What is Device ID Reset Fraud?
Originating from Apple’s move from the Unique Device Identifier (UDID) to the Identifier for Advertisers (IDFA). IDFA’s goal was to give user’s complete control over their in-app activity. IDFA allows users to either limit ad tracking for their device ID or reset it entirely – providing full privacy. Google also made similar capabilities available with their GAID.
However, IDFA also brought with it a new wave of fraudsters who capitalized on the opportunity to reset their device IDs at scale, and device ID reset fraud became prevalent.
How This Works:
Device ID reset fraud is a cycle of fraudulent activity in which fraudsters click on ads, install an app, generate in-app engagement, and later reset the device ID before uninstalling and reinstalling the app to simulate new installs from “new users”. When resetting their device IDs continuously between installs, fraudsters effectively generate significant numbers of “real” clicks, installs, and engagement from new device IDs, bypassing real-time, anti-fraud protection measures.
Pretending to be seemingly legitimate app install activity. The cyclical actions, perpetrated by phone farms, are repeated at scale through Device ID reset marathons, or by hiding behind the “Limit Ad Tracking” setting (on iOS devices). While the app install and engagement activity appears to be real, none of it has any actual value to advertisers or the apps’ growth.
Protect360 creates and updates blacklists of Device IDs and IPs that consistently show irregular behavior of unknown devices, indicating potential device ID reset fraud attempts.
« Back to Glossary Index