Mobile app fraud prevention: How to detect, prevent, and eliminate mobile app scams in your partnership program 

With over 6.8 billion smartphone users worldwide, it’s no surprise that the mobile marketing industry is thriving. However, with so many scams out there, brands may be reluctant to invest in mobile partnerships. With the right technology, you can protect your mobile partnerships, and ensure your program hold’s people’s attention and significantly boost revenue.

Mobile phone
Matt Moore
Matt Moore
Associate Manager of Product Marketing
Read time:10 mins

Contents:

Mobile marketing and the rise of scams 

Online marketing is all about attention. Brands want to build awareness, reach potential customers, and retain them. Content creators look for ways to grow audiences—leveraging unique voices to stand out from the crowd. 

With billions of cell phones worldwide, mobile advertising is a no-brainer. Current spending on mobile advertising sits at almost 330 billion dollars—opening up fantastic opportunities for brands and publishers to boost revenue.

In-app marketing is a great way to connect with potential customers online—apps take up a staggering 88 percent of users’ time on mobile devices.

Unfortunately, the success of mobile marketing also drew scammers and fraudsters. Bad actors found ways to fake installs and attribution—bringing in unearned commission payments from brands. These scam operators mislead partnering brands and hurt honest content creators through malicious strategies.

In the face of evolving scams, some companies and publishers might abandon mobile advertising altogether. But you don’t have to. You can circumvent fraudulent parties and build lasting marketing partnerships with the right knowledge and tools. 


Why in-app marketing makes perfect sense

Mobile marketing is highly competitive. Brands contend for attention in crowded app stores. They look for ways to convince potential customers to download and keep using apps  Partnerships offer the perfect solution for driving awareness and app downloads. Influencers, bloggers, and other publishers can promote apps for brands and encourage followers with:

  • Well-crafted content
  • Genuine recommendations
  • First-hand reviews and experience
  • Focused outreach to ideal user bases

Publishers encourage highly-engaged followers to download apps using unique tracking links. These links send people directly to app stores. Each publisher earns a commission for every download attributed to their affiliate link. Brands and creators see detailed performance metrics when using a state-of-the-art partnership platform like impact.com. 

These metrics fine-tune and optimize content and calls-to-actions. App installs and in-app marketing help brands reach more customers while offering effective ways for publishers to build sustainable careers. 


In-app marketing upsides

After users install the app, brands can focus on driving the benefits of in-app marketing:

It’s where the people are. People spend a big chunk of time on apps. Brands have greater access to ideal customers—giving engaging pitches to consumers who already took the first step and downloaded the app. Since people spend more time on apps, marketers don’t have to rely on a single ad to do all the heavy lifting. 

In-app marketing comes with better context. Customer experience (CX) designers and marketers have more control and awareness of an app’s user experience and journey. Instead of overwhelming consumers with out-of-context ads, in-app marketing campaigns plan each step. Brands can integrate ads into the app and connect with customers more authentically. 

Brands get higher click-through rates. Ads within apps lead to better user engagement.  The global click-through rate for app ads is 0.56 percent—more than double mobile web ads (0.23 percent).

Brands that excelled with in-app marketing partnerships

Ticketmaster boosted revenue and conversions

ticketmaster homepage

With the right mobile tracking solution, brands can boost revenue, partner earnings, and customer engagement. Ticketmaster’s live entertainment platform leaned into API-based tracking with impact.com to optimize partnerships and onboard new affiliates. After shifting their mobile strategy, Ticketmaster saw year-over-year revenue jump up by 32 percent and native mobile integrations drove 20 percent higher conversion rates compared to traditional advertising. 

Target increased click-throughs and website traffic

Target web homepage

Retail giant Target also expanded its potential customer base through in-app marketing. Target added an icon/link to their site to Samsung’s built-in web browser. Target could reach out to Samsung users based on device, location, and interests. This partnership led to over 580 million monthly views on Target’s icon in the browser and a million click-throughs to the store. 


Mobile app scams: the different types and how they work

Paying partners for app installations and engagement opens you up to various scams. Fraudulent actors keep finding ways to improve their methods alongside technological and market advancements. There isn’t a universal strategy—it depends on commission triggers, payment agreements, and more. 

Different types of mobile app fraud:

Install fraud

  • Install Farms
  • Device ID Reset Marathons
  • Proxy Tunneling
  • Traffic Scams
  • Inauthentic engagement

Install farms. Scammers hire hundreds of people for minimal pay. They repeatedly install apps on legitimate mobile devices to receive credit and commission. These farms target brands paying on a cost-per-install basis (CPI) and generate mass installations and app activity. Some operators even add automated scripts on phones to speed up the process. Studies show install farms make up at least 42 percent of ad fraud overall.

