Was post attribution fraud detection the right move? | AppsFlyer
3 Min. Read

Post attribution fraud detection – was it the right move?

Michel Hayet Michel Hayet Nov 02, 2020

To change a person’s mind, let alone an entire community can be difficult. In the summer of 2019 AppsFlyer set out to challenge one of our industry’s long standing philosophies regarding mobile ad fraud identification.

Mobile ad fraud has always been a pain point to almost every app marketer. Anti-fraud vendors sought out to battle or at least minimize this ache- each with their own solution or approach – some were more successful than others. 

However, one commonality can  be found within all solutions – they all worked under the same basic assumption that all fraud can and should be identified and blocked in real time.  

Last year we planned for Protect360’s relaunch where we were given an opportunity to rethink many core assumptions regarding mobile attribution in general and fraud detection specifically. 

We knew that fraudsters are just too sophisticated to settle for simplicity, so we challenged the belief that all of their activities can indeed be identified in real-time.

We started the post-attribution fraud detection journey under this exact assumption and with a nagging feeling that something big was being overlooked.

This meant admitting a potential weak spot – one that could damage the way our solution is perceived.

So was post-attribution fraud detection the right thing? 

 

Market feedback

As the mobile attribution market leader, any new feature that we introduce is naturally followed by market reactions, especially when pointing out a weakness that you’re looking to solve.

Our competitors were first to respond by claiming that AppsFlyer can now only identify fraud post-attribution – missing the point completely. 

Post-attribution fraud detection was yet another layer of protection for our customers. This was meant to identify and block new fraud patterns as they emerge, associate them with fraudulent clusters, and effectively teach our algorithm new fraud patterns on-the-go.

A new fraud pattern would consist of several initial installs – sometimes amounting to hundreds or even thousands. These installs are not yet recognized as fraud, as they still don’t match any existing fraud detection rule and their suspicious cluster has yet to reach sufficient statistical significance to be considered as fraud. 

Once passing our strict thresholds and labeled as fraud, the initial installs contributing to the identification process will also be associated with the fraudulent cluster, and labeled as fraud retrospectively.

This means that installs who would otherwise be disregarded in the detection process are now properly treated and rejected.

So, despite what some competitors had to say, this additional protection layer was in fact strengthening our real-time detection, adding more query points to our ongoing fraud learning algorithms, and protecting our ecosystem in a way that other vendors simply couldn’t.

 

Results don’t lie

Early beta testing and models showed a greater impact than anticipated with roughly 16% additional fraud detected.

As we officially launched this feature at full scale in July of 2019, large scale results started rolling  in. The first month of full scale post attribution activity showed an astounding 27% of fraud detected post attribution.

 

Post attribution monthly trend

This served as a double benefit:

  1. A pattern that was identified as post-attribution fraud in a given period will be recognized as real-time fraud from that point on. 
  2. Fraudsters were now left with very little room to operate, which translated into lower overall fraud rates in the following months.

As the biggest player in the attribution landscape, this actually meant a shift in the needle in terms of industry fraud rates, as fraudsters were now focusing their attention on other less vigilant vendors and their customers.

 

Key takeaways

The average post-attribution fraud rate in 2019 was ~20%. 

While this significant increase in identified fraud is impressive, the biggest takeaway from this feature should be the approach of challenging industry misconceptions. 

Basic work assumptions, habits, and beliefs can often be exploited by ad fraudsters, as they live and breath the industry’s culture just like legitimate marketers. They take advantage of these beliefs, as they see them for what they truly are – weak points and loopholes – an opportunity for them to strike.

Since releasing post-attribution AppsFlyer went on to challenge more of these potential loopholes such as the false positive test and CPA campaigns – still believed by many to protect from fraud – when in fact they are intentionally targeted by fraudsters.

The introduction of post-attribution fraud detection was the right move.

It helped AppsFlyer’s customers save millions of dollars since its introduction. But most importantly, it was yet another step to reduce fraudsters margins and profit.

The more steps we take to lower fraud’s ROI, the closer we will get to lowering fraudster motivation to operate. It is our job to make their operation less profitable and difficult to operate – one step at a time.