Fraud Prevention

Aided by Kochava, Uber Recovers Millions from Ad Fraud Scheme

Riley Emmer — Wed, 06 Jul 2022 22:35:01 +0000

CASE STUDY

Aided by Kochava Experts, Uber Recovers Millions from Ad Fraud Scheme

VERTICAL: Ride-share | SOLUTION: Kochava Foundry^TM Strategic Services

Started in 2009, Uber is the world’s largest ride-sharing company and has innovated the mobility-as-a-service industry with its expanding service offerings such as Uber Eats, Uber for Business, Uber Freight, and more.

TAKEAWAYS

Challenge

To drive growth for their ride-sharing business in both Uber Drivers and Uber Riders, the Uber marketing team spent millions of dollars on advertising campaigns with various agencies and advertising networks across a multi-year period.

Uber had concerns about both ad fraud and brand safety. Most specifically they wanted to ensure their ads would not be displayed on publisher apps or websites with adult content or other controversial material. In an effort to protect themselves, Uber included legal clauses in their insertion order (IO) contracts with networks & agencies to require transparent reporting of all publisher site IDs where their ads would appear.

Although Uber’s user acquisition campaigns seemed successful based on the performance reporting provided by their ad networks and agencies, the marketing team grew suspicious that the reported KPIs were simply too good to be true. Additionally, they were receiving a growing log of first-hand accounts from customers reporting Uber ads appearing on adult content sites and extreme news publications. Uber knew they needed to get to the bottom of what was going on, but to do so they needed help.

Solution

Uber engaged the fraud solutions team at Kochava, based upon their reputation as the leading fraud experts in the mobile advertising industry and their history of serving Fortune 500 companies. An initial consultation with Kochava data scientists and fraud analysts confirmed the validity of the concerns from the Uber team – a deeper investigation was most certainly warranted.

Uber officially hired Kochava to conduct an in-depth fraud audit. Over 58 billion transaction records were onboarded to Kochava’s secure data lake for processing through Kochava’s advanced, AI-driven fraud detection and mitigation suite.

The records included Uber app installs and events, impression and click logs from marketing campaigns across multiple ad networks & agencies, and much more. The data was vetted for the presence of fraud by Kochava’s collection of over 24 distinct fraud detection methods. These methods utilize machine learning, pattern recognition, and other AI-driven modeling that sniff out ad fraud tactics including click flooding, install hijacking, site ID spoofing, and device ID reset fraud, among others.

Impact

The Kochava fraud audit produced evidence of significant ad fraud and violation of the IO terms set forth by Uber across multiple ad networks and agencies. The financial impact of the audit’s findings was significant enough to lead Uber to formally file lawsuits against multiple agencies and the ad networks they worked with. Uber’s in-house counsel retained the services of Reed Smith, a globally renowned law firm, who called on Kochava as expert witnesses throughout significant law and motion practice relating to fraud and racketeering claims.

“Kochava’s investigative fraud work was comprehensive and thorough. Their ability to illustrate the complex inner workings of digital ad fraud to the courtroom audience had a profound impact on the success of our litigation. Justice was served.”

–Randall Haimovici, Associate General Counsel, Uber

With the investigative fraud audit and expert testimony provided by Kochava, Uber’s in-house counsel and Reed Smith recovered over $6 million in damages from one lawsuit alone. Members of the team from Kochava, Uber, and Reed Smith spoke about the case and what it means for digital advertising to a standing room only audience at Mobile World Congress (MWC) 2022 in Barcelona.

If your KPIs seem too good to be true, trust your instincts. A Kochava fraud audit can help you reduce your fraud loss and clean up your traffic for better genuine performance.

IMAGE: Grant Simmons, VP, Kochava Foundry (second from right) speaks on stage at Mobile World Congress (MWC) 2022 in Barcelona about Kochava’s role in Uber’s successful litigation. He is joined by Randall Haimovici, Associate General Counsel, Uber, and John P. Bovich, Partner, Reed Smith.

Watch the MWC 2022 Session HERE

Contact Kochava today to see how we can help.

This use case is one example of the impact of Kochava solutions for publishers. Kochava makes no guarantee of individual results.

The post Aided by Kochava, Uber Recovers Millions from Ad Fraud Scheme appeared first on Kochava.

Click Flooding Rears its Ugly Head in OTT and CTV

Leslie Amadio — Wed, 22 Sep 2021 17:49:11 +0000

OTT Fraud: hot advertising platform, same old fraud

Advertising on over-the-top (OTT) and connected TV (CTV) channels have become a surefire way to reach a broad and engaged audience. But with the good, comes the bad, and fraudsters are up to the same tactics to nab attribution credit (and your ad dollars) through click flooding.

Unfortunately, no channel is safe when it comes to fraud. The amount of money spent in advertising attracts too many opportunists looking for a way to cash in from a loophole in the advertising infrastructure, and OTT and CTV channels are no exceptions. With a surge in campaigns on these two channels, our Kochava Foundry^TM experts are seeing fraud from the ad signal, the data stream of impressions and clicks sent from partners, in the form of click flooding.

