The mobile and connected TV (CTV) ad space is taking off. Annual spend on mobile ads is growing at a clip of 10% per year and is set to surpass $399 billion globally by 2024. Likewise, CTV ad spend is expected to grow 14.4% in 2023.
Unfortunately, unscrupulous actors have taken note. By targeting app publishers, SDK developers, advertisers, and ad networks, they’ve managed to carve off a significant piece of the digital advertising pie. Indeed, ad fraud is expected to cost businesses upwards of $100 billion in 2023 alone. That’s not great, to put it mildly.
Now, there’s no question advertisers want high-value ad placements; and, in an effort to provide these placements, ad networks are constantly looking for new ways to improve their ad targeting capabilities. One way they can do this is by proactively addressing ad fraud.
So, in this article, we go over thirteen ways ad networks can use the mobile and CTV data provided by 42matters to combat ad fraud and secure valuable ad spots for their clients.
Here’s how ad networks can…
1. Detect Fake Location Data
There are many red flags to look out for when determining whether an application is trustworthy. One such red flag is whether an app is faking its location information.
Our “Lookup API” enables ad networks to determine whether an app has potential access to “coarse” or “fine” location, or whether the app allows for location permissions at all. If something doesn’t seem to add up – for instance, if an app is sending ad requests with “fine” location information, but has no location permissions listed on the Google Play Store – networks will be able to detect it instantly.
2. Detect Suspicious App Permissions
Similarly, suspicious app permissions should also raise some alarms. Research by the app analytics and attribution company Kochava, for example, uncovered an apparent ad fraud scheme wherein several mobile apps were caught engaging in a practice referred to as “click injection.”
“Click Injection” requires apps to request special permissions to see when a user downloads new apps and to launch other apps in the background. This enables publishers to gather data on the active install bounties for newly downloaded apps. With this information, fraudsters can claim unearned payment bounties by sending ad networks forged click data that contains hijacked app attribution information.
Needless to say, this can cause some headaches for ad networks and advertisers alike. So, to help combat this, the 42matters “Lookup API” enables ad networks to quickly pull up an app’s permissions and identify whether or not it includes any of these special permissions.
If an application requires anything suspicious from its users, it’s worth doing a more thorough investigation of the app and its publisher.
3. Analyze Integrated SDKs
Malicious SDKs are another major problem. Indeed, one of the most common types of ad fraud involves the siphoning of ad revenue via fake clicks generated by integrated software tools that operate in the background of an app. This is a practice of increasing sophistication where one scheme can comprise hundreds of apps, and where any one app could generate tens of millions of dollars in stolen revenue per year.
Needless to say, advertisers want real clicks. They want real eyes on their ads and real customers browsing their products and offerings.
To assure this happens, ad networks can use the 42matters “Integrated SDKs API” to see which SDKs an app has implemented. This means ad networks can see if the apps they work with have integrated any suspicious SDKs and double check that they’ve integrated their official SDK (as opposed to a copy-cat). Ad networks can then use this information to notify app publishers that they need to update their tech stacks. If the publishers are unresponsive, ad networks can blacklist their apps to protect advertisers from being exploited.
4. Verify the Latest App Versions
Attribution insights are another way to determine whether an application is committing ad fraud.
As an example, let’s say an ad network runs an app install campaign to boost installs for the mobile game “Angry Birds.” Each time a user clicks on one of their in-app ads to download the “Angry Birds” application, the network will attribute that download to the app publisher and compensate them accordingly.
Now, suppose that a disproportionate number of that app’s users are downloading old versions of the “Angry Birds” app. This is a serious red flag, since, presumably, the App Store or Google Play Store should be prompting customers to download the latest version of the apps.
Ad networks can double check the latest app versions via the 42matters “Versions API” and “Versions History API.” Combined, these two APIs allow networks to better validate attributions.
5. Detect Apps With Unusual Publication Histories
Ad networks can also root out ad fraud using publication histories to identify potentially malicious apps.
