Only a couple of years ago, mobile advertising was thought to be fairly safe and protected from most forms of digital advertising fraud, but fraudsters continue to find new loopholes and more sophisticated tactics to infiltrate smartphone-sized ads.
Today Dentsu-owned Fetch—a mobile agency that has notably made its fortunes from app-install campaigns for big brands in recent years—is partnering with fraud-detection company Forensiq to analyze the mobile campaigns that it runs for clients that have big app businesses like Expedia, StubHub and eBay.
“We see things that we think look odd—downloads happening very quickly after a click or it could include downloads happening [that have been] claimed by certain vendors where we haven’t been running any activity,” said Steve Hobbs, global head of media at Fetch.
“Where there’s money, there is fraud. Being 100 percent on top of it is an impossibility, but we think with Forensiq’s help we can get it significantly lower.”
Hobbs declined to say how much of the media that Fetch buys is fraudulent but said a “significant amount” of app-install inventory is dubbed suspicious.
David Sendroff, CEO and founder of Forensiq, said that it will, “look for patterns of automated clicks, automated installs, click farms, background clicks and incentivized installs.”
For example, cyber criminals often set up bots and phony websites and browsers—called proxies—to trigger fake downloads from campaigns that prompt consumers to download an app.
In another example, fraudsters are also stealing attribution data that tracks where a consumer downloads a mobile app.
“Similar to in the desktop environment, you may have heard of something called ‘cookie-stuffing,’ where the clicks are forced in the background of a browser and then if there’s any type of conversion, the affiliate will take the credit for the action,” Sendroff said.
“In mobile installs, to fake this type of attribution, there’s a lot of server-to-server tracking where the tracking platform gets pinged and then once the conversion takes place, the tracking platform looks for a device ID to match up the source of the install.”
There’s good reason why that scenario seems complicated. Unlike display campaigns that are priced on a cost-per-click (CPM) basis, app-install ads are priced based on the cost-per-click (CPC) and are typically more lucrative.
“There’s a financial incentive for fraudsters to take their time and code something that’s just printing money, essentially,” Sendroff said.
Based on what Forensiq finds, Fetch will “begin discussions around receiving certain refunds for any suspicious activity that we can prove to be not real” with its tech vendors, Hobbs said.
He added that Fetch will also, “work with the vendor to come up with a list of publishers that they work with to eradicate being prevalent in this space. This is also making sure that we’re doing what we can collectively to clean up the landscape as much as we possibly can.”