Advertisers across the globe expect that all online content is consumed by real people — potential clients ready to buy a product or service. Unfortunately, this is not always the case. The reality is quite saddening: the digital advertising industry is actually contaminated with growing levels of illicit activities, aka traffic fraud.

The scope of the problem

The problem began to escalate about four years ago,  exactly when big companies started to investigate traffic fraud activity. Google’s blacklist filter, for instance, removed about 9% of clicks on DoubleClick Manager. Beginning from 2015 things only got worse. As per Juniper research, ad fraud costs $51 million for advertisers every day, and it is forecast that advertisers will lose $44 billion by 2022, and $50 billion by 2025.

The digital advertising environment embraces AI, machine learning, and programmatic, to name a few, in order to provide users with a unique experience, personalization, and value. But the truth is, the fraudsters seem to evolve exactly at the same pace, mastering these technologies for evil intentions. According to Mediative, bots account for 9% of display ad views and about 21% of video ad views. From 3% to 37% of programmatically bought impressions are from bots and display ads sold by publishers with higher CPM rates are 39% more susceptible to bots.

Mobile fraud also flourishes and expands in magnitude, ravaging companies’ budgets, tarnishing data. Just imagine: approximately 4% of application paid user acquisition budget is actually stolen by fraud. Mobile fraud is raging; it is something to be taken seriously. It is a burning issue to be discussed with the marketers and proper education on fraud dangers is vital.

Programmatic: innovative approach drove innovative threat

The advent of the programmatic era has changed the advertising landscape, specifically, selling and buying processes. Publishers work with Supply Side Platforms in order to sell their inventory to the advertisers. At the same time, the advertisers work with Demand Side Platforms for bidding. These operations are fulfilled millions of times a day within the blink of an eye. Programmatic has become a win-win situation for publishers and advertisers in terms of revenues and ROI. However, the multi-billion dollar market which programmatic is today attracts the attention of villains.

In 2017 the “3ve” operation took place — the most sophisticated and complex in the history of digital advertising so far. The case was a typical traffic fraud scheme; it was fulfilled via selling forgeries of premium publisher inventory and human audiences. The fraudsters generated revenues by selling the most valuable assets. The exceptional sophistication of the fraud was reflected in a series of disconnected procedures — the fraudsters managed to dynamically devise ways to disguise their bots. Even after the traffic went to blacklist, the operation continued. Busted in one place, the bots reappeared in another.

Traffic fraud operation is a wake-up call for the entire digital advertising industry. It is not just about the urge to reinforce the existing guards and measures; it is also about the necessary approaches to be adopted in the fight with automated fraudulent activity:

  • Ads.txt. Indeed, the industry demands such standards: they are relatively simple, effective, and work as a shield for the platforms.
  • Being proactive. Due to traffic volumes being prone to inherent variability, the ad fraud rate of the company must change over time.
  • Application of layered approach. Bots are really good at mimicking human behavior. In view of this, we recommend using a layered approach — an in-house defense accompanied by third-party verification for searching for computers controlled by bots.
Common fraud types

In the context of mobile fraud, education is the first stage in tackling a deep-seated problem. Let’s have a look at the major ad fraud sources.

  • SDK spoofing — a type of fraud which is very hard to detect. A fraudster generates installs that look legitimate when no real installs take place. The main mission of this fraud type is stealing a portion of the user acquisition budget from an advertiser. A fraudster creates a click and matches it to an install session, thus testing the setup.
  • Click injections — almost the same as click spam only a little more sophisticated. During this type of operation, a fraudster would use an application for hijacking at a specific time and with specific information in order to create ad-click and result in CPI payouts. This type of fraud is used to steal the ad budget initially intended for reaching a wide audience. Marketers remain in a delusion that their campaign works well. But in fact, it doesn’t.
  • Click spam — the operation starts when a user finds himself on an application or mobile web page where the fraudster operates. A fraudster can click in the background while a user is engaging with the application, and send impressions-per-clicks. The fraudster application can generate clicks 24/7. Click spam captures organic traffic and makes an advertiser pay for the users acquired organically.
  • Fake installs and in-app purchases — with the help of emulation software a fraudster forges installs in order to claim ad revenue. A special device is used where a fraudster creates a user to engage with the ads. As a result marketing funnel receives misleading or fake data.
How MGID deals with traffic fraud

The estimates and projections for the current year underline the importance of cooperation with trusted and credible platforms that comply with standards and have proved to be reliable. There are organizations that monitor and provide comprehensive fraud analysis, on the basis of which they compile rankings and lists of the most trusted platforms. For instance, TAG provides a list of companies awarded the “Certified Against Fraud” seal. In addition, we highly recommend collaboration with MRC-accredited vendors offering identification, scanning, and real-time blocking for advertisers’ protection within the programmatic ad environment.

As far as our methods are concerned, MGID uses over 80 dynamic parameters to assess a system, plus program and behavioral constituents of each display and click coming through. Even though we are certified by the key auditors in the market, we significantly exceed the requirements from a technical standpoint. Apart from the programmatic component, the traffic quality is constantly monitored by our tech analytics team. Their work is a guarantee that you pay for real users. Trusted partnership plays a crucial role in tackling traffic fraud; it provides inventory transparency and a collaborative approach in searching for attackers.

Finally, we’d like to provide our readers with three tips:

  • Buy the inventory that provides the maximum transparency of its origin;
  • Pay attention to behavioral factors of the traffic you buy;
  • Last but not least: report all the inconsistencies in expectations and reality. Detection at an early stage helps the market be prepared for the further development of the fraud industry.