What is click flooding?

Click flooding (also called click spamming) is a fraud tactic wherein a rogue publisher entity may use programmatic scripts, bots, or other mechanisms to send a “flood” of fake clicks for a specific campaign offer. In some cases, ad networks may even trigger click tracking tags when serving impressions. This manipulates the attribution waterfall by reporting low-intent impressions as high-intent clicks, which have a greater chance of winning attribution for a conversion. Although the install conversions may be from legitimate users, the attribution is not because credit has been stolen from the true source through a flood of fake click signals. Click flooding is no different with OTT campaigns and marketers utilizing Kochava can monitor click flooding in the Kochava Fraud Console.

Mitigating fraud through your OTT media buying strategy

How you buy your media is one way to protect your OTT campaigns from excessive click flooding. OTT ad buying methods include programmatic, platform direct, and publisher direct, and each method of OTT media buying has its pros and cons.

Programmatic buying occurs on an exchange via an ad partner. Platform direct means you are buying directly from one of the major platforms, such as Roku or Vizio, whereas with publisher direct, you’re buying from one of the major publishers, such as Hulu or Paramount+. Of the three, programmatic is the most cost-effective. Although it has the broadest audience reach with cross-platform, cross-service, and cross-device addressability, programmatic also carries the highest risk for click flooding. The main reason for this method’s vulnerability is because there is no instructional file, such as an ads.txt or plist, to act as a manifest of who’s allowed to serve ads for the advertisers. Its absence makes it easier for anyone, including fraudsters, to operate on a programmatic exchange.

On the other hand, while platform direct and publisher direct cost more and have limited audience reach, advertisers can better negotiate their terms. As with media buying on mobile channels, build strong relationships with the partners working on your behalf with these methods. Request transparency by having site/publisher IDs displayed and unobfuscated in their reporting to see where ad interactions are actually coming from.

Other mitigation strategies

Keep an eye on your click-to-install (CTI) ratio. If a click represents a viewer actively engaging with an OTT ad and showing intent (eg, tapping an ad with their finger, or clicking on it with their CTV remote), then it’s reasonable to expect they’re far more likely to install the target app. Hence, would you expect that it should take 10,000 clicks to drive one install? Unlikely to say the least. Find your baseline CTI ratio and then keep an eye out for specific partners or sub-publishers that far exceed the normal threshold average. Exorbitantly high CTI ratios are a sign that something’s amiss.

Monitor time-to-install (TTI) and time-to-engagement (TTE) metrics and analyze anomalies for potential fraud. When these data points are mapped out, abnormal TTI & TTE distributions can be evidence of campaign manipulation, particularly when witnessed at scale and isolated to a particular source.

Distinctly label your OTT campaign trackers by source and placement. This practice will provide clean and clear traffic segmentation to quickly narrow in on the source of an anomaly.

The Takeaway: Stay vigilant, question anomalies

The popularity of OTT and CTV platforms has attracted advertisers but unfortunately fraudsters as well. As with any digital advertising channel, it’s important to stay vigilant and monitor reports from ad partners. By monitoring clicks, impressions, and events, especially by site ID/publisher, anomalies may be noted. You never know if that anomaly could be evidence of a bigger problem so don’t undermine validating it by having a conversation with your media partner or your Client Success Manager at Kochava.

Not sure where to begin in monitoring for fraud on your OTT and CTV campaigns? Our Kochava Foundry^TM team can help. Contact us for more information.

The post Click Flooding Rears its Ugly Head in OTT and CTV appeared first on Kochava.

Get Your Ad Spend Out of Jail

Leslie Amadio — Tue, 07 Sep 2021 17:21:03 +0000

Catch Jailbroken Device Fraud

Fraud wears many masks, and fraudsters are using jailbroken devices with no or customized operating systems on them to perform a variety of fraudulent tactics.

“Jailbroken” iOS phones or “rooted” Android ones are devices in which the operating system has been deleted, replaced, or has had restrictions removed so that the user has access to features normally prohibited. Users may jailbreak devices intentionally to have more control over their device, customize its look, and/or download apps outside of the mainstay app stores (called “sideloading”). However, it’s no surprise that these phones are also more susceptible to fraud through malware. Fraudsters have used jailbroken devices to automate ad fraud through emulators and custom scripts that execute app installs and in-app events.

Identifying fraud

The Kochava software development kit (SDK) uses proprietary processes to identify jailbroken devices. Since these devices are still able to download apps legitimately from the app store, they’re not considered fraudulent by default. It’s actually quite normal to have a small amount of jailbroken devices in a campaign. The Kochava Foundry^TM team has observed that between 3% and 5% of normal campaign traffic may come from jailbroken devices. When jailbroken and rooted devices occupy a much larger share of total traffic, suspicion should arise.

How many jailbroken devices is too many?