For instance, if an app is no longer published on app stores, or if it was never released, ad networks might want to conduct a review to figure out whether it’s a viable candidate to host their client’s ads. It’s also important to check whether an app is being updated regularly since apps that aren’t are prone to security breaches that could result in fraud.
To help, 42matters offers a host of APIs, including the “Lookup API,” that enables ad networks to detect apps with unusual publication histories.
6. Review App-ads.txt Files
The Interactive Advertising Bureau’s (IAB) app-ads.txt standard was designed to help mobile and CTV app publishers reduce ad fraud by enabling them to declare which ad networks are approved to sell their ad space.
As such, the 42matters “App-ads.txt API” makes it possible for ad networks to verify that publishers have whitelisted their SDKs. This is a signal to advertisers that using their platforms to place ads on these apps will result in legitimate ad impressions.
7. Detect Copy-Cat Apps
Another common tactic used by fraudsters is to create copy-cat apps. These are applications designed to trick ad networks into believing they are legitimate, premium apps. Taking the bait, ad networks provide them with ads, while advertisers pay high CPMs (cost per mille) to place ads on the wrong apps.
By using the 42matters “Keyword Search API”, ad networks can query keywords to find apps with similar names. From there, they can dig into the metadata (including app descriptions, publisher details, company websites, etc.) and determine which are the copy-cats.
Additionally, 42matters provides app signing certificate hashes. Ad networks can use these to identify copy-cat apps released on stores where the original has not yet been made available, since comparing app hashes makes it possible to determine whether apps come from the same developer.
8. Review App Privacy Policies and Compliance Terms
9. Verify App Publishers
A simple way to validate the legitimacy of an app is to verify that it was released by a known and trusted publisher.
42matters’ APIs give ad networks access to publisher signing keys, which publishers use across their entire app portfolios, regardless of platform or app store. So, If an app appears to be managed by a trusted publisher, but does not use a signing key common to that publisher’s apps, there’s a chance it’s a fraud.
Likewise, signing keys can be used to identify an app publisher’s various pseudonyms. Indeed, there are quite a few companies that operate multiple brands, products, divisions, etc. As such, they may not be publishing all apps under the same publisher name. However, if they use the same singing key, ad networks can easily identify these pseudonyms and access complete publisher app portfolios.
10. Analyze App Reviews
When it comes to detecting potentially fraudulent apps, it’s a good idea to listen to end users.
The 42matters “App Reviews API” provides ad networks with insight into particular user experiences, while the “Review Analysis API” enables them to measure general user sentiment towards certain app elements, such as embedded ads.
These two APIs can be deployed in tandem to help ad networks spot irregularities in user feedback or in how users react to embedded ads.
11. Compare Ad Impressions With App Rankings, Downloads, and Monthly Active Users (MAUs)
If an app claims its ads are generating a ton of views, but it’s otherwise underperforming in top chart rankings, downloads, and MAUs, there’s a chance ad performance is being manipulated as part of a broader ad revenue extraction scheme.
As a prescription, ad networks can use APIs like the “App Rank History API,” “Top Charts API,” “Monthly Active Users History API,” and “App Download Estimates History API'' to do a sanity check. They can compare the number of ad impressions with the app’s overall performance.
12. Verify Country Availability
Another red flag is if an app is generating a disproportionate number of ad impressions in countries where it cannot theoretically be downloaded or where downloads and usage aren’t particularly strong.
Ad networks can use the “Country Availability API” to verify whether or not apps are available in countries where they are generating ad impressions. Likewise, the aforementioned “Monthly Active Users History API,” and “App Download Estimates History API'' can be used to parse MAUs and downloads by country.
13. Acquire the Complete 42matters Dataset and Build Custom Tools
42matters’ mobile and CTV app data can be harnessed in a number of ways. Of course, our APIs are meant to make life easier on businesses that are already overburdened with day-to-day operations, but we do provide solutions for ad networks that are looking for more workable solutions.
Indeed, if ad networks want to leverage the data collected by 42matters in their own analyses or APIs, they can do so. We at 42matters will furnish them with our full raw datasets. These will give them complete control over their offering so that they can approach the market on their own terms.
Schedule an appointment to see how our products can help grow your business.