Impact

Impact

Are You Safe From In-app Fraud? Here’s How to Know

In 2017, Google Play Store housed 2.8M apps and Apple’s App Store held 2.2M apps (Statista, 2018). These numbers are expected to keep increasing–and so do the opportunities for fraud to occur. In this growing channel, how can you tell if your in-app marketing is safe from bad actors? Find out here.

One of the most effective ways to drive app install is through “cost-per-install” programs. Why? Because they only pay media partners for installs that they facilitate. However, bad actors know this, which opens you up to several methods of fraud, including:

  • Install attribution fraud, where installs are attributed incorrectly
  • Illegitimate claims for an install that the marketing channel did not truly drive
  • Install fraud
  • False installs of the app where the installer has no intention of actually using the app

How can you tell if any of these types of fraud are occuring in your app marketing? Here are some things to look for.

Low app interaction or dormancy: Malicious media partners may contribute high numbers of low-quality installs. These bad actors may have mechanisms to install the app and launch it, but never use it again. Analysis of app churn is usually steep–the average app loses 77% of its users after the first 3 days (Quettra, 2018)–but this drop-off is naturally correlated with the stickiness of the app. Find out what your advertiser’s 1- to 7-day app churn rates are, so you can tell whether certain media partners are bringing in inexplicably high-churn traffic. If so, you might be experiencing app install fraud here and it is worth investigating and preventing using a fraud protection tool such as Forensiq.

Uncharacteristically low conversion rates: Advertisers tie conversion activity to certain “success” events within the app. For example, for a retail app, a conversion is a completed purchase. For a ride-sharing app, it may be booking and taking your first ride. These conversion activities often involve a payment to the advertiser, and bad actors wouldn’t make as much money (and are more likely to lose money) from their fraudulent activity if they paid the advertiser. Thus, fraudsters typically limit their actions to conversion events that don’t involve financial transactions. This means, if you’re an advertiser that pays out on the basis of conversions that are not directly tied to some financial outlay for the converter, you will need to pay special attention to your conversion rates. When you observe an uncharacteristically low conversion rate (again, ask your advertiser what its typical conversion rate is), then this may be a sign of a high-risk supplier and you will want to put fraud protection in place.

Rapid uninstall times: According to Kantar/ITR (Apsalar, 2018), about 26% of app installs are uninstalled within the first hour, increasing to 38% by the first day. However, bad actors intent on committing install fraud usually only have a limited number of devices available. The usual method they employ is to install the app, start the app to simulate engagement, and claim credit for the install. Then they factory reset the device to acquire a new unique device identifier. Factory resets effectively wipe out the installed app, then reinstall the app again and continue the cycle.

Fortunately, bad actors get greedy. Fraud operations run on scale, after all. They can’t simply claim revenue from a handful of installs, generating only a handful of dollars for all their effort. A single legitimate installer doesn’t produce a lot of ad revenue, and users may generate just a few dollars of ad revenue per day. That simply cannot support a fraud operation–the fraud industry relies on scale. Fraudulent actors can’t merely look like a small pool of legitimate users installing the app. In order to make a decent payout, they need to look like tens of thousands of fake users installing the app. In order to generate increasingly higher amounts of revenue on limited equipment, bad actors would have to increase the frequency of the cycle–essentially creating a suspiciously high level of uninstalls and thus revealing their fraudulent activity. Fraud protection solutions like Forensiq can help make it easy to identify rapid uninstall activity.

In short, here are the actions you should take to discover if there’s fraud in your traffic:

  1. Know your app’s average 1- to 7-day churn rate and compare it to your sources’ churn rates.
  2. Know your app’s typical conversion rates and compare it to your sources’ conversion rates.
  3. Know your app’s typical uninstall rate and compare it to your sources’ uninstall rates.

Want to find out more about how to spot fraud in your marketing program? Download our eBook, How to Spot Telltale Signs of Fraud in Your Performance Traffic, and discover how to shore up possible leaks.

Back to Resources