Fraud detection tools can only go so far and are not designed to catch all anomalies because a fair amount of legitimate traffic would be omitted too. As such, identifying fraud is often a collaborative effort between an app marketer and the Kochava Foundry team. In the case of one client, their team detected several jailbroken devices on their end and asked the Foundry team to validate their findings, research further and obtain intel about the media partners involved.

Further analysis uncovered a small cohort of media partners, whose acquisition traffic showed 35% of iOS installs and 65% of Android installs were jailbroken or rooted. Compared to the average percentage of jailbroken/rooted devices among other media partners and organic traffic, this was a major outlier. Drilling down further to a publisher (site ID) level, the Foundry team observed that around 18% of the media partner’s sub-publishers on iOS campaigns had 100% jailbroken devices. Separately on Android, 10% of sub-publisher sites had 100% rooted devices. This intelligence enabled the marketer to collaborate directly with the media partner to root out (no pun intended) the bad publishers from the batch.

The tables above represent a more typical distribution of jailbroken/rooted devices in a campaign.

What signs can you watch out for?

While jailbroken/rooted devices aren’t behind every type of fraud, here are some signs you can be on the lookout for. If you see them, ask questions and get in touch with our team to help investigate.

Abnormally high post-install events: Fraudsters give marketers the success they want to see. If there is an atypically large number of your target conversion event being reported, make sure it’s legitimate. The Foundry team can help and in validating, there is always a possibility of uncovering a deeper level of fraud whether jailbroken-related or other. Pay for the success you’ve earned, not one that might be inflated.

Great acquisition performance. Poor down-funnel performance: Sometimes, the way fraudsters hide is the very thing that gives them away instead. If there is a large number of installs but poor post-install event performance, something’s amiss. Evaluate the time-to-install (TTI) and time-to-event (TTE) distribution to ensure there isn’t a disconnect. By mapping these two metrics, fraud may emerge as a cluster of installs with a disproportionately abysmal lack of post-install activity.

Takeaway: Know the signs of jailbroken device fraud

As a general rule, too much of anything in a campaign may be reason enough to investigate its validity. When anomalies can’t be explained, that’s when it’s time to get experts involved.

Want to know how the Foundry team can help you? Request a free consultation.

The post Get Your Ad Spend Out of Jail appeared first on Kochava.

Fake Emails Lead To Discovery of Install Farm Fraud

Leslie Amadio — Wed, 25 Aug 2021 17:51:49 +0000

How the Kochava Foundry team uncovered an install farm for a fintech company

Fraud isn’t always blatantly obvious at first but can creep into campaigns, hiding in plain sight as good traffic. Thankfully it does, however, always leave a trail. Real-time mitigation solutions stop the lion’s share of fraud from the most common tactics, but marketers need to remain vigilant of data anomalies nonetheless—although they don’t immediately signal fraud, it pays to have experts dig in. If something stands out as different or strange in your data, don’t let it go. It could be an indicator of a much larger fraud being committed.

That’s exactly what happened to a fintech services app running a large campaign in EMEA, and it all started with a grouping of fake emails linked back to what had appeared to be a successful acquisition campaign. The fintech marketing team contacted Kochava Foundry^TM to determine the cause, but how the Foundry analyst investigated may surprise you.

The anatomy of a fraud investigation: First, attempt to explain anomalies

When presented with an anomaly, Kochava Foundry analysts do not immediately suspect fraud because if initially set on proving fraud without much evidence, that could cloud the investigation and overlook simple data errors or alternative explanations.

In the case of this fintech company, our analyst first worked on the assumption that the campaign traffic was legitimate (innocent until proven guilty) and sought potentially reasonable explanations for the anomalies. Developer testing, event tracking implementation issues, and other errors were reviewed and eliminated as potential causes.

Next, the analyst looked at the app’s traffic during the campaign. The campaign was running on a cost-per-engagement (CPE) model, and it drove an impressive amount of signups, the target event. As the analyst probed further, he saw a disproportionate number of the signups within the campaign time frame had absolutely no subsequent money transfer events. By segmenting the newly acquired audience cohorts by attributed network and sub-publisher, it became clear that the exponential spike in signups with no transfers was isolated to a specific grouping of sub-publishers. While the typical rate of signup-to-no-transfer was 30-40% across most paid and owned media, these cohorts displayed a signup-to-no-transfer rate of 99%. This was a major outlier and highly suspect. It became the first red flag that install farm fraud was likely at play behind these publishers. The hypothesis was that an install farm was clicking campaign offers, quickly installing the app, then completing the target CPE event with a fake email before then uninstalling the app to rinse and repeat the process.

