With mobile advertising being the preferred way for publishers to monetize apps, billions of dollars are being spent by advertisers to target audiences. However, the success of in-app advertising has attracted fraudsters trying to take advantage of the system. Mobile advertising fraud affects the entire supply chain, from advertisers to publishers and everyone in between. From a publisher standpoint, the effects can be particularly devastating, resulting in both lost revenue and lost users.

Initiatives to combat ad fraud in the mobile realm are picking up steam every day. However, properly countering these threats requires publishers to first understand exactly what they’re up against. From a publisher perspective, here are some of the most common forms of mobile ad fraud to know:

  • Auto-Downloads: A misleading ad causes an automatic download to happen without the user’s intent. The downloaded item is often malicious.
  • Auto-Redirects: Auto-redirects bring users to pages that resemble known sites but are used to install malware or steal sensitive data. Most commonly, these automatically redirect users to an app store in order to achieve higher performance.
  • Crypto Miners: Ads may contain JavaScript code to mine for cryptocurrency. The fraudulent advertisers profit while the users’ smartphones have their CPU and battery power drained.
  • Inappropriate Ads: Reputable mobile advertising platforms ban offensive ads (e.g., ones featuring nudity, bad language, drugs), but some advertisers intentionally obfuscate these ads to avoid detection.
  • Malware: Fraudsters serve an ad that causes a user to download a harmful program. Malware can be used to steal data (e.g., phishing), lock key functions of the smartphone, or hold the device ransom. Malware can even be used to generate fraudulent ad traffic.
  • VAST Arbitrage: By serving in-banner video ads, a demand-side platform (DSP) can fraudulently resell a won video impression in a display banner ad space. If they can resell it for more than they initially paid, they are guaranteed to make money. If they cannot resell it, the ad will register an error, and the DSP does not have to pay.

App-ads.txt: The Next Step in Combating Ad Fraud

The most effective way to cut down on fraud is for the whole industry to get on board and work towards solutions that can truly scale. There’s no one initiative that solves all of the above challenges, but our industry has made progress toward important solutions. Ads.txt and app-ads.txt are two of them.

Developed by the Interactive Advertising Bureau (IAB), ads.txt already helps prevent web-based counterfeit inventory across the programmatic supply chain. In fact, ads.txt represents one of the most significant developments in fraud mitigation, with about three-quarters of leading programmatically equipped publishers having implemented ads.txt.

App-ads.txt is an extension of the original ads.txt standard, enabling mobile apps to increase their pool of authorized digital advertising inventory while also reducing fraud. By adopting this specification, publishers enable brands and agencies to be confident that their investments are winding up in the hands of reputable vendors. Once the app-ads.txt is out of beta, here’s how it will work: 

  • The publisher creates an app-ads.txt file listing all approved monetization partners.
  • The publisher provides its website URL (e.g., publisher.com) within an app store’s listing metadata.
  • The app-ads.txt file is uploaded to the publisher’s website (e.g., publisher.com/app-ads.txt).
  • Ad buyers can check whether the inventory that has been offered to them is legitimate by crawling a publisher’s app-ads.txt file.

Looking to the Future of Ad Fraud Protection

Our industry’s top priority must always be the protection of mobile users and mobile investments. As fraudsters continue to evolve their methods, it is our responsibility to evolve even quicker. 

While the current focus on cleaning up ad fraud and fighting emerging fraud schemes is critical to ensuring the long-term health of the mobile and in-app advertising ecosystem, industry-wide initiatives also need to be prioritized. Projects such as ads.txt, app-ads.txt, and ads.cert all provide (or will soon provide) a strong foundation for the direction forward. By continuing to invest in technology, manpower, and certifications (e.g., Trustworthy Accountability Group) to protect against fraud, our industry can and will come out ahead.