How to avoid fradulent attribution when promoting apps

Digital Marketing, Online Advertising, Tracking
Page content

The Hidden Threat in App Promotion: Fraudulent Attribution

The mobile app market is a battlefield. Developers and marketers pour enormous resources into acquiring new users, with global app install ad spend projected to reach a staggering $118 billion by 2022. At the heart of this investment lies a critical process: attribution. Mobile app attribution is the science of connecting a user’s app installation to the specific marketing campaign, ad network, or even the exact creative that drove it. Accurate attribution is the bedrock of a successful user acquisition strategy, allowing marketers to understand their return on investment (ROI), optimize their ad spend, and scale their most effective campaigns.

However, a shadowy industry operates in parallel to this legitimate marketing activity: ad fraud. Fraudsters are constantly devising new and sophisticated ways to steal a piece of the lucrative app install pie. They do this by manipulating attribution systems, making it appear as though they are responsible for driving installs that they had nothing to do with. This fraudulent attribution not only wastes precious marketing budgets but also pollutes marketing data, leading to flawed decision-making and ultimately hindering an app’s growth.

This article will delve into the murky world of fraudulent attribution, exploring the most common types of ad fraud that plague app promotion campaigns. We will also provide a comprehensive guide on how to detect and prevent these fraudulent activities, empowering you to protect your marketing investments and ensure the integrity of your attribution data.

Mobile Ad Fraud

Common Culprits: The Many Faces of Ad Fraud

To effectively combat fraudulent attribution, it’s essential to understand the various tactics that fraudsters employ. Here are some of the most prevalent types of ad fraud that target mobile app promotion:

1. Click Spamming (or Click Flooding)

Click spamming is one of the oldest and most common forms of ad fraud. It involves a fraudster generating a massive number of fake clicks from a large pool of real users who have not actually interacted with an ad. The goal is to be the last click recorded before a user organically installs an app. Since most attribution models credit the last click for the install, the fraudster illegitimately claims the credit and the associated payout.

How it works: A user might have a malicious app on their phone that secretly generates clicks in the background without their knowledge. This app could be a seemingly harmless utility app, a game, or even a flashlight app. These clicks are then sent to attribution providers, hoping that one of them will be the “lucky” last click before a legitimate install.

2. Click Injection

Click injection is a more sophisticated and insidious version of click spamming. Instead of sending a high volume of random clicks, click injection targets users who are already in the process of installing an app.

How it works: A fraudulent app on a user’s device monitors for “install broadcasts” – signals that another app is being downloaded from the Google Play Store. Just before the installation is complete, the fraudulent app “injects” a fake click, effectively stealing the attribution from the legitimate source that drove the user to the app store in the first place. This method is particularly damaging because it targets users who have already shown a clear intent to install, making the fraudulent attribution appear more legitimate.

3. SDK Spoofing (or Traffic Spoofing)

SDK spoofing is a highly deceptive and difficult-to-detect form of ad fraud. It involves fraudsters reverse-engineering the communication between a real app’s software development kit (SDK) and the attribution provider’s servers.

How it works: Once they have cracked the communication protocol, fraudsters can generate fake app installs and engagement data from their own servers, making it appear as though real users are installing and interacting with the app. This type of fraud is particularly dangerous because it doesn’t require any real devices or users. The fraudster can create a “bot farm” on a server and generate thousands of fake installs, all of which appear to be legitimate to the attribution provider.

4. Install Farms (or Device Farms)

Install farms are a more low-tech but still effective form of ad fraud. They involve large numbers of low-cost workers or automated bots using real or emulated devices to manually install apps and engage with them to simulate real user activity.

How it works: These farms can be located anywhere in the world and can be scaled up or down depending on the fraudster’s needs. The workers are often paid a small amount for each install, and they may be instructed to perform certain in-app actions to make the installs appear more legitimate. While less sophisticated than SDK spoofing, install farms can still be difficult to detect, especially if the workers are using real devices and are located in different geographic locations.

Install Farm

Your Defense Arsenal: Detecting and Preventing Fraudulent Attribution

Now that you understand the enemy, it’s time to build your defenses. Combating mobile ad fraud requires a multi-layered approach that combines vigilance with advanced technology. Here are some key prevention and detection methods:

1. Monitor Key Metrics Vigilantly

Your campaign data is a treasure trove of information, and it can often reveal the tell-tale signs of ad fraud. Be on the lookout for anomalies in your key metrics, such as:

  • Unusually high click-through rates (CTRs) with low conversion rates: This could be a sign of click spamming, where a large number of fake clicks are being generated but are not resulting in actual installs.
  • Abnormal install patterns from a single source: If you see a sudden spike in installs from a single publisher or ad network, it could be a sign of an install farm or SDK spoofing.
  • Very short click-to-install times (CTIT): A very short time between a click and an install can be a red flag for click injection, where the click is being generated just before the install is complete.
  • High install volumes with low in-app engagement: If you see a large number of installs but very little activity within the app, it could be a sign of an install farm where the workers are only being paid to install the app and not to engage with it.

2. Work with Reputable and Transparent Partners

The ad networks and publishers you work with can be your greatest allies or your biggest liabilities in the fight against ad fraud. It’s crucial to partner with established and transparent companies that have robust anti-fraud measures in place.

Before you sign a contract with a new partner, ask them about their fraud detection and prevention methods. Do they have a dedicated fraud team? What tools and technologies do they use to combat fraud? Are they transparent about their traffic sources? A reputable partner will be happy to answer these questions and will be transparent about their processes.

3. Leverage Fraud Detection Platforms

In today’s sophisticated ad fraud landscape, manual detection is often not enough. A variety of specialized platforms use machine learning and AI to detect and prevent ad fraud in real-time. These tools can identify suspicious patterns, block fraudulent traffic, and verify the authenticity of installs.

Some well-known platforms in this space include Scalarr, TrafficGuard, and CHEQ. These platforms can be integrated with your attribution provider and can provide an additional layer of protection against fraudulent activity.

4. Monitor In-App Events Closely

Tracking user behavior after an install can be a powerful way to identify non-human patterns. Real users will have varied and logical engagement with your app, while bots may exhibit repetitive or nonsensical actions.

For example, a real user might spend a few minutes browsing your app, completing a tutorial, and then making a purchase. A bot, on the other hand, might just open the app, click on a few buttons, and then close it. By monitoring in-app events, you can identify these suspicious patterns and flag the associated installs as fraudulent.

5. Implement Install Validation Techniques

For Android, technologies like the Google Play Referrer can help validate that an install is legitimate. The Google Play Referrer is a unique identifier that is passed from the Play Store to your app upon installation. This identifier can be used to verify that the install came from the Play Store and not from a fraudulent source.

For iOS, you can verify install receipts with Apple to confirm that the app was downloaded from the App Store. This can help you to identify and block installs that are coming from fraudulent sources, such as install farms.

Conclusion: A Proactive Stance for a Secure Future

Fraudulent attribution is a persistent and evolving threat to the mobile app ecosystem. However, by understanding the different types of ad fraud and implementing a multi-layered defense strategy, you can protect your marketing investments and ensure the integrity of your attribution data.

Remember, the fight against ad fraud is not a one-time battle; it’s an ongoing war. You need to be constantly vigilant, monitoring your data, and adapting your strategies to stay one step ahead of the fraudsters. By taking a proactive stance against ad fraud, you can ensure that your user acquisition efforts are built on a solid foundation of accurate and reliable data, paving the way for sustainable growth and long-term success.