Mobile app fraud is a topic of growing concern among app developers and publishers. And for good reason. While estimates of the costs of Android and iOS app fraud vary, a recent Forensiq study estimated the losses at well over $1B a year.
In-app fraud has been an issue of some import since the app business started to take off. Its toll is heaviest is the mobile app ecommerce (especially IAPs) and paid install arenas.
Most experts agree that the incidence of fraud are climbing at an even faster clip than total category marketing spend. After all, the more money brands spend on app marketing, the more appealing our industry is to bad actors.
And we all know that install spending has exploded in recent years. A recent eMarketer report showed that spend should top $6B this year, and almost $7B in 2018.
For Apsalar, fraud prevention and fraud detection across mobile devices has been part of our mission since our founding. As the number of fraudulent tactics as well as the total costs of fraud have increased, so too have our efforts to help clients combat bad actors in the industry. This post is designed to outline some of the ways that we help clients through proactive fraud protection.
What is Mobile App Fraud
At its core, the subject of mobile app fraud refers to overtly illegal activity that is intended to rob app publishers or consumers by mimicking legitimate activity on iOS, Windows and/or Android devices. Some of the specific examples of iOS and Android mobile app fraud include:
- Unauthorized versions of legitimate mobile apps that rob the publisher of potential revenue and may also steal the identities of users.
- Malicious apps in the App Store and/or Google Play that look legitimate but actually hijack devices for the purpose of delivering lots of unseen ad views.
- Illegitimate ad clicks and views for ad campaigns designed to drive installs and re-engagements. When publishers or networks are paying publishers on a CPC basis, such mobile app click fraud actions steal revenue from ad budgets
- Faked app ecommerce IAP purchases that mimic the signals of a transfer of funds when none has actually occurred. The fraudster gets fast income but the app publisher gets nothing.
- Piggybacking, where the permission-based install of one app is unknowingly paired with the installation of another app(s) that the user did not want.
- Device emulation, where a fraudster has computers that send signals that appear to be from real devices but are actually fakes.
App fraud is deliberate and criminal. As mobile app ad spending and the app market have grown, so too have the instances of app fraud.
From the beginning, Apsalar has been at the forefront of efforts to give our customers information and insights designed to help them address acts of mobile ad fraud and in-app fraud. The following is a summary of just a few of the ways we help protect the budgets and data integrity of our customers and work to protect the industry as a whole.
1. Protecting clients from multiple types of fraud via identifying traffic from suspicious sources
As part of our service, Apsalar monitors the flow of data into our platform, looking for signs of fraudulent activity. For example, we recently spotted a set of IP addresses – each sending install data to our platform about every 10 seconds. By identifying and blocking this clearly illegitimate activity, we protected the integrity of client data – and client UA budgets. We are constantly evaluating traffic to identify potentially illegitimate/fraudulent networks, IP addresses, devices, etc.
2. Protecting clients from IAP fraud via verification of IAPsMobile application IAP fraud rates are high and growing. To help mitigate against the risks of IAP fraud, we compare reported IAPs with actual verified IAP data from the app stores. By eliminating illegitimate IAPs from our data, we help clients get a true picture of the effectiveness of their marketing and the health of their businesses.
3. Protecting clients from illegitimate smartphone app installs via uninstall data
Install fraud protection is an arms race in which forces for good must constantly adapt to changing fraud strategies. But one of the best ways to identify potential sources of illegitimate installs is via high uninstall rates.
Uninstall data is a diagnostic aid to help clients identify both issues and opportunities. High uninstall rates are not necessarily an indication of fraud, but they do offer a signal that a situation may warrant some investigation.
Apsalar was the first mobile app attribution provider to include uninstall attribution in its platform. Data from our first quarter of service showed vendor uninstall rates ranging from about 6% across all clients to almost 80% over a four week period. Using uninstall measurement as a tool to identify potential fraud incidence is powerful because regardless of changes in the ways that fraudsters perpetrate their crimes, the low quality of such “installs” can’t easily be hidden when uninstall counts are extremely high.
4. Protecting clients from illegitimate installs via user retention data
Another way our data help clients mitigate mobile application fraud risks is by providing insight is via user retention data. App retention data refers to the number of people who continue to engage with an app after the first launch. By reporting retention rates for different vendors, campaigns. etc., we provide invaluable insights that can help clients identify specific publishers or partners that deliver low quality and fraudulent installs.
5. Protecting clients from illegitimate installs via mFilterIT
Through our partnership with mXpresso, we have integrated access to their mFilterIT deterministic validation solution. Their technology validates the genuineness of the app installs using data and methodologies that are not in control of the bots/emulators. This detection is done in a real time basis, providing immediate blocking of payouts for fraudulent installs. Clients that contract with mXpresso for this service can see their data right in our platform.
Protecting clients against fraud is a constant challenge, and we also employ a variety of tactics and protections not listed here because we don’t wish to telegraph all of our strategies to bad actors. But constant innovation to help clients prevent fraud from fraud is a central element of everything we do.
Best of all, Apsalar’s mobile app antifraud services (with the exception of mFilterIT, which is not an Apsalar product) are available to customers as part of our basic service. No additional cost. Because protecting clients against fraudulent activity and bad actors is job one.