Device ID reset marathons. After joining a brand’s affiliate program, install farms or mobile emulator software operators repeat the same process repeatedly. This process allows scammers to use fewer devices or make the most out of their emulator software and accrue repeated commission payments. The process involves these steps:

  1. Follow the unique partnership link to the app store
  2. Download the app onto a phone or emulator
  3. Open the app and receive credit from the brand 
  4. Delete the app immediately
  5. Factory reset the phone to create a new device ID
  6. Repeat the process

Proxy tunneling. After partnering with a brand, scammers offer customers an app with hidden malware. Operators then create a bot network using affected devices and leverage hijacked IP addresses to fake user activity. The brands receive data on seemingly authentic app installs. Meanwhile, users are unaware of the hidden activity on their devices. Through proxy tunneling, some scammers trick partners and earn large commissions.

Traffic scams: Some bad actors drive traffic by circumventing partner rules and sharing commissions with customers. For many brands, all traffic isn’t equal. They often rank engagement and installations in two different ways:  

  1. Incentivized traffic refers to user activity driven by rebates, credits, or donations. These customers rarely provide long-term value for brands. They simply install or interact to receive points or money back. 
  1. Non-incentivized traffic is genuine consumer interest and installations, unmotivated by other factors. Since non-incentivized customers are likelier to stick around, brands pay higher commission rates for that traffic. 

Fraudulent affiliates offer rebates and other financial incentives to potential users. These affiliates bank on still making a profit after splitting the commission. This strategy inflates the worth of incoming traffic and scams brands out of more revenue. 

Inauthentic engagement. Install farms or bot networks fake engagement to reach specific commission triggers. Some brands try to avoid scams by requiring certain actions or activities after installation. For example, the user needs to create an account or spend specified time in the app. On top of creating fraudulent app installs, these scammers generate inauthentic user engagement, ensuring brands send out full commissions. 

Install attribution fraud

  • Click Flooding
  • Click Injection
  • Click Spoofing
  • Malvertising

Click flooding. Scammers use malicious code hidden in apps to take over phones and create fake clicks. They open hundreds of ads and interaction events in the background—often with the user’s knowledge. These clicks and ads trigger commission payments for brands: skewing performance metrics and making fraudulent partners look incredibly productive. 

Click injection. Bad actors jump in before triggered commission payments, taking unearned credit for installs. Fraudsters include code in their apps that hijacks the “install broadcast” feature built into Android devices. This feature notifies scammers whenever users install new apps on the phone. Next, scammers generate a fake click event and claim commissions for completely unrelated app installs. Unfortunately, scam operators can earn a portion of the brand’s revenue without creating their own value. 

Click spoofing, Scammers game the system and claim commission payments for unrelated clicks and installs. Here’s how it works:

  1. Scammers register with a brand’s partner program.
  2. Potential customers visit the scammer’s webpage—ignoring ads and taking zero actions. 
  3. The fraudulent party spoof’s a click on their behalf. From the brand’s point of view, the visitor performed an authentic action. 
  4. If that potential customer goes on to download the brand’s app or uses a code, the scammers receive credit. The bad actors can earn full commission payments without driving value or playing a role in the customer journey.

Malvertising. Scammers corrupt the app install attribution process—automatically sending users straight to app stores. Through hacked ads, scammers trigger actions on unsuspecting users’ phones: opening the app store without user’s consent. These clicks register with brands, counting as authentic attribution if the user downloads the app later. This fraud can quickly generate unearned commissions for scammers. 

Combatting the wide range of mobile app fraud might feel impossible. Through hacked ads and fake downloads, scammers rely on streamlined steps to steal credit and commissions. But you don’t have to overcome these scams on your own. Fraud detection and avoidance get much easier with the proper support and expertise on your side.


How to protect your partnership program from mobile app fraud

Mobile phone fraud protected

You can’t get a simple cheat code to catch all mobile app fraud. Scammers change their tactics all the time. Brands respond to updating contracts and commission triggers. Seemingly legitimate apps navigate around these hurdles and find fresh ways to game the system. Mixing authentic engagement with fake installs makes detection much more challenging. 

Brands should take a multi-step approach to identify and avoid fraudsters. 

