English
Español
Pусский
中文
Português
韓國
日本Think of Kaden as your personal “Fraud Detective” for mobile programmatic, investigating every part of the user acquisition journey for indicators that reveal fraudulent activity. From impression, to click, to install, we hunt for fluctuations and discrepancies in the numbers. Our analysis is thorough and site-agnostic, which means that we rigorously review each exchange and site we buy from proactively and apply macro rules at a both site and device levels.
Our internal fraud rules are highly sophisticated. Some lead to an immediate device ID blacklist. Some work on a strike system so that if a particular activity happens more than once, we keep track and avoid false positives. We are additionally proud and vocal of our choice to coordinate with third-parties, including anti-fraud specific services and MMPs, to ensure that our methodologies are accurate and verifiable.
Of course, advertisers should always share their guidelines with us, because it may be that you wish to block specific types of apps or specific publishers at a site level based on your own data and experiences, but after applying your guidelines we do our best to avoid exchange or site bias. Where appropriate, we want to challenge household names while also treating each smaller exchange or site fairly.
We want to encourage our customers to focus on the data points – clicks, impressions, installs – not the app category or developer location. For this reason, we’re creating a series of shorter posts that explain some of the types of fraud we’re working to eliminate from our ecosystem, and what you can do to spot them. It’s an advertiser’s right to be informed so you can work alongside us to stop fraudsters in their hacks!
Below are some of the key terms you’ll want to know when investigating for fraud. As this series develops, the terms will be linked to more detailed articles.
Impression-level Fraud
Ad Stacking: When a publisher serves two or more ads in the same placement, so an impression is requested for both, but only one ad is seen by the user. If the ad on top is a display ad such as a banner or interstitial, but an impression request is also sent for video or interactive formats, the fraud may also be referred to as “Background Ad Activity.”
Click-level Fraud
Click Spamming: When clicks are executed for a user who is not active. This can take many forms, for example, a malicious app could run in the background on a real user’s device, sending clicks 24 hours a day even when the user is not taking action in the app.
Click Injection: When fraudsters monitor the activity on a device and “inject” a click right before an install takes place, so they can claim credit for that install.
Install-level Fraud
Fake Installs: When an attribution partner is tricked into attributing to a paid source an install that did not actually happen. This is most often done through device emulation.
Site-level Fraud
App Spoofing: When a fraudulent app signals that it is a legitimate one by modifying ad tags or utilizing malware. Known as Domain Spoofing when done in a web browser.
SDK Spoofing: When fraudsters replicate the communication signals between app stores, ad networks, and MMPs, thereby simulating real user behaviour, even down to post-install actions.
Additional Key Terms
Device Farms: These can consist of a bulk of real devices in a single location, where a person is paid to activate specific attributable actions, or they can be purely digital, set up through an emulator as a cloud full of faked devices. Either way, device farms are used by fraudsters to complete many paid actions all at once.
Organic Theft: This term is used to describe any fraudulent activity that steals attribution from an organic source. If a user intended to install an app without viewing an ad, yet the install is counted as a paid one, that is organic theft.
Invalid Traffic (IVT): IVT is any traffic that is not human. There is General Invalid Traffic (GIVT) which consists of web crawlers and non-malicious bots, and Sophisticated Invalid Traffic (SIVT) which is intentionally crafted to resemble a real user. We want to avoid IVT as much as possible – fraudsters can take advantage of both kinds.
