–

Download the Singular Fraud Index

SIngular has just released its 2017 Singular Fraud Index, which reveals the mobile industry’s Most Secure Ad Networks. The Index is the first study of its kind to examine fraud data collected from multiple fraud prevention solutions, each with its own set of proprietary detection methods. Drawing on this unique dataset, the study exposes the effectiveness of today’s most common anti-fraud mechanisms as well as the 25 ad networks driving the lowest rates of fraud.

Get your free copy here.

———–

Protecting Yourself

It is important to be vigilant as regards monitoring for signs of fraud. Here are a few strategies to help you do just that:

  • Anti-Fraud Tools: Some attribution and analytics suites offer tools to help advertisers identify and prevent fraud. SIngular, for example, automatically offers many protections. Such tools may use signals like IP addresses, click and install pattern detection, and fraudulent activity monitoring to pinpoint campaigns, partners and buying models that are driving fraudulent app installs.
  • Common Sense: A deal that sounds too good to be true is likely to result in low-quality app installs.
  • Focusing Resources on Trusted Partners: Large or niche vertical media companies are more likely to have the scale and resources to detect and prevent fraud. Further, properties like social networks can leverage user account information to help ensure that installs come from legitimate people.
  • Leveraging Retention and Uninstall Data: By comparing the set of user traffic attracted by different media companies, brands can learn a lot about user quality. Low user retention or high uninstall rates increasingly are seen as signals of possible fraudulent activity.
  • Use ROI Analytics as a Primary KPI:.  Arguably, the best KPI to monitor and prevent fraud is ROI, or revenue divided by cost, as it is particularly difficult for fraudsters to simulate a sale, especially because most marketing analytics platforms — including Singular — verify in-app purchases with App Stores.

Singular and Ad Fraud

Singular offers an industry-leading fraud solutions that you can learn more about right here. For a capsule summary of some of the steps we take to detect and prevent fraud for our clients, read on.

At Singular, our unprecedented visibility into BOTH the ad performance and spend sides of the install category gives us unique advantages in detecting and protecting clients from fraud. Our fraud detection and fraud prevention technologies are a mix of the best known techniques today as well unique proprietary techniques only we can offer.

———–

Singular’s New Anti-Fraud Improvements

Learn about Singular’s new Enhanced Fraud Protections. See how working with Singular can help protect and defend your business. Click for details.

————

Singular monitors the flow of data into our platform, looking for signs of fraudulent activity such as illegitimate networks, IP addresses, devices, mismatches in targeting, and more. Further, Singular verifies every in-app purchase (IAP) with the appropriate app store to ensure that you recognize revenue from every reported purchase. With full uninstall insights right in the platform, Singular helps you identify sources and campaigns with suspiciously high uninstall rates. These are just a few of the ways that Singular helps protect our clients from fraud.

Singular enables data-oriented advertisers to connect, measure, and optimize siloed marketing data, giving them the most vital insights they need to drive ROI. The unified analytics platform tracks over $7 billion in digital marketing spend to revenue and lifetime value across industries including commerce, travel, gaming, entertainment and on-demand services.