Seven ways to fight back against fraud

These points cover key ways to protect your partnership program and work with honest publishers:

1. Low app interaction 

Scammers don’t bring in high-quality users. Through a quantity-over-quality approach, these malicious partners rely on app installs—not actual usage and activity. 

Look at publishers bringing in customers who never get past the download phase. Install farms rarely have time to maintain ongoing engagement. Since they are instantly wiping phones and starting again, this traffic will generally be low-quality.

2. Dormant users

Check your performance metrics and know your average churn rate (how quickly apps lose users). With your seven-day rate in mind, focus on partners providing abnormally high churn rates. High rates of users going dormant fast is a crucial red flag—especially coming from the same publisher. 

Use your average churn rate as a baseline and ensure your performance metrics are updated frequently. 

3. Abnormal conversion rates

Brands usually link conversion rates with specific triggers: app installs, clicks within apps, purchases, etc. Some steps require payment: booking a car in a ridesharing app or ordering food. Scammers will avoid triggers based on financial transactions—focusing instead on easier ways to fake conversions. 

When incoming traffic continually stops before payment is required, look at the partners involved in their customer journey. Brands with no payment-based conversion triggers should pay closer attention to conversion rates. This business model might be considered an easier target for fraudsters. 

4. Strange ad viewership

Check your average ad impressions and user habits. For most apps, you can follow general trends based on the time of day and app usage. 

Data from fraudulent partners can often stand out from the crowd—bunched together at strange times of the day or coming from non-targeted parts of the world. Not all outliers are going to be the result of scams. But traffic coming through those partners should get a second look. 

5. Suspicious uninstall times

Depending on the industry, brands face a wide range of average app uninstall rates. In 2022, gaming apps were uninstalled over 65 percent of the time—compared to only 31 percent of travel-related apps.* Keep track of average uninstall rates and times to avoid scams and unearned commission payments. 

Install farms have limited physical devices—making rapid uninstalls common. Scammers cut down turnaround time and generate another app install quickly. Since individual downloads only add small amounts to profits, install farm workers need to push the limits and operate at scale. This behavior affects performance metrics and leaves markers for observant brand managers. 

6. Partnership marketplaces

Protect yourself by working with vetted partners through a marketplace like impact.com. Avoiding fraudsters start with looking in the right place. Try connecting with partners through reputable, established marketplaces. That way, your partnerships start with clear communication and transparent contracts—adding a barrier for potential scammers. 

Partnership marketplace

7. Anti-fraud protection

You don’t have to start from scratch when dealing with fraudulent partners. A partnership management platform can help. For instance, Mapiful used impact.com to identify fraudulent activities, such as partners posting their links onto coupon sites. With impact.com’s fraud detection tools, Mapiful quickly blocked suspicious activity and ensured program safety. **

You can use these impact.com platform features to secure your partnership program: 

Attribution risk estimates with detailed fraud scores and reports. With impact.com, you’ll receive traffic summaries and performance reports. Transparent reason codes spell out why certain partners are flagged as risky—helping you and your team understand each step of the anti-fraud process. 

Attribution risk protection can help you avoid attribution scams by highlighting risky partners. Through close monitoring and sophisticated click-tracking techniques, impact.com’s system highlights potential fraud with actionable scores and estimates. That way, you’ll be free to focus on the healthiest partnerships.

Attribution risk dashboard

Support from the impact.com compliance team. Fraudsters constantly look for new ways to scam brands and receive unearned commissions. This is why impact.com has a compliance team dedicated to detecting fraudulent activity and keeping it out of the marketplace. 

server Illustration

With anti-fraud protection built into your partnership platform, your team will have every tool and answer they need to avoid scams. This feature ensures your partnership pipeline is secure and will save you time and money while creating better customer experiences.


The future of mobile app marketing 

In 2020, the global mobile marketing market size was estimated at around 11 billion U.S. dollars, By 2030, this figure is expected to surpass 55 billion dollars

Although mobile marketing is lucrative, fraud pulls attention away from where it matters. Many brands waste resources trying to catch scammers and paying unearned commissions. Bad actors can easily take advantage of your conversion path without the right expertise and protections. 

However, that doesn’t mean you should avoid in-app ads. Apps engage users and open up new revenue streams for brands. With impact.com’s tools and support, you can catch scams before they snowball. With authentic partners on your side, you’ll be able to hold people’s attention and significantly boost revenue. 

Stay in the know. Get our monthly newsletter right in your inbox.

Congratulations!

You have successfully signed signed up to our newsletter. Keep an eye on your inbox...

Invalid email

impact.com values your privacy.