Confirming the tell-tale signs of install farm fraud

Once there is evidence of a type of fraud, in this case, sequenced app activity from an install farm, the Foundry analyst checked for other “confirming symptoms” of that fraud tactic. Among other symptoms, he specifically looked for:

Outliers in the time-to-install (TTI) distribution between the attributed ad click and first app launch (a.k.a. install)
Outliers in the time-to-engagement (TTE) distribution, the time between first app launch/install and completion of the signup event
Abnormally high percentage of older device types and operating systems (OS)

Assessment from multiple angles

Both TTI and TTE were plotted against the device cohort from these sub-publishers alongside the rest of the fintech company’s omni-channel media partners. The distribution from the suspect cohort was strikingly homogeneous (meaning the timing was similar across all converting devices). This is a commonly observed outcome when install farm workers are performing the same rinse & repeat process across racks of devices. On the other hand, other publisher sources displayed a non-homogeneous distribution trend where TTI and TTE naturally varied according to expected human behavior differences.

To further confirm that an install farm was at play, the analyst observed the makeup of device type and OS among the suspect cohort. As suspected, the makeup was overwhelmingly older models, whereas the audience from all other publishers had a healthy distribution across new and older devices and OS versions.

These indicators were combined with other proprietary install farm detection methods and solidified the outcome of the Foundry investigation. The Foundry team then advised the fintech marketing team on the next steps to mitigate the issue and secure make-goods from the media partners involved.

Pulling on a thread, but making no assumptions

Most of the time with respect to fraud investigations, the Foundry team is evaluating odd campaign data based on something the client is questioning. In this case, the fintech company saw a set of suspicious-looking emails and asked the team to explore them further. Once the analyst detangled some of the data threads, fraud was the evident culprit.

Real-time anti-fraud tools are necessary and effective, catching the majority of the fraud occurring in the ecosystem. However, marketers must stay vigilant to anything that looks suspicious or even too good to be true. For this fintech app’s campaign, much of the traffic looked normal, and it wasn’t until the traffic was analyzed from different angles to prove its validity that the fraudulent characteristics showed pointing to install farm fraud perpetrated by a subset of publishers.

Want to know how the Foundry team can help you? Request a free consultation.

The post Fake Emails Lead To Discovery of Install Farm Fraud appeared first on Kochava.

Ensure Quality Hashed Email Identity Matches Through Data Cleansing With the Kochava Collective

Leslie Amadio — Wed, 09 Dec 2020 16:46:35 +0000

Marketers receiving HEM-to-MAID data feeds from the Collective leverage data cleansing algorithm to ensure quality matches

With increasing data privacy in the ecosystem, particularly with iOS 14, marketers need to make the most of the first-party data they obtain from users for marketing purposes. Marketers receiving hashed email data feeds to better understand their audience in the absence of device identifiers, will now have their data feeds cleansed by the Kochava Data Science team.

While the data feed provides you with raw data, it’s common practice to cleanse the data to remove corrupt or duplicate data. With our data cleansing service, you can ensure that the matches you receive are high quality because it undergoes a rigorous cleansing process which includes:

Validating single provider data sets by comparing them to interprovider data. Inconsistencies among device types and hashed email values are identified and removed from the database.
Comparing data sets to identify and validate high-quality matches.
Temporarily removing (“pruning”) single-source matches, identifying tightly closed loops of quality matches, and removing any suspect links to create a trusted validated cluster of HEM to MAID matches. If there are devices with too many links to one email, called “super clusters”, those are considered questionable and are removed.

With so much data, you need a trusted partner to ensure you’re working with the most accurate data matches possible.

For more information, contact CollectiveSupport@kochava.com.

The post Ensure Quality Hashed Email Identity Matches Through Data Cleansing With the Kochava Collective appeared first on Kochava.

New Year, New Mobile Ad Fraud Strategy

Leslie Amadio — Tue, 08 Dec 2020 19:08:24 +0000

Get a FREE fraud assessment to help prevent future losses

As we head into a new year and all the changes it will bring, now is a good time to evaluate your fraud prevention strategy with our free Mobile Ad Fraud Assessment tool.

Fraud prevention may have taken a backseat with all the news coming about Apple’s data privacy policies with iOS 14, but you can still take steps to prevent fraud now. While identifying fraud will change for iOS, there are still ways to mitigate it on all OS platforms. By identifying fraud now, you can implement prevention strategies for future ones.

Get your free fraud score

Just like you should check your credit score periodically, as marketers, you should be regularly assessing your fraud score.

Grant Simmons, our resident expert on mobile ad fraud and VP of Client Analytics here at Kochava, recommends checking for fraud by starting with a cohort and seeing what kind of signal you’re receiving because if not, fraud can easily “creep in” and be stealing attribution even before you notice a big problem.

“You should always be listening, but I recommend doing ‘stress tests’ to understand what’s likely happening. Take a cohort and see what ad signal is being received and what the credit is being given to that ad signal. Based on that, you might identify some opportunities for improvement,” Grant said during a recent livestream with the Mobile Marketing Association.

He said that often, marketers focus more on the real-time data they receive and don’t take the time to step back to assess the bigger picture.

With our Mobile Ad Fraud Assessment tool, you can do just that—assess your most recent campaign and get a fraud report of the most common types of fraud identified. With a minimum requirement of three months and data from at least three networks, we’ll run your data through our fraud algorithms and flag up to 12 types of fraud.

