Ad fraud is on the rise — in part because ad spend continues to grow, attracting more bad actors, but also because fraudsters are becoming more sophisticated at infiltrating our markets. As we begin a new year that marks the end of a record-breaking decade in ad tech, let us all make a New Year’s resolution to join forces in combating the seemingly never-ending threat of invalid traffic.
With so much attention on mobile ad fraud at present, this is a perfect opportunity for our industry to focus our efforts and share best practices in keeping bad actors at bay. Here are five New Year’s Resolutions that we can all get behind in 2019:
Partner with MRC-accredited IVT-management vendors who offer identification, scanning and real-time blocking solutions for protecting advertisers in programmatic ad environments.
Raise the stakes for fraudsters by increasing policy enforcement and actioning against malicious actors. To quote eMarketer: “The moment [fraud] becomes less attractive—where the losses hurt more than the gains—then you've changed it for all the attackers, rather than trying to just pick off attacker after attacker.”
Publishers, stay up-to-date on the latest IAB specs. For instance, IAB Tech Lab recently rolled out app-ads.txt in beta, hoping to follow in the footsteps of its ads.txt initiative. Reviewing new specs should always be part of a publisher’s consideration set.
Marketers, analyze KPIs all along the user funnel, looking for anomalies, tracking downstream metrics and staying vigilant.
Be transparent to build trust. Collaboration, sharing insights and best practices, and evangelizing our knowledge will help our industry as a whole to get smarter and make better decisions when it comes to exerting control and making wise decisions.
In-app fraud is increasing because that's where the money is. U.S. app-install ad revenue will grow to over $7 billion by year-end 2020, according to Business Insider Intelligence estimates.
“As overall ad spend continues to go toward mobile—with two-thirds of all budgets going into mobile and three-fourths going directly into in-app—fraud is on the rise as well," Dan Slivjanovski, DoubleVerify's chief marketing officer told Business Insider.
However, programmatic mobile in-app inventory sees lower rates of blocked traffic than those of desktop and mobile web. According to RhythmOne’s third quarterly Programmatic Insights Report: Spotlight on Quality, released in February 2018, 56% of programmatic ad inventory on desktop was blocked (because it was deemed suspicious), compared to the much lower rate of 38% on mobile for the quarter. On mobile, inventory was blocked significantly more often on mobile web (56%) than on in-app mobile inventory (27%).
Still, app-install fraud is estimated to have cost mobile marketers around $2 billion in 2017, according to Tune’s Global App Install Fraud Report. In 2018, Adjust estimated that mobile ad fraud damages may have cost mobile marketers as much as $4.9 billion.
While gaming apps were hardest hit by fraud in 2017, that trend has begun to shift. By May 2018, e-commerce apps had become the most affected vertical, accounting for two-fifths of the total installs rejected, according to Adjust. Another commonly reported trend is the prevalence of fraud on Android apps and devices over those of other operating systems. MRC-accredited Pixalate has reported that Android devices are particularly prone to in-app ad fraud.
In-app fraud has become more sophisticated, expanding to areas such as app-spoofing, hidden ads, and mobile hijacked devices. Malicious apps can serve pop-ups, load and reload thousands of impressions or watch videos in the background without the user’s knowledge. They may also serve as Trojan horses for ransomware. Sometimes, the app knows to only load and reload ads when a device is plugged into power, so that users won’t notice suspicious usage of their device’s battery power. In other cases, an app might obfuscate its location in order to attract spend from advertisers with geo-targeting requirements, or it may purposely mislabel inventory to pass off incentivized traffic as non-incentivized traffic.
Brand marketers aren’t the only victims in these schemes. Apps also fall prey to threats, particularly in attribution, for instance, when a bad actor takes credit for driving an install or action, according to AdExchanger. In some cases, fraudsters create fake devices to download apps and steal credit card and payment info. Fraudsters use tactics such as click injection—a more surgical form of click spam—to insert themselves in the moment between a real download and the initial app open. This form of fraud is particularly insidious, because app advertisers end up paying for their own organic installs.
A third of marketers estimate that more than half of their mobile ad budgets are exposed to in-app and mobile web fraud, according to a recent report by Forrester. As an industry, we must strive for transparency and education. AdExchanger reported that while 39% of advertisers and agencies admit they don’t know enough about mobile ad buying, the mobile-first app advertisers, especially the major gaming publishers, are the most savvy when it comes to digging into analytics and leveraging data-driven tools to troubleshoot suspicious traffic and evaluate performance marketing partners and channels—a practice that hopefully more will learn to adopt.
Ultimately, it is our community’s responsibility to share learnings, stay up-to-date on the latest technologies and adopt best practices for consistency and quality in order to keep invalid traffic at bay. Let’s all make a New Year’s resolution to do our part.
Curious about how MoPub is approaching traffic quality? Learn more here.