What are Bots?
Bots are one of the fastest growing and most widespread types of mobile fraud.
Most mobile fraud bots run off of servers, attempting to simulate specific tasks, such as ad clicks, installs and in-app engagement, masquerading as legitimate users.
Other bots can be identified as malware located on a user’s device. This malware attempts to generate fake ad impressions, fraudulent clicks and in-app engagement.
How this works:
Server based bots will operate via emulators (device simulating software) by mimicking an active user’s behavior, interacting with ads, completing app installation funnels and some even reaching as far as a deep in-app event. These programs constantly refresh their metadata, observe and learn user behavior patterns, later applying them in their activity to go under the radar of fraud protection tools.
While IP blacklisting used to be an effective way of blocking server-based bots, fraudsters have learned to better hide their activity behind fresh, non-blacklisted IPs, forcing smarter, more advanced solutions.
Device-based bots could use a tactic called SDK Spoofing, in which App A will try to impersonate App B, sending false click, install and in-app event reports on behalf of App B. Apps with open source SDK’s or ones with low security measurements are more likely to suffer these attacks as their SDK is easy to breach and mimic.
How to Block Mobile Fraud Bots:
Open source SDKs are the easiest to unpack and simulate, and are therefore more exposed to fraud from bots.
- SDK security measures, such as hashing or unique tokens help block bot activity in real-time. Using the latest SDK version of your attribution provider will ensure that you have the latest security updates and are up to par with known bot tactics.
- Bot signatures: Protect360 maintains a real-time bot signature database, automatically blacklists and blocks all activity from known signatures.
- Behavioral anomalies, such as high densities of installs that follow identical or programmatic, non-human behavioral patterns. Protect360 applies a proprietary behavioral anomaly detection solution, automatically blocking sources generating this non-human traffic.
The AppsFlyer secure SDK is heavily obfuscated binary and virtually impossible to reverse engineer. AppsFlyer’s SDK, combined with AppsFlyer Protect360, drives highly-efficient prevention of bots and emulated devices.
« Back to Glossary Index