THE BLOG
09/12/2014 01:04 pm ET Updated Nov 12, 2014

What to Do About Fraud in the Mobile App Industry?

The mobile app economy is young. Like the web fifteen years ago, everyone involved is trying their best to make some profit and carve out their slice of mobile pie. Sadly, this leads to the more unscrupulous characters out there finding ways to cheat the system and make money through fraudulent means.

Back in 2012, Trademob published a study claiming that 40% of all mobile app clicks are either fraud or accidents. Since then the fraud has expanded into the performance-based ads, with cost-per-install or cost-per-action payment structure.

Imagine you are a struggling developer, trying hard to raise your user numbers, when along comes a network that offers installs for 30 cents a piece, while the market price hovers at $2. Is it too good to be true? Chances are it is.

Other ways the businesses of mobile app developers get hurt is when their game is hacked by their players. When the virtual currency is targeted, one thinks of the lost revenue, but even bigger impact is on the competition between players within the game.

In-app purchase fraud

According to the  co-founder of the UK-based mobile game developer Supersolid, Edward Chin, his company had to deal with hackers that would steal in-app currency. 'The biggest concerns was not necessarily loss of revenue, but how it impacts the game, and our understanding of how our users are playing. If there is a competition within the game, players will notice hackers with impossibly high scores, which ruins the experience for them', he said.

This fraud also impacts mobile analytics. The main challenge here is differentiating between genuine in-app purchases and stolen currency. If a game developer can not understand the economics of the game, what the user lifetime value is and how they engage with the game, he might not be able to make good business decisions.

To solve the problem, Supersolid implemented a server-side receipt validation and item award system. Now when a client passes the receipt to the server, the server validates the receipt and, if positive, awards the purchased item to the user's account on the server.

This, however, does not work for many of the apps that do not have their user data stored and managed by a server. So it remains a problem that new developers should be thinking about.

Advertising fraud

Those people who have spent the last ten to fifteen years generating fraudulent traffic on the web have now moved into the mobile sector. Click and install fraud is widespread. Click fraud comes from bots, jailbroken devices and misleading banner ads. CPA clicks simply involve having a robot program doing all the actions needed to qualify.

Ad networks check the reliability of a source and conversion of clicks to installs. Of course, if a conversion rate of click to install is close to a 100% the traffic is likely to come from bots. Therefore a common strategy for fraudsters is to blend bot traffic to demonstrate desired properties, sell it to legitimate networks and reap profits.

So how can a developer fight mobile advertising fraud?

Tracker solution

One solution is to use a sophisticated app tracker service. According to Paul Müller, the co-founder and CTO of a German mobile analytics company Adjust.com, its open-source tracker SDK runs a more complex code in the app, which makes it harder to fake an install and requires a fraudster to simulate the whole app rather than manipulate HTTP API.

Another approach implemented by Adjust.com is to monitor and report inconsistencies, such as installs that come, for example, from German devices that have Chinese timezone settings. There are many kind of investigations his company is doing but disclosing them would mean alerting fraudsters about their weak spots.

A third solution is to look at user retention. For days 3 and 7, fraudulent installs show zero usage.

Ad buyer solution

For most of the app developers, reliable sources of users such as Facebook, Twitter or AdMob are not sufficient to meet their user acquisition targets. So it is inevitable that a larger number of ad sources are used for this purpose. To avoid fraud by dealing with multiple ad sources Kirill Sofronov, the founder of mobile-first marketing agency Tapgravity, recommends working only with reliable, tested ad networks. Another way to put it is to work with the mobile marketing professionals that know what works.

Advanced app analytics, that enable the ad buyers to group their users into cohorts to analyze user engagement and revenue for each channel, is another approach. According to the founder of automated mobile app marketing service AppInTop, Nikolay Evdokimov, evaluating effectiveness of ad sources manually is a tremendous task that requires a lot of manpower. AppInTop automates the process of selecting the best-performing ad sources that deliver best user lifetime value, while weeding out those with poor retention and revenue metrics.

Conclusion

To avoid mobile ad fraud, use a sophisticated app tracker and check which sources bring real paying users rather than dead installs. Look for references and recommendations when buying advertising or rely on programmatic ad buying. This will hopefully make it harder and harder for fraudsters to trick the system.