mFilterIt Blogs

Apps AdFraud: Stealing an App Install AFTER Install



With the push towards higher and higher KPIs and engagement checks by
advertisers for their App Install campaigns, it has become more and more difficult for publishers to generate revenue simply on the trading game. The alternative: Resort to AdFraud.

Till recently the Click Spamming fraud whereby fraudulent publishers would fire thousands of fake clicks continuously to capture organic traffic was the way to go for publishers to generate revenue and at the same time provide fantastic quality and meet KPI benchmarks for advertisers.

We have recently come across new fraud in the App Install (CPI/CPR) advertising campaigns driven through affiliate networks where Organic and Inorganic installs driven through other networks / publishers are being captured and converted to your name! It is an amazing process of simply stealing an install attribution right at the very last stage of the attribution cycle :

Capturing the Install AFTER the Install has been done!!

When an app is installed and opened, only then an attribution platform tracking gets enabled. This is part of the Android OS restrictions whereby an app is not allowed to execute simply upon being installed. However, after an app is installed (organically or inorganically), and BEFORE it is opened by the user, there is a small period of time. Typical studies done by us indicate an average gap of 10secs between an install and actually the app being opened for the first time. This increases substantially for larger sized apps (since users will typically start doing something else while the download is happening).

Now, many publishers have malicious apps which detect the install of an app on the device (Android actually has a basic API to allow other apps on the device to know about a new app install!) and trigger a ‘fake’ click from the background AFTER the install but BEFORE the user opens the app. Simply by this one fake click, the install has been STOLEN from organic or even other inorganic channels! The reason? Attribution platforms attribute the install based on the last click received. In this case, the last click was received by this fraudulent publisher overwriting the organic attribution or even the inorganic attribution of some other network!

Since the fraud publisher did not have to fire thousands of fake clicks to capture the install, the CR% (which was a good indication of Click Spamming fraud) will no longer work. Since this will capture both Organic as well as Inorganic installs, the quality of users acquired will be average. So the normal indicators of Click Spamming no longer work.

Size of this Fraud :

We estimate Click Spamming to be swindling $15m of Ad Spends each year within India. This is an estimate based on detection we have done for many of our clients and is only an estimate number.

Solution :

We at mFilterIt detected this fraud in the Indian market as recently as 1 month ago and are able to track and detect these frauds deterministically as part of our AdFraud tool mFilterIt. Many of our customers are getting benefitted by this solution and savings thousands of dollars in ad spends which are being wasted on paying for Organic traffic or incorrectly captured traffic. mFilterIt is now validating more than 1m installs on a daily basis and working with many of the top apps advertisers in the country. Our aim is to provide value and savings to our clients on their Ad Spends which are getting wasted on fraudulent activities in the advertising world.

Please get in touch with us to understand this fraud better and how we can help you save thousands of dollars which are being wasted!!