Insights & Events
Share your PIE and eat it too
If you use an external tracking service, sharing your post-install event data with your network can have a tremendous impact on your ROI.
Insights & Events
10 December, 2017
As a mobile marketer, you’re used to thinking critically when planning and deploying ad campaigns. As ad fraud becomes increasingly prominent, it’s more important than ever that you apply this same critical thinking when analysing your results.
The reality is that the threat of ad fraud is constantly looming over any mobile marketing campaign. In 2016 alone, the problem cost US businesses an estimated $7.4 billion. Ad fraud presents a triple threat, where:
To help you improve your traffic quality, we would like to share some of the things our proprietary IVT mitigation solution, TrafficGuard, looks out for in our clients’ campaigns.
Hyper-engagement from one source may suggest impersonation from app farms/bots or ad stacking.
App install farms—groups that are dedicated to manipulating app or web store trends—continuously install, use, and uninstall apps. At first glance, they look like genuine installs because their behaviour mimics that of an actual user. They click an ad, the ad sends them to the app store and they download the app in an expected amount of time. It’s what happens after the install that is the give-away – low levels of engagement, mass uninstalls, low in-app purchases. This simulated traffic might look like a boosted user base, but don’t be fooled by the vanity metrics; these installs are not from actual users and represent no value to your app.
Other hyper-engagement indicators may include seeing the same user click on multiple ad campaigns at the same time – this would indicated ad stacking. Influxes of clicks at regular intervals also indicates non-human traffic and warrants further investigation.
These fraud tactics skew your performance data, ultimately robbing your marketing budget.
If you’re seeing traffic from outside of your targeted area, whether geographically or online (such as irrelevant/non-compliant websites), compliance fraud is the culprit. This form of ad fraud serves your ad up to real users outside of your targeted parameters and therefore may not be valuable to you. This will typically generate plenty of clicks, few of which convert to installs.
Fraudsters often use VPN’s or anonymous proxies to alter or hide the origin of the traffic. This helps them to obscure low value, out of target traffic to make it look like the premium traffic that commands higher payouts. In this case the advertiser pays a premium for low quality traffic, and their performance data for the target region is corrupted.
For apps with offerings tailored to specific regions, installs may occur from users who can’t access the service properly or fully. This user would be of nil value and it also impacts their goodwill with the app or brand should they be targeted with a local version in the future.
There are two things you need to know to understand unreasonably short times between ad click and install:
1. Despite being called an “install”, attribution of an app install actually occurs when an app is first opened.
2. Some mobile operating systems will broadcast to all apps on the same device that a new app is being downloaded.
Fraudsters take advantage of these two facts with a type of fraudulent tactic known as click injection. When a broadcast is made that an app is downloaded, a latent fraudulent app on the installer’s device will fire a click to the app store. The click will occur before the new app is able to be downloaded and opened, making it look like a legitimate conversion to the untrained eye. However, if the user opens the app as soon as it is installed, the time to install will be impossibly short (i.e. shorter than the time required to download and open the app under normal circumstances).
Occasional outliers with short times to install may be explained by device capabilities or bandwidth availability however high numbers from a single source point to fraud.
When a large number of installs from a single source occur a significantly long time after the click, you are likely seeing fraudsters trying to claim credit for an install from another source by sending click spam. (Remember: an “install” in the world of attribution actually refers to when an app is opened for the first time after it has been downloaded.)
Click spam is when a high number of clicks are sent to the app store in the hope of the click fingerprint, matching that of an install from another source. When a fingerprint match occurs, the fraudster gets paid for the conversion. The new app user is a genuine user, but they arrived at the app store either organically, or from another traffic source that deserves attribution. False attribution resulting from click spam skews the performance data you use to optimise your campaigns.
Suspicious behaviour post-install, such as users who never use your app, or immediately uninstall it, could indicate install fraud. However, determining genuine users by how they interact with your app after downloading it can be tricky, as install farms can simulate post-install activity as well as installs. The best way to identify this fraudulent behaviour is to watch for patterns over time. Any events that are happening in bulk, from single sources of traffic require investigation.
Mpire’s proprietary invalid-traffic mitigation tool, TrafficGuard, helps clients in the diagnosis of fraud through post-install event analysis across all of our campaigns.
Fraudsters are savvy. Fraudulent traffic is often diluted across many campaigns, with different partners and advertisers to avoid detection by the advertiser. One of the keys to identifying invalid traffic (IVT) swiftly, is observing activity from traffic sources across many campaigns to see where these patterns are occurring. One slow install on your campaign might not raise any red flags in isolation, but 1,000 slow installs observed from one source across many campaigns certainly would.
TrafficGuard analyses installs and post-install activity from 1000s of campaigns every minute. This broader perspective and abundance of data gives TrafficGuard the ability to identify patterns that would not be visible at an individual campaign level.
Photo by Braydon Anderson on Unsplash