“Angry Birds” maker Rovio Entertainment knew the sheer size of its user acquisition tactics was making it a sitting duck for ad fraud.
“With a name like Rovio, the ad exchanges see us as having big potential for them,” said An Vu, Rovio’s user acquisition lead. “They often want to sell us a lot and then they actually deliver very little.”
Because fraudsters, as ever, follow the money.
“The clients with the most aggressive user acquisition strategies are paying higher CPIs,” said Andreas Naumann, a fraud specialist at app analytics company Adjust, which launched a suite of anti-fraud tools in February used by Rovio, HotelTonight and a number of other high-profile app publishers. “And that makes them the biggest targets.”
Adjust’s fraud solution blocks payment on bogus purchases and rejects payouts on fraudulent traffic coming from data center IPs and other spurious sources. Adjust also analyzes groups of acquired users in the aggregate to stop bad actors from faking background clicks on organic traffic, thereby claiming credit and getting paid for clicks they had no part in generating.
A blacklist isn’t going to catch that kind of stuff, Naumann said.
“They hide in networks and exchanges and dump companies every couple of months,” he said. “If you cut off a network, the bad actors just jump ship and come back again in a matter of days or even hours under a new name.”
Before hooking up with Adjust, Rovio noticed a fair amount of that sort of fishiness.
In one case, Vu and her team spotted what she called “a serious case of click stuffing” from a network. Two days into the campaign, there was a conspicuous dip in Rovio’s conversion ratio – the number of clicks connected to sales – through iTunes Connect. The issue was traced back to the problematic network when Rovio noticed that the day the conversion rate started dropping was the same day that network started delivering traffic to Rovio.
Rovio was able to catch it by staying vigilant. But manual detection can’t possibly keep up with everything.
“If we were looking at cost per install only, we would never notice this,” Vu said. “But [we] are careful about our entire funnel starting from impressions all the way down to deep post-install events, and if something looks funny anywhere in that chain, we will notice.”
The app publisher/ad network relationship isn’t always the greatest. In another recent example, Rovio was running a big burst campaign during the holiday season in an effort to break into the charts in Canada. Rovio was looking to hit particular benchmarks, and a network it had worked with before told Vu it wouldn’t be a problem.
But it was. “Afterward, we found out that 90% of our installs came from three IP addresses,” Vu said. “That was a blatant example of fraud coming from a seemingly trusted network.”
It’s not uncommon, said Naumann – and he has firsthand experience of what goes on behind a publisher’s back. Before joining Adjust in January, Naumann cut his teeth at different performance networks, including Glispa, Trademob and Zanox.
“Networks are completely aware of what’s going on,” Naumann said. “Networks are not usually directly involved, but they know what’s happening and they take the short, secure route to revenue.”
There’s a bit of a Catch-22 going on. If networks proactively cut down on fraud, their volumes go down. But publishers have certain growth expectations, and if a network’s volume goes down, it can’t meet those expectations. So networks push on, regardless of the threat of fraud.
“For a company like Rovio, that’s going to result in a lot of money going to waste,” Naumann said. “It’s why we focus on cutting the cash flow to the network or the fraudulent source before they get paid.”
Without automation, that turns into a hugely time-consuming process even for a player as big as Rovio. It’s why Rovio hooked up with Adjust.
“[This] is saving our business intelligence team from having to manually dig through server logs to look for fraudulent behavior, especially when working with many different networks and determining which ones to cut,” said Vu. “By doing this programmatically, we can have more confidence in the data, and we can go big and not hold back in our ad buy experiments. It’s more than just preventing the bad install – it’s an insurance policy when working with new partners.”
Rovio is taking an active approach to fraud prevention, but a publisher simply is not able to have full visibility into traffic sources. The whole buyer beware thing doesn’t fly, Naumann said.
“There’s no way for the client to make 100% sure where the traffic is coming from, and most networks have no clue where it’s coming from either unless they have a proprietary source,” he said. “But what clients do need to do is educate themselves so they know what the red flags are. They need to make sure they aren’t running blindly into traps.”
