Mobile Champions: Adjust's Andreas Naumann on mobile fraudsters becoming more aggressive

Mobile ad fraud isn’t a new issue, but it’s an increasingly pressing one as smartphones and apps become primary marketing channels. Reports on the subject estimate that total industry costs range from $6.5 billion to $19 billion — and that larger figure might be conservative.

Since mobile ad fraud has the potential to harm many parties — publishers and advertisers alike — it’s key to talk preventative measures. To this end, Tapjoy recently met with Adjust Head of Fraud Andreas Naumann to discuss how we can mitigate fraud across the in-app stack.

• The volume of mobile ad fraud hasn’t changed dramatically since 2016, but our awareness of it has.
• Only a few providers have the resources to tackle fraud, while most third-party fraud providers are spreading misinformation. Fraudsters will only get more aggressive as the pool of exploitable advertisers shrinks.
• It’s crucial to update SDKs to prevent malicious parties from exploiting your infrastructure.

I started working for Adjust in 2016. At first, I was a one-man team researching preventative measures for the most common fraud schemes. The culmination of this research was releasing our first iteration of the Adjust Fraud Prevention Suite in spring of 2016.

From thereon I was responsible for researching new schemes and building out a team of specialists supporting Adjust’s fight against ad fraud. In 2017, we started Adjust’s Coalition Against Ad Fraud (CAAF) as part of a concerted effort by industry leaders to mitigate the multi-billion dollar fraud market and its impact on advertisers’ ad spend.

The amount of fraud has not changed significantly in the past couple of years. It has always been alarmingly high. However, advertisers’ awareness — and therefore also their suppliers’ — has risen dramatically since 2016.

This naturally has positive and negative effects. A truly positive development is that most marketers are educating themselves and willing to go the extra mile for their company. On the negative side, a smaller group of industry players are on the lookout for shortcuts and ways to take advantage of less savvy people. However, the digital advertising industry is currently on a decent trajectory to reduce fraud in its ecosystem.

Our approach from the start has been to identify the most granular data point that allows us to identify a fraud scheme. We utilize that data to make a deterministic decision that we can use to deny attribution of fraudulent installs or of legitimate installs to fraudulent sources.

As a result, we achieve three things that are still not common in the MMP or anti-fraud space.

1. The cash flow to fraudsters is cut, meaning fraudsters can’t try and run with the money before anybody checks fraud reports.
2. The advertiser does not have to negotiate reimbursements, freeing marketers to focus on campaign improvements.
3. And finally, we still attribute to the correct demand source after we have identified the fraudulent one. This means eCPMs for legitimate campaigns targeted by fraud remain stable and campaign success is not impaired.

Generally speaking, the more people fighting the good fight the better. But only a few providers exist with the knowledge, means, and willpower to genuinely tackle fraud. Since there is fierce competition and basically no transparency in the space, a lot of misinformation is pushed from newer anti-fraud vendors. It is making the situation worse rather than better.

A common practice I see over and over when consulting with advertisers on anti-fraud vendor trials is dialing up “fraud detection” to the max without any regard for the long term effects. They do so to get advertisers hooked on massive chargebacks during the trial period. Naturally, partners cannot sustain this process for long, and false positives bear the risk of killing perfectly fraud-free campaigns by reducing publisher earnings below accepted the opportunity cost.

The hard part of fraud mitigation is doing it correctly, precisely, and proactively. Simply flagging fraud isn’t productive, but preventing the correct amount is.

The last evolution we have seen is spoofing of installs and events. Fraudsters are exploiting the communication structure the ad tech world is based upon. Solving this problem is not necessarily hard, but it is resource intensive.

The pool of exploitable advertisers is currently shrinking so fraudsters will be more aggressive. Unfortunately, solving this problem on the technical side is not good enough. We have secure software builds, but they need to be adopted by advertisers. In the coming years, advertisers that do not show diligence in protecting themselves from the simplest attacks — the ones that have been solved technically — will be exploited more than ever before.

Keep your SDKs updated. One update per SDK per year would solve a lot of problems.

Provide all data points throughout the user conversion funnel. The journey starts with the user seeing an ad (impression), so your measurement should as well.

Work towards full transparency. There is no merit in running blind campaigns for anybody if the traffic is legit.

Measuring or preventing fraud cannot be based on opinions. Make sure to agree on definitions and when in doubt, make sure they are part of the IO. Try to establish transparent definitions when working with third-party anti-fraud vendors as well. Fraudsters can’t hide from a good fraud filter just because they know how it works.

Marketing budgets are only increasing over time, and so is a fraudster’s incentive to steal from them. Ad fraud has been around for the past 20 years and, in one way or another, will most certainly be around for the next 20.

Tapjoy would like to thank Andreas Naumann for taking the time to join us. For more insights from our Mobile Champions, check out our interview with Susan Borst, VP of the Interactive Advertising Bureau (IAB).