fraud ecosystem, detection and prevention - amparo garcia, socialpoint
TRANSCRIPT
SOCIALPOINT
- We are a company based in Barcelona that was born 9 years ago
- We have almost 350 employees
- We have several profitable games of which can highlight Dragon City and
Monster Legends with more than 200 millions of installs. They have been on a
persistent way on the US Top grossing since their launch.
- Last January we were acquired by Take 2 interactive.
ECOSYSTEM
1. Basic Click Fraud
Fraudsters “fishing” for installs send random clicks at scale hoping to get a click attributed to a real install
Basic Fraud
Source
ECOSYSTEM
2. Basic Install Fraud
Simulated bots / farms create both a click AND an install. Bot/Server Installs
Basic Fraud
Source
ECOSYSTEM
3. Basic Engagement Fraud
Bots follow a pre-programmed engagement script to improve their retention, engagement and revenues.
Basic Fraud
Source
PROTECTION
Real Time protection/ Block
Employing a variety of rules and signals to block fraud in real-time before it taints your dashboard
Basic Fraud
Source
We need to fight fraud
When organic installs are misattributed:
ROI looks great, the marketer is happy, and the investment continues!
Source
Advanced Fraud
ECOSYSTEM
4. Click Flooding
Fraudulent provider send a massive number of clicks, hoping to deliver the last click before an install
Source
Advanced Fraud
DETECTION
4. Click Flooding Detection
There is no actual connection between the clicks and the install, look for even or highly linear patterns (macro view
of CTIT is required - increments of hours or days)
Source
Advanced Fraud
DETECTION
4. Click Flooding Detection
Click flooding generates an unproportionate amount of clicks, look for very low click-to-install conversion rates
and/or very high contributor rates
Source
Advanced Fraud
ECOSYSTEM
5. Install Hijacking
Malware hidden in apps detects an app download and then sends fraudulent click reports to capture the last click
before the app launch - which is when the attribution occurs
Source
Advanced Fraud
DETECTION
5. Install Hijacking Detection
The time between the fraudulent click and the launch are significantly shorter, look for an extremely short Click to
Install Time
Source
Advanced Fraud
ECOSYSTEM
6. DeviceID Reset Fraud
Bad actors reset their DeviceIDs between each install at scale, generating a massive amount of traffic from New
DeviceIDs while bypassing most real-time anti-fraud protection measures
Source
Advanced Fraud
DETECTION
6. DeviceID Reset Fraud Detection
Algorithms blacklist SiteIDs perpetrating this fraud. High install rates from New Devices or device with Limited Ad
Tracking (15%-20% is the normal rate)
Source
Advanced Fraud
DETECTION
6. DeviceID Reset Fraud Detection Limit Ad Tracking Exploitation
Fraudsters hide their install fraud by enabling Limit Ad Tracking on devices, and repeatedly installing apps.
Source
Advanced Fraud
DETECTION
6. DeviceID Reset Fraud Detection
● Look for high install rates from New devices or devices with Limited Ad Tracking. ● Algorithmically block SiteIDs known to perpetrate DeviceID Reset Fraud.
Source
Advanced Fraud
PROTECTION - The process that works for us
1. Make sure to understand what your third party provider is blocking2. Add fraud terms on your IO3. Validation- Enable real-time rejected install postbacks, including the rejection
reason.4. Enable transparent reporting in your fraud dashboards so partners can check
themselves fraud reports and clean their inventory.5. Review fraud performance data with network partners as part of
payment reconciliation
Advanced Fraud