You’ll receive your fraud score in less than 24 hours. What’s best is that we won’t leave you alone to determine how to mitigate any damage identified. We feel strongly about fighting fraud and enabling a transparent ecosystem, and we’ll help you stop the fraud identified and help prevent it in the future.

Get educated!

An informed marketer is one who continually is learning how to spot fraud. When fraud is identified, it is an opportunity to know how to prevent that type in the future whether it’s being more vigilant about insertion order (IO) requirements or setting custom thresholds in traffic for prevention.

Keep in mind that the wider your audience reach, and the cheaper the cost per install (CPI), the more likely your publisher sites may exhaust their inventory and include more marginal, low-quality, and potentially fraudulent traffic.

“Every DSP [demand-side publisher] out there has a great list of publishers, but as they try to reach the acquisition goals required, traffic starts to get more marginal and can cross over into shark-infested waters. Make sure you have that real-time mitigation in place as soon as possible,” Grant said.

Get started today with our free Mobile Ad Fraud Assessment tool by filling out the form here.

The post New Year, New Mobile Ad Fraud Strategy appeared first on Kochava.

What’s Your Ad Fraud Score?

Leslie Amadio — Wed, 24 Jun 2020 17:17:07 +0000

Diagnose ad fraud under the hood with a free Attribution Fraud Assessment tool brought to you by the MMA and powered by Kochava.

The many faces of ad fraud have wreaked havoc on the digital marketing industry with bad actors stealing ad spend wherever possible. Industry experts believe that as much as 50% of the signal for purposes of attribution is fraudulent in some way or another. To combat this, Kochava has partnered with MMA Global to offer a free attribution fraud assessment tool highlighting the primary forms of fraud in a marketer’s ad campaigns.

Fraudulent activity frequently hides in plain sight behind seemingly successful campaign outcomes. Fraudsters have become adept at manufacturing the data that marketers want to see, making it difficult to discern from what is real. Within Kochava alone, we still see approximately 8% fraudulent installs across the traffic we process even after a litany of anti-fraud filters. Without any in place, nearly 50% of traffic would be fraudulent (Source: Flattening the Fraud Curve livestream).

Ad fraud prevention made simple

The industry’s reliance on last-click attribution, focus on low cost per install and/or cost per action, and quest for a broad user base have made itself vulnerable to opportunists. That said, exposing fraud not only protects ad spend, it’s an essential part of running efficient and transparent campaigns.

As complicated as the tactics may get, preventive measures often boil down to common sense. If, for example, your paid media yields the same or better-quality installs than your organic ones, something is likely amiss. Other red flags include having a disproportionate clicks-to-install ratio (eg, 10,000:1), not reporting impressions or reporting them as clicks, and low-quality installs.

So, what do you do? In spite of the fraud mitigation tools on the market, not all are created equal. For instance, a demand-side publisher (DSP) working with Kochava suspected fraud from several publishers after seeing high click-to-install ratios and abnormal time-to-install outliers on certain sites. However, the DSP could not prove any wrongdoing with the client’s other mobile measurement provider. This led them to request a fraud audit from Kochava which showed several of the client’s ad partners were stealing conversions. The DSP used the audit as evidence to receive make-goods and re-evaluate their ad partners.

So, what’s your ad fraud score?

Don’t assume that all campaign data is valid—you need sophisticated anti-fraud tools in place to mitigate fraud as much as possible. Use the attribution fraud assessment tool to see what areas need improvement so you have the most accurate data. With it, you’ll get an initial estimate of the amount of attribution fraud based on an aggregated make-up of your advertising. It’s a start in enabling you to take action in decreasing fraud and getting a better return on your marketing spend.

To learn more about how Kochava tackles fraud, or for more information about the free attribution fraud assessment tool, click here, and see how we can help.

The post What’s Your Ad Fraud Score? appeared first on Kochava.

Kochava and the MMA Global Partner in the Fight Against Mobile Ad Attribution Fraud

Leslie Amadio — Tue, 09 Jun 2020 12:00:16 +0000

New Free Attribution Fraud Assessment Tool Launched at MMA MATT Unplugged Virtual

SANDPOINT, Idaho and NEW YORK – June 9, 2020 – Kochava, the leading attribution platform for real-time data solutions for mobile and connected devices, and MMA, the global industry trade group for CMOs and major marketers, today announced the launch of an advertising attribution fraud assessment to tool to help the world’s leading brands identify the degree of risk against their own potential ad attribution fraud. The tool provides marketers with an initial estimate of the amount of attribution fraud based on an aggregated make-up of advertising on their partner networks. This directional understanding will allow marketers to take deliberate action to decrease the level of waste and get a better return on their marketing spend.

