Mappvault (Apk Encryption & alternate app store tracking)

The Challenge

Advertisers’ apps are placed on alternate APK app stores, without the approval of advertisers. Malicious code is embedded along with the app which result in malware e.g. shortens a phone’s battery, slows down handsets and uses data bandwidth by increasing background data activity, displays bogus ads in the app, and in some cases results in information theft from the users, thus posing a major threat to the brand value of the app.

Example of malicious code injection
  • Copycat - ad malware attack from last year, infected over 14 million Android devices
  • Cyber attackers high jacked apps, repackaged them with the malware and allowed them to be downloaded from third-party app stores.
  • First, the adware rooted the user’s device, giving the attackers full control of the device, and leaving users defenceless.
  • Next, the adware injected code into the app launching process. Attackers were able to receive attribution, for fraudulently installing apps and by substituting the real referrer’s ID with their own.
  • Moreover, the adware displayed fraudulent ads while hiding their origin, making it difficult for users to understand what’s causing the ads to pop-up on their screens.
  • CopyCat also installed fraudulent apps directly to the device, using a separate module.
  • These activities generated large amounts of profits for the creators of CopyCat.

Our Solution

Mfilterit provides two level of protection from this kind of fraud. Firstly, its uses proprietary algorithms & advanced tools to encrypt the apk, so that it cannot be decompiled. Each download is individually tracked and in case someone tries to modify the app, the tool provides an option to remotely kill the installation as well. Secondly, under App-store tracking service Mfilterit’s BOT scans more than 30 Alternate App Stores for advertisers’ apps. The APK files are decompiled from respective alternative app store and compared with the original files on the Google Play store. Any instance of additional malware code is flagged off to advertiser. We provide a wide coverage of your apps via alternate app stores, and help in improvement of your organic traffic and reach to customers.

Incent Activity Tracker

The Challenge

Basis the intent of the user, two key types of campaigns run in the market. Incent (where user gets some incentive to install the app, such as a coupon/cashback etc.) and Non-incent (where user clicks the ad to install the app due to actual interest in the app.) Generally, the cost of acquisition via incent campaigns is much lower than non-incent and in an ideal scenario, a publisher is supposed to do the acquisitions as per the requirement of the advertiser. However, fraudulent publishers run non-incent marketing campaigns over incent platforms where the user downloads or uses the app for a certain incentive rather than an actual interest in the app, which leads to high amount of user churn for the advertiser. Further, there are many torrent and porn websites where advertiser’s website or app are promoted. This directly impacts the brands image:
  • Brand visibility at a substandard website affects the advertiser’s brand image
  • It brings low quality users resulting in low engagement
Fraudulent publishers generally mix this traffic with high quality click spam / click injection traffic. This results in an average quality traffic, making it difficult to identify fraud. This concept is illustrated in the matrix below.

Our Solution

Identify fraudulent publishers who mix the incent traffic within non-incent traffic and flag to the advertiser. We track over 50 incent walls/ portals to see if the advertiser’s non-incent campaign appears at any of these. The list also includes a comprehensive list of porn and torrent websites. In case the advertisement of the Client appears on the blacklisted locations, without their consent, our automated system clicks on the ad to identify the publisher. An automated report is generated and sent to the advertiser daily as a summary with all details of the fraud which helps advertisers identify publishers that are mixing incent traffic within non-incent traffic, basis which advertisers can take appropriate actions. Customers of Mfilterit Fraud detection suite get the tracker integrated with their offering. The installs from the publisher are flagged under incent category automatically. Proof points of screenshots and tracking URLs are also provided to the advertisers.