Have you heard of a little social platform named Facebook? What about Twitter? Does Google Universal Campaigns ring a bell?

With 2.6 billion monthly active users on Facebook as of the first quarter of 2020, 330 million monthly active users on Twitter, and over 62 billion visits in 2019, these household names are anything but little.

In fact, these are giants who dominate the industry in many realms, and one of them is advertising.

Google Ads, Facebook, Snapchat, Twitter, and more, known as Self-Attributed Networks, or SANs for short, have collectively shown an increase in the structure of traffic purchasing over the last few years.

While this is a positive trend for some, it does come with potentially negative consequences for User Acquisition teams. You see, they are too big. Their activity levels continue to skyrocket, so it’s very easy to get lost in the mix – and that’s just what fraudsters love—mayhem.

As an advertiser, you may find comfort in their size, and you may even think of them as the first and only option to scale your UA campaigns, but fraud undoubtedly exists in these sources. 

The main reason behind this is money: wherever there is a connection with a 3rd party sub-publisher (mobile apps, mobile websites, etc), the financial incentive is more than enough to have fraudsters snooping around.

No Regrets in Paradise 

Facebook Ads along with advertising in apps, has around 80K 3rd party apps connected to the Facebook Audience Network. Google Ads has even more 3rd party sub-publishers, nearing the hundreds of thousands.

Now, add rotation to the mix, which must be factored in as more and more 3rd party sub-publishers are connected. Here, you can find a pool of both legitimate publishers and fraudsters.

Under these circumstances, it’s virtually impossible to eliminate fraud altogether, instead it can only be controlled or reduced.

SANs are well aware of the problem. In fact, they try to do their part when it comes to preventing and minimizing fraud from their side by making use of in-house solutions, but there are major drawbacks in this solution:

  • There is a slow response rate. Being the giants that they are, SANs move at a slow pace (unlike fraudsters!) and it can take months, even years, to remove a fraudulent app from their ad networks. All while advertisers bear the losses generated by fraud.
  • Sophisticated schemes go unnoticed. As mentioned earlier, fraudsters may manage to stay hidden in SANs, especially since they are constantly reverse-engineering their schemes. Thus, an important number of fraud attacks go completely unnoticed.
  • Last, but certainly not least, the most important drawback is the lack of transparency. As Frank Lloyd Wright once said “A doctor can bury his mistakes, but an architect can only advise his clients to plant vines.” Well, publishers cover their mistakes with ad campaigns!

The mobile ad market does its best to move towards a more open and transparent environment, as the share of blind sources decreases rapidly. Now, advertisers want to have the right to know in which specific apps/mobile sites their game/app ads are being displayed on.

To the dismay of advertisers, Google Ads remains a blind source with low transparency levels in data granularity. Back in November 2017, all advertising campaigns were, by default, converted to Google’s Universal Ad Campaigns format and the option to know how many impressions/clicks/installs/actions there are in a specific app, or how well a sub-publisher is performing, was removed. 

Google’s intentions were to unify advertising campaigns, simplify media buying, and use algorithms to automate advertising procurement. But, you’ve probably heard of the Cheetah Mobile scandal, which raised a wave of concern and claims against Google from marketing teams across the globe, urging the giant to bring back transparency.

So, why is transparency and transmission of app_ids so important for mobile ad fraud detection? It all boils down to the cluster nature of mobile ad fraud. 

Clustering techniques of potentially fraudulent traffic, also known as cohorting, make it possible to accurately identify the maximum fraud volume. While advanced solutions use ML clustering technologies for fraud detection, it is app_id clustering that is one of the necessary parameters for fraud clustering.

The app_id is, oftentimes, the source of fraud. Advertisers receive only aggregated, high-level data from Google, at the ad campaign and traffic source levels. They see data in huge clusters (cohorts) of traffic with several thousands of installs. 

In these conditions, around 15-20% of fraud is “blurred” and is practically impossible to identify at a granular level. Fraudulent and legitimate installs are all mixed together, making fraud virtually undetectable.

One of the things we learned from the Cheetah Mobile scandal is that if advertisers could receive information about specific app_ids being fraudulent (up to 99% of fraud), they would react fast and block all compromised sources. Unfortunately, fraudulent traffic is mixed with clean traffic.

How come all of this is allowed? Well, SANs are inherently granted special market advantages, much like monopolies, where the lack of transparency in terms of real placements goes undisputed and it’s very hard to negotiate rejections, especially if you have no data to prove there is fraud and in turn, it’s unlikely SANs will believe anything without data proof.

Fraudsters who go into the Facebook Audience Network or Google Ads are somewhat untouchable, stealing money right under the shroud of giant SANs.

In fact, Scalarr’s latest research shows that the volume of install fraud in SANs can reach up to 7.5%.

Word of Advice

Advertisers are the ones losing in all this mixup. In a way, they become hostages of the situation. What can they do if they find fraud while advertising in SAN networks? 

Should advertisers request a refund? The chances are pessimistic, as SANs are known to initiate refunds only in cases they identify themselves.

Should advertisers try and optimize their media buying strategy? This is very hard to achieve since traffic grouping is carried out only at the campaign level.

Not all is lost, though. One of the ways to fight fraud at this level is to prevent and avoid it by filtering placements that have been previously involved in ad fraud schemes and block them, so as to never show ads in any of these fraud sources.

In its research, Scalarr calculated a scenario where advertisers allocate budget to conditionally trusted traffic sources. In this scenario, with 500k installs per month, Scalarr can help customers save up to 12.65% by blocking fraud at the impression level. 

By filtering ad placements, advertisers can expect a lower eCPI (up to 25%), gain more legitimate impressions and a higher ROI for a given marketing campaign, and generate for conversions for a given budget (up to 20%).

When IDFA updates disrupt attribution IDs, device IDs, and IP addresses blocklists, it’ll be wise for you to take a detailed look at your ad sources.