Diversifying user acquisition channel strategy with confidence

PSsafe AppsFlyer Customer


Savings on ad spend


Boost in ROI


PSafe Technology is a leading provider of mobile security, privacy, and performance optimization apps.

The flagship antivirus and anti-hacking app, dfndr security, with 130+ million installs globally, has consistently been named as a top-rated antivirus software by AV-TEST Institute.

To safeguard and enhance users’ online experiences, the company’s app portfolio continues to grow and now includes a cleaning and boosting app—dfndr performance, a virtual private network app, dfndr vpn, a private storage app—dfndr vault, and a battery performance app—dfndr battery.


To fuel their massive growth across a portfolio of apps, PSafe employs a broad and scale-focused user acquisition strategy that maximizes the reach of their campaigns.

This includes working with an unusually large variety of media sources: With over 50 ad networks, DSPs, and other media channels, the diversification of PSafe’s media mix is well above the category benchmark – on average, utility apps work with 3.7 media sources.

With so many channels to manage and monitor, detecting and preventing fraud became a top priority for PSafe.

As a leader in mobile security, they needed a solution to meet their high standards for reliably detecting a comprehensive range of fraudulent installs while minimizing manual analysis.


PSafe leverages Protect360, AppsFlyer’s anti-fraud suite, to prevent fraudulent activity from being attributed as real installs.

While these solutions automatically block the vast majority of fraud in real-time, the constant evolution of mobile fraud also requires proactive flagging of potentially fraudulent activity for further assessment.

Today, PSafe saves time and money by activating two main use cases of Protect360:

  1. Automatic fraud prevention
  2. Advanced fraud detection

Use case 1: Automatic fraud prevention

As a first step, AppsFlyer’s fraud algorithm pulls from the world’s largest fraud database to blacklist fraudulent devices as well as bad site IPs and IDs in real-time.

At the same time, machine learning provides evolving coverage against both known and new forms of click/install fraud, bots and behavioral anomalies. Real-time fraud blocking ensures that PSafe only pays for genuine installs, providing a more accurate view of the user journey for deeper analysis.

Although fraud prevention is primarily concerned with validating activity from “real” users, many advertisers have a broader definition of what they deem as “acceptable” traffic. For example, PSafe has specific targeting criteria that all media sources must adhere to. In the past, the PSafe team fought for makegoods by manually analyzing reports on geography and OS version for each media source.

With Protect360, PSafe saves time and headache by applying custom validation rules across all of their campaigns to block attribution for installs that don’t meet their defined targeting.

PSafe also added validation rules for click-to-install time (CTIT) to heighten their standards for user quality. These rules not only streamline reporting analysis, but they also provide a mechanism for media source policing.

Use case 2: Advanced fraud detection

For PSafe, effectively optimizing 50+ media sources warrants custom analysis that goes beyond the scope of automatic fraud prevention. That’s where fraud detection analysis comes in.

Protect360’s Advanced Detection metrics provide signals that indicate low quality or potentially fraudulent traffic for sub-publishers and devices that do not meet AppsFlyer’s threshold for real-time fraud blocking.

For example:

  • Suspicious devices are flagged as having a significant, but not a 100% conclusive fraud profile
  • Unusually high % of new devices may indicate new devices fraud
  • Unusually low click-to-install (CTIT) times may indicate install hijacking
  • Unusually high CTIT combined with low conversion rates and high contribution rates may indicate click flooding

AppsFlyer’s best practices for fraud detection help the PSafe team define benchmarks for actionable insights, which they can use to update validation rules, setup live alerts and notify media sources for optimization.

PSafe currently uses live alerts to receive automatic email updates based on benchmarks for unusual levels of install volume, conversion rates and suspicious devices. Outside of periodic deep dives, live alerts ease the burden of 24/7 fraud monitoring by enabling the PSafe team to quickly react and notify media sources before problems get worse.

“Granting our media partners access to select insights from Protect360 supports their proactive fraud prevention efforts – which in turn means less fraud for everybody.” – Hubert Yee, Senior Growth Marketing Manager

The data that is generated via the Protect360 solution is delivered by AppsFlyer to PSafe using AWS as a powerful cloud computing platform designed to support data at scale, and guarantee the highest levels of data availability, reliability, and security.

“With Protect360 we see a huge difference in our user quality and only pay for verified, real user-driven installs. This saves our team a tremendous amount of time, so they can focus on growing our suite of dfndr apps.” – Arpit Patel, Head of User Acquisition


Overall, Protect360 blocked 30% of installs as fraudulent over the last three months. This contributed to lifetime savings of 43% in budget and a 141% boost in ROI.

Mobile fraud is a serious industry issue and it is not going away. As mobile fraud continues to evolve, Protect360’s machine learning algorithm will be bolstered by ongoing product improvements to keep clients like PSafe ahead of the curve.

Thanks for your download!
Ready to start making good choices?