In five months, we found 12.5m fraudulent app installs – where did they come from?

Mobile Marketing - Member Content

Gary Danks, managing director of Machine Advertising, breaks down the results from the firm's investigation of ad fraud, and how firms can avoid the perils of the digital ecosystem.

In the first five months of this year, Machine analysed over 22.4m app installs – 56 per cent of which we detected as fraudulent. That’s over $26m that our clients would have otherwise lost to app install fraud between January-May 2018, saved.

But where exactly are these 12.3m fraudulent installs coming from? To find out, we took a deep dive into our data – and, to help show where the biggest problems are in the market, we’d like to share the results.

All ad networks delivered some level of fraud
First, we analysed the ad networks who sold app installs to our clients. In total, there were 88 networks which each delivered 500 app installs or more during this five-month period.

There’s also a long tail of over 150 networks which delivered under the 500-install mark. Some of these smaller networks were the very worst offenders, delivering 100 per cent fraudulent installs – but it’s certainly not the case that working with larger players protects you from app install fraud.

Of the 88 ad networks, only a single one delivered app installs which proved to be less than 10 per cent fraudulent. The rest fell somewhere between 15 per cent and 100 per cent fraudulent. Five of the networks delivered 100 per cent fraudulent installs. This list also includes the big two self-attribution platforms, one of which delivered over 30 per cent fraudulent installs; the other, over 50 per cent.

Attribution fraud the biggest threat
Breaking down app install fraud by the methods being used, the single largest category was install hijacking, which accounted for 32.3 per cent of fraudulent installs – nearly 4m installs in total.

Install hijacking is a form of attribution fraud which infects a user’s device with malware that monitors their activity and, whenever they download an app, fires a fake click at the corresponding MMP in order to gain credit for an organic install.

The fastest growing category is hacked SDK fraud, which made up 19.4 per cent of fraudulent installs. Also known as SDK spoofing, this is an advanced form of fraud which involves exposing the MMP’s encryption, hacking an MMP’s SDK to seemingly trigger events – like installs, payments or in-game events – which never really happen, but which the client pays for nonetheless.

Hacked SDK fraud on the rise
The figures above only cover fraud once the app install has happened, meaning they exclude click stuffing, a type of attribution fraud which works by flooding an MMP with millions of clicks in an attempt to gain credit for an organic installs. Machine blocks artificial clicks, which reduces click stuffing to almost zero per cent.

When you look at the click data, 58 per cent of the 1bn clicks Machine analysed between January-May 2018 were fraudulent – and by far the largest source was click stuffing, which made up 23.6% of all clicks which we analysed.

As a result of Machine preventing click stuffing, our client's organic installs grew by 7.6m, and approximately $17m of marketing budget was saved from being wasted.

Hacked SDKs were once again the the fastest growing source of fraud. When it comes to clicks, it’s also the second largest, accounting for 17.1% of all clicks. In total, we analysed clicks from 169 ad networks – and 21 of them provided 100% fraudulent clicks.

There is light at the end of the tunnel
The scale of the app fraud problem is huge, and it’s not limited to the smaller players. Next time you’re looking at your install figures, you should be asking how much is fraudulent – and how much your current fraud protection solution is failing to catch.

But it's not all negative. Over the same period, utilising the same ad networks discussed above, our clients did acquire millions of real, high-performing app installs. And most ad networks don’t have malicious intent – they’re also a victim of fraudulent app installs.

What matters is taking the right precautions. In today's market, any digital marketer worth their salt wouldn't dare run a desktop campaign without the protection of an ad verification tool such as IAS, Moat or Double Verify. If you're going to buy mobile app installs from ad-networks and social media, you need a specialist who can protect you against fraudulent app installs. Let us help.

Gary Danks is managing director of Machine Advertising. You can download a PDF version of the report here.