There aren’t many comprehensive studies in the market that examine the rise of mobile ad fraud. Articles, yes – plenty of them. However with a surge in advertising impressions shifting this year from desktop to mobile, market stakeholders worldwide are bracing themselves for a flood of fraudulent actors and activities in the weeks and months to come.
Yes, there is certainly mobile ad fraud out there already – bought-and-paid-for bots being the most widespread method of generating fake impressions - but there are rock-solid means of protecting you from them. Smaato’s aim to provide a clean marketplace speaks for everyone on both the supply and the demand side, helping our advertisers and demand partners feel sheltered from the fraud storm and therefore making them willing to traffic more advertising through our SPX platform.
Let’s briefly define the most common fraud cases out there, which (unfortunately) is not the complete list of tactics used by purveyors of “bad ads”:
- A device or piece of software that can execute commands or perform routine tasks with minimum human intervention. They are used to generate ad impressions or serve hidden ads, which are not visible to a real user. Some consumers’ phones are infected by these “bots” which run in the background without knowledge of the victim. The infected computers, communicating with the commanding fraudsters in the background, build a so-called “botnet”. Many of the served ads are placed in ways that keep them from being observable because they are hidden behind other ads or content, displayed in tiny iFrames or served in other ways that prevent them from being viewed by consumers.
Impression stuffing/Ad stacking
- Multiple ads placed on top of each other in a single ad placement, but with only the top one actually being visible. Sometimes an entire ad-supported site is stuffed into a 1x1 pixel, which is obviously so tiny that it can't be seen by the human eye.
- Fraudulent code is inserted into a user’s device browser in order to call HTML or make ad requests which are not under the control of a user, and which are made without the user’s consent. Ads and redirections are inserted into the user experience by the program running in the background. The purpose is to redirect the user to web sites they had no intention of visiting, either in the background or in a different browser session.
- Domains that are faked by fraudsters who pretend to own high quality content that in actuality does not belong to them. They do this to sell premium traffic, and thereby increase their prices. This technique is also called Domain Masking (the faking of the true URL in favor of another “more valuable” one). For example, a seller may declare xyz.com as the domain, when in reality the true URL is detected as fakewebsite.com.
- Traffic that is routed through an intermediary proxy device or network where the ad is rendered in a user’s device with a real human user. However, by rerouting the traffic through different proxy servers, the IP of the requests can be changed (i.e. masked). Fraudsters use this technique to generate unique traffic. An even more advanced technique is to use randomizing algorithms to create unique IP addresses, because the simple rerouting of traffic through different proxy servers might cause suspicion at some point: thus the need for unique IP addresses that are more difficult to catch.
- Another robotic technique: the imitation of legitimate click-through events on advertisements, while the only actual “clicks” were made by a piece of fraudulent code running in the background. We watch this very closely at Smaato.
Smaato is fighting against fraud with all of our weapons to help ensure a clean, fraud-free, high-quality mobile advertising market space. The traffic quality team here is fully dedicated to protecting our SPX exchange platform from any of the above described fraud patterns, and recent innovations on our platform have taken our human intervention innovations into the realm of machine learning and artificial intelligence – all to help protect our publisher and advertiser partners around the world.
If you have any questions - or any new fraud terms to add to the growing lexicon of fraud tactics - please don’t hesitate to contact us directly at firstname.lastname@example.org.