“We have been leading the fight against ad fraud since the inception of our company,” said Charles Manning, Founder and CEO, Kochava. “Mobile fraud takes on different behaviors from display—and we are the clear leader in detecting and protecting against it for leading brands. Collaborating with the MMA on this free fraud assessment tool is an exciting step forward to shedding more light and fighting this rampant industry issue.”

The impact of mobile attribution fraud can be costly and significant for brands. In fact, top-line results from a previous MMA survey suggests that 84% of marketers expect mobile ad fraud to continue being a significant problem. Over 60% think it will increase in the future, partly because their individual efforts can´t address the fundamental drivers of mobile fraud—strong incentives for perpetrators, lack of penalties and overall complexity of the mobile ad ecosystem.

As every dollar spent has increasingly higher burdens for ROI, it’s important to understand the extent of the mobile app fraud to take proactive action and limit its impact. Kochava has built a comprehensive arsenal of algorithms and an up-to-date database of where attribution fraud exists across the reach of a marketer’s media buying efforts. In particular, the focus has been to prevent attribution fraud where bad actors use various tactics to steal attribution and claim the conversion for payment. Attribution fraud enables fictitious media sources to signal ‘impressions’ and ‘clicks’ into attribution tools where media was never displayed.

“The Attribution Fraud Assessment tool allows marketers a first step in assessing the impact and downside as a result of app advertising attribution fraud,” said Greg Stuart, CEO of MMA Global. “We encourage marketers to check their campaigns quickly with this tool as a preliminary guide to determine if they should invest more resources to combat fraud in their media ROI. We also invite all growth marketers to join the MMA community as we work to develop more insights and tools to support them.”

Kochava is algorithmically maintaining their database to reflect the current state of the number one issue in digital marketing: fraud. The Fraud Assessment Tool can identify the extent of attribution fraud that the properties of a brand are exposed to. It has been built to deliver a powerful fraud audit summary without requiring extensive data inputs to validate the assessment

In addition to the assessment tool, the MMA will be holding a series of education webinars featuring case studies from marketers on how they are addressing the issue of mobile ad fraud. Email mobilefraud@mmaglobal.com to be kept up to date.

To find out more about what percentage of your mobile ad budget is being wasted on fraud click here for your free fraud assessment.

Kochava

Kochava Inc. is the leading attribution platform and host of the largest independent mobile data marketplace. The company provides secure, real-time data solutions to help brands establish identity, define and activate audiences, and measure and optimize all aspects of their marketing. Kochava provides enterprise brands with a consolidated Unified Audience Platform including data management and onboarding, cross-device configurable attribution, analytics, engagement, industry-leading fraud protection, and data enrichment. With a culture of customer-driven innovation, dedication to data security, and the most powerful tools in the ecosystem, Kochava is trusted by top brands to harness their data for growth. Headquartered in Sandpoint, Idaho, the company has offices globally. For more information visit their web site www.kochava.com. Follow Kochava on social media: Facebook, Twitter, and LinkedIn.

About the MMA:

Comprised of over 800-member companies globally and 14 regional offices, the MMA is the only marketing trade association that brings together the full ecosystem of marketers, tech providers and sellers working collaboratively to architect the future of marketing, while relentlessly delivering growth today. Anchoring the MMA’s mission are four core pillars; to cultivate inspiration by driving innovation for the Chief Marketing Officer; to build the mobile marketing capabilities for marketing organizations through fostering know-how and confidence; to champion the effectiveness and impact of mobile through research providing tangible ROI measurement; and to advocate for mobile marketers.

Members include: 1-800-Flowers.com, Adobe, Ahold Delhaize, Allstate, Ally Financial, American Eagle, American Express, AT&T, Bank of America, Calvin Klein, Campbell’s, Carbon, JPMorgan Chase, Chipotle Mexican Grill, Chobani, Choice Hotels, Citi, Clear Channel Outdoor, Colgate Palmolive, Cuebiq, CVS Health, Dunkin’ Brands, eBay, E*TRADE, Electronic Arts, ESPN, Estee Lauder, Facebook, Ford, Foursquare, General Motors Company, Google, Hilton Worldwide, IBM Watson, Jumpshot, Kellogg Company, LinkedIn, L’Oreal, Marriott International, Match Group, Mastercard, McDonald’s, MillerCoors, Monster, NBCU, OpenMarket, OpenX, Pandora, Pfizer, Pinterest, PlaceIQ, Procter & Gamble, RetailMeNot, Salesforce, Samsung, Shire, SITO Mobile, Snap Inc., SUBWAY, Target Inc., The Coca-Cola Company, T- Mobile, Turner Broadcasting, Twitter, Uber, Unilever, Verizon Media Group, Verizon Connect, Vibes, Walmart, Waze, Yieldmo, Zurich and many more. The MMA’s global headquarters are located in New York with regional operations Asia Pacific (APAC), Europe/Middle East/Africa (EMEA) and Latin America (LATAM). For more information see www.mmaglobal.com.

