The Achilles heel of mobile-first nation

Mobile ad spend has been a consistent portion of digital ad budgets accounting for about half of the global ad spend today. The reasons behind are pretty clear. Given the omnipresence of mobile devices in our lives today, mobile advertising is definitely one of the most effective channels for reaching out to a particularly large base of potential customers. The fact that it encompasses multiple advertising channels as well also makes it a preferred outreach media. With large number of companies focusing on mobile-first strategy majority of India’s ad spend are now shifting towards the mobile channels.

The popularity and money involved in mobile advertising have made it a magnet for the fraudsters. The threat of mobile ad fraud is looming large, draining marketing and advertising budgets at an alarming rate. According to the mobile ad fraud report by Appsflyer, 22.6% of global mobile media spend in 2019 was wasted on mobile ad fraud. The scenario appears even more abysmal, when one considers the collateral damages the frauds can cause on such as decision- making based on polluted data – a sheer waste of time, money, and resources.

India is not alone in facing the challenge. Other fast- growing countries with large population bases are also among the top target regions of these fraudsters. The large base of attack makes up for the lower payouts and is the reason that makes India the second-largest victim of mobile ad frauds globally, after Indonesia.

Exposure varies across platforms, verticals

Mobile ad fraud has emerged as a major concern, especially in the in-app advertising space, siphoning away budgets, reducing campaign effectiveness and making the entire ecosystem less trustworthy.

With USD 2.3 billion exposed to fraud in the first half of 2019 alone, mobile app install fraud is already a multi- billion dollar threat to the app marketing ecosystem. The larger the fish, the higher the chances of it being targeted by fraudsters, the Appsflyer report indicates. Data shows that 20% of large apps have more than 30% fraud, compared to 13% among medium-sized apps and only 8% of small apps.

Fraud rates on different platforms are also not the same. The percentage of Android apps that have a fraud rate of over 30% is 2.5 times higher than iOS that registered 12% such cases (see App install fraud: Global trend by platform). Similarly, the exposure to frauds is also different across verticals. For example, the finance sector is most exposed to fraud due to the high payout it offers and its scale, followed by shopping and business (see App install fraud: Top 10 financially exposed verticals worldwide).

Factors behind ad fraud menace in India

Absence of any strict industry regulation or punitive measures has worsened India’s ad fraud scenario further. According to Mobile Marketing Association (MMA) India Country Head Moneka Khurana, the lack of transparency and absence of standardized regulatory practices are the major reasons for the existence of fraudulent activities in mobile advertising.

“Lack of monitoring sources of traffic and using campaign metrics that can be easily manipulated by fraudsters are some other factors that contribute to ad fraud. The absence of open, real-time data sharing between marketers and ad space sellers makes the advertisement vulnerable to fraudulent activities at various stages of the publishing chain,” she said.

“As marketers start venturing into mobile platforms for marketing purposes, they also become susceptible to fraudulent activities due to the loopholes in the ad buying and publishing process,” Khurana added.

InMobi Managing Director for Asia Pacific region Vasuta Agarwal further pointed out that the rise of ad fraud can be attributed to several factors: the steady shift of advertising dollars to digital, increasing pressure to drive growth in highly competitive markets especially in the Asia Pacific focused on high Return On Advertising Spend (RoAS), and the fast-paced nature of technological advancement.

“When it comes to solving these, advertisers need to focus on quality growth and disincentivize fraudsters in the ecosystem. Also, there is no single standard for fraud detection or prevention today and this provides fraudsters with the opportunity to exploit chinks in the third-party measurement armous,” Agarwal stated.

mFilterIt Director and Co-founder Amit Relan pins the blame on the confusion related to the relevant IT laws and few gaps. “IT laws are generally confusing and have a few gaps as well and fraudsters simply take advantage of this situation. While mobile advertising has served the purpose of ensuring that developer interests are met properly, it has also become a platform for various types of fraud,” he said.

Relan further added that ad fraud situation gets even more confusing as it involves several complicating factors. “Fraudsters use different techniques to block businesses from discovering who they are. Even the methods that can track them can only yield an IP address or location which is useless to make a criminal case,” he stated.

A benchmark report on the state of Mobile Ad Fraud in India by The Mobile Marketing Association (MMA) reveals that Indian marketers’ awareness about ad fraud risks is very low with almost a fifth of the marketers are not fully aware how much of their mobile advertising budget is subject to ad fraud (see Ad Frauds: Eating into mobile ad spend).

Interestingly, the majority of respondents indicated that the lack of transparency and a clear system to penalize the perpetrators have caused the rise of mobile ad fraud in the country. The respondents also agreed that perpetrators are benefiting from the fraud and hence are evolving methods.

The MMA report also indicates that over 90% of the companies are using a solution or are planning to do so in the near future (see Fighting ad fraud: Current investment and intent to spend in solutions). According to the report, over half of the respondents pointed out that they were using solutions (mainly external) to help combat ad fraud, while about a third respondents said they were planning to do so in the next 6-18 months; only one in 10 of the companies are not considering a solution.