Media Contacts:

Leslie Amadio

Director of Public Relations, Kochava

208-610-1650

lamadio@kochava.com

Sheryl Daija

Chief Strategy Officer

917-287-6140

sheryl.daija@mmaglobal.com

The post Kochava and the MMA Global Partner in the Fight Against Mobile Ad Attribution Fraud appeared first on Kochava.

Painless Ways To Prevent Ad Fraud

Leslie Amadio — Thu, 14 May 2020 17:22:13 +0000

Marketers must not play into the false economy of digital advertising.

Many mobile marketers are operating in a false economy because of the pervasiveness of fraud. Fraud can infiltrate campaigns in many ways, making it difficult to extricate it and justify the resources to do so especially when performance numbers look favorable. If you take your campaign data at face value, you are relying on inaccurate data that appears to show a broad reach to customers. And we all know that appearance isn’t everything.

The misbelief that half of marketing is fraudulent is unacceptable. Marketers shouldn’t have to gamble in launching campaigns. Although fraud has become an inherent part of campaigns, it does not mean marketers should pay for it as part of the cost of doing business.

We all know that fraud takes many forms, and while there are numerous algorithms to identify them, loopholes exist where a fraudulent entity can hide and appear legitimate. In a perfect world, fraud would be completely eradicated but that is unrealistic. However, there are several relatively simple actions you can take to greatly reduce fraud in your campaigns.

It’s all about the ad signal. Signal clarity reflects how reliable the click and impression data sent are. Each must be sent in a separate data stream and is how media partners transmit valuable data such as device IDs, creative IDs, transaction IDs, etc., necessary for attribution, fraud prevention, and campaign optimization, among other marketing criteria.

These data streams are what fuel the attribution process where credit is adorned to the channel in which the conversion was obtained. Fraudsters aim to infiltrate this system and win attribution through any means necessary (eg, click flooding, click injection through malware, SDK spoofing, junk publishers, fake installs, etc.). Work with your media partners or find one through the Kochava Traffic Index as a way to ensure you are sending a clear ad signal from your campaigns.

Avoid buying cheap CPM. When you buy cheaper inventory, you increase the risk of purchasing fraudulent traffic. Understand where your media is being purchased and aim for quality over quantity, this might mean retargeting a high-quality user audience segment or creating a lookalike audience. When you (your agency) buys inventory with a low CPM, you run the risk of dealing with fraudulent publishers masking their identity and appearing to be a legitimate site.

Check names: Request that ad partners provide publisher site IDs. Fraudsters in this arena are guilty of falsifying transparency by masking their traffic sources by cycling through their sub-publisher site IDs. You can pull a summary report to include site IDs and installs to easily tell which sites are acting suspiciously. If you see a high number of sites with few installs, be wary. This is an unrealistic and ineffective way of finding traffic. For example, having hundreds and maybe even thousands of sites yielding upwards of 20K clicks for a few dozen installs is a red flag that there is fraudulent activity involved. It’s better to have fewer sites with more clicks than numerous sites with just a handful of installs.

It’s also important to have unobscured site IDs to understand where your ads are being served. Are they coming from Candy Crush? Or are they coming from some unknown Peruvian windsurfing blog?

Set the rules: Use traffic verification. With traffic verification, marketers set thresholds to avoid exorbitant impression and click volumes and/or block certain types of traffic that you specify. If traffic doesn’t meet your parameters, it will omit the traffic from attribution. This greatly reduces the presence of fraud and is your first tier in your fraud strategy once your campaign is underway.

In an informal three-month analysis between advertisers using traffic verification and those not, Kochava saw only 3% fraudulent installs and 41% fraudulent traffic caught by our anti-fraud algorithms, after traffic verification dropped invalid traffic. This was in contrast to 16% fraudulent installs and 88% fraudulent traffic without traffic verification. Note: Without traffic verification in place, those fraudulent installs were attributed.

Fraud is not a fact of life.

Fraud is a fact that marketers don’t have to accept and absorb in their ad spend. But doing nothing about it is an impractical way of doing business. Install numbers may look as expected or extraordinary, but peel that initial layer away and you’re left with few actual conversions. Having protective measures in place will show your true conversions, and if done incrementally, marketers can ease into their anti-fraud strategy without drastic changes in their expected campaign outcomes.

Preventing and mitigating fraud doesn’t have to be time-consuming and exhaustive of your resources. By selecting any of these measures, you have taken the first step in your anti-fraud strategy. At minimum, have the Global Fraud Blocklist enabled for basic protection against known fraudulent entities (devices, IP addresses, site IDs). If you’re unsure of how to establish your custom settings in Traffic Verifier, contact us to help you establish settings right for your brand and app traffic.

The post Painless Ways To Prevent Ad Fraud appeared first on Kochava.

Click Injection Unmasked: An Impact Assessment of Google’s Install Referrer API

Tyler Levasseur — Tue, 18 Jun 2019 13:30:29 +0000

Over a year and a half has passed since the release of the Google Play Install Referrer API that has given app developers and measurement providers a new level of insight into the exact timing and activity surrounding a user’s install. One data point provided by the API was the Install Begin Timestamp, the exact moment down to the second when the app install begins.

One of the biggest impacts from this new data was the ability to combat forms of click injection. A fraudulent tactic used to hijack install bounties, click injection occurs when malware on a device detects ad interactions and/or app store activity and injects fake clicks to steal attribution credit for an install.

Last year, a Buzzfeed article using Kochava research exposed several apps as participants in a massive click injection scheme. The article prompted an investigation by Google and the subsequent removal of several apps from its Play Store. With the data available from the Install Referrer API, most of the tactics deployed in this scheme were both detectable and preventable.

So, what have we learned over the past 18 months from the data revealed by the Install Referrer API?

To begin, let’s recap what changed with its release.

Before Install Referrer

Before the Install Referrer API provided the Install Begin Timestamp, Kochava (and other measurement providers) only had visibility into a user’s first launch of an app, which triggered the initialization of our software development kit (SDK). This initialization was our first visibility to the app’s presence on the device and as such, it acted as the “install” event. The timestamp of the first open/launch was used for attributing the install back to a click.

Because users don’t necessarily launch the app directly after completing the install, the first open time was inherently flawed as an indicator of when the install actually occurred. The unknown time gap between click and actual install provided an ideal click injection window for fraudsters to take advantage of.

To combat click injection, Kochava developed sophisticated time-to-install (TTI) algorithms to identify anomalous patterns between click and first open times and in order to flag suspicious outliers.

After Install Referrer

After the Install Referrer API release, Kochava could gather the exact Install Begin Time (the moment the user entered the app store and clicked the “Install” button).

Kochava created new functionality that allowed marketers to override the use of the first open time and instead use the Install Begin Time. This removed reliance on the timestamp of the first open/launch event.

As a result, every click injected after the Install Begin Time could be disqualified from install attribution.

Because the Install Referrer API is called during initialization at the time of first launch, we still receive and process all of the injected clicks. When the Install Referrer API returns the Install Begin Time, it becomes clear which clicks are injected.

Painting a clearer picture of install attribution fraud

The simple availability of the true Install Begin Time has given a fuller view into the prevalence of fraud in the ecosystem.

When enabling the Kochava feature to override the first open time with the Install Begin Time, certain customers have experienced up to a 90% drop in attributed installs for their app. This indicates that a great majority of their media mix was perpetrating click injection and/or click fraud against them. These marketers haven’t lost total installs but rather saw their organics jump significantly. Click injection had been sniping organic installs, and switching to Install Begin Time saved the customers significantly on falsely attributed installs.

Other apps have not noticed a large drop in attributed install volume but experienced a shift in which networks are winning the attributions, indicating that click injection tactics of some partners were stealing installs from others.

A Real-World Example

Let’s unpack a real-world example from a top Play Store app. In analyzing a specific install we saw:

Network A sent Kochava a click at 22:55:57
The user was redirected to the app store.
The user began downloading the app at exactly 22:57:00.
The download and install finalized at 22:57:17.
Kochava received a click from Network B at 22:57:26.
The first open of the app occurred at 22:59:00.

Without the Install Referrer API providing the Install Begin Time, Network B would’ve won attribution as the last click prior to the first open event. With the Install Referrer API, Network A is properly awarded credit, as the Install Begin Time precedes Network B’s injected click.

Kochava can also determine where this type of click injection occurs at scale across media partners and/or sub-publishers, helping marketers make more informed media spend decisions. The anonymized data below illustrates the analysis that’s now possible because of the Install Referrer API.

This first chart displays injected click volume compared to total click volume by network partner. Partners that heavily over index in injected clicks should raise warning flags.

Kochava can even help marketers determine which sub-publishers within such networks are the main culprits of the injection traffic. Marketers can then work with their partners to remove or block offending sources.

Taking advantage of the Install Referrer API

Kochava provides a myriad of benefits to marketers through the new Google Play Install Referrer API.

Marketers can enable the use of the Install Begin Time to override the first open time, providing a far more accurate timestamp of the actual install. This in turn significantly reduces vulnerability to fraudulent click injection tactics.

A click referrer time is also provided by the Install Referrer API, dictating whether an actual ad click preceded the user’s landing in the app store. Within Kochava Traffic Verifier, marketers can choose to require a click time be present in order to allow any click attribution.

IMPORTANT: If you currently use the minimum time to install (MTTI) function of Kochava Traffic Verifier, please check with your Client Success Manager before enabling use of Google’s Install Begin Time.

What do you need to do?

Marketers can easily make use of these features in Kochava but first must ensure that an app’s Google Play Services Library dependencies are updated to support this new API. This is what allows the Kochava SDK to gather Install Referrer data and put it to work on your behalf.

For more information or to ensure you’re taking advantage of the Install Referrer API, please contact your Client Success Manager.

The post Click Injection Unmasked: An Impact Assessment of Google’s Install Referrer API appeared first on Kochava.