What hurt advertisers, publishers the most?

Although frauds targeting mobile app marketers and the publishers are evolving faster, the most common forms of frauds are invalid traffic (IVT), where fraudsters mimic genuine traffic to earn money illegitimately. IVT is fake traffic generated by bots, spiders, and crawlers. GIVT (general IVT) is highly transparent about its non-human origin, but SIVT (sophisticated IVT) is designed to appear human-like.

Ad stacking: Fraudsters stack multiple ads on top of each other. However, they make advertisers pay for serving the ads, regardless of where they are placed in the stack and even though the ad was never technically visible.

App spoofing: Fraudster sends in ad requests claiming to be a legitimate publisher and make advertisers pay for the ads that end up appearing on a different app than what the advertiser paid for.

Click spamming: Fraudster orchestrates clicks for users landing on their apps, or mobile pages, and claims credit for random installs the user made. Fraudsters also send fake reports of a large number of clicks in the hopes of misattribution and a potential payout.

Click injection: A sophisticated form of click spamming, which uses an app on the user’s device that listens to app installation broadcasts. When new apps are installed on the device, it triggers a click before the installation is complete, taking credit for the installs.

Retargeting fraud: Bots imitate the human’s intentions and deceive advertisers by visiting a website. They mimic the behavior of humans interested in a specific product. Some threats hurt users and therefore affect legitimate app publishers also.

Auto-downloads: A misleading ad resulting in an automatic download without the user’s intent or knowledge, usually downloading a malicious program to the user’s device.

Auto-redirects: A user is redirected to a page that resembles a known webpage, but loaded with hidden and visible ads, which are used to download malware to the user’s device or steal sensitive user data.

Malware: A bogus ad causes a user to download a harmful program. Those malware can be used to steal sensitive data, hijack phone functions, generate fraudulent traffic, or hold the device ransom.

Cryptojacking: Fraudsters serve up ads containing JavaScript code to mine cryptocurrency that leaves the users’ smartphone CPU and battery power drained.

Video ad fraud: Fraudsters are making money by arbitraging the difference between display and video CPMs (cost per thousand impressions). They simply earn more money by passing display inventory off as video.

Inappropriate ads: Most reputable mobile advertising platforms don’t allow offensive ads (nudity, bad language, drugs, etc.), but some advertisers intentionally obfuscate these ads to avoid detection. This can have a damaging effect on the user experience.

Tech tools to fight ad frauds

With fraudsters using increasingly advanced methods and tools to orchestrate attacks, it becomes even more difficult for organizations to fight them effectively. It demands constantattentionandadvancedtechmusclestoidentify and block potential attempts to fraud on an ongoing basis.

For example, machine learning (ML) can handle large volumes of data from varied sources and identify patterns of irregularity to fix the ad fraud issue. Blockchain also has been touted as a potential technology for the prevention of click fraud in the digital space. However, marketers in India are yet to understand and unlock the true value of these technology applications to prevent digital frauds.

“Marketers have a long way to go before these technologies can be put to positive impact in fraud detection technology,” Resulticks Co-Founder and Head of product and strategies Dakshen Ram said, adding that, “While marketers are aware of these technologies to detect and prevent fraud, they are challenged by the complexity of and lack of knowledge and experience in applying them.”

Don’t let your guard down:

Although there’s no denying that anti-fraud tech has always struggled to evolve fast enough to keep pace with fraudsters, hence it is always a good idea to follow some best practices to avoid such attacks. 

Here are some Dos and Don’ts:

Buying ad space: Buying ad space directly from publishers and programmatic buying platforms is one way to reduce susceptibility to ad fraud. When buying digital ad space, ensure that the seller has a transparency clause in their agreement, or works in a transparent manner with marketers, allowing them real-time access to data about traffic, impressions, etc. 

Do a background check of your publishers/networks: Checking the background of your publishers is of paramount importance as it helps you understand their target audience. Marketers need to keep an updated list of blacklisted media channels in-house, so that they know where not to publish their ads. 

Set a reasonable price for your campaigns: Setting prices for your campaigns too low or too high can be dangerous for advertisers. If you set a too low price for your campaign then you will get low-quality traffic in your campaigns. But, if you set too high a price for your campaign, then also there is no guarantee that you will get high-quality traffic. 

Check your campaign metrics regularly- When the publisher’s performance report does not match the real traffic on your website or the already established conversion benchmarks, there may be reasons to worry. 

Upskill your team: Advertisers need to start bridging the skill gap by training their staff about frauds and how they can curb it. Many a time, marketing teams get incentivized to hit the performance goals-unknowingly allowing ad frauds to continue. 

Use an independent and unbiased media-neutral Ad Fraud Detection Tool: Using an independent media-neutral Ad Fraud tool will allow advertisers to get the best protection for their ad campaigns immediately and ensure unbiased fraud analysis for advertisers.


(The story was first published in Voice & Data, September 2020 edition.)

Leave a Reply

Your email address will not be published. Required fields are marked *