Fighting Fraud

Gavin Stirrat HeadshotGavin Stirratt, global managing director at Voluum, looks at the problem of digital advertising fraud, and the steps being taken to address it.

Hacking and fraud have existed for over 100 years, with magician and inventor Nevil Maskelyne disrupting a demonstration of wireless telegraphy as early as 1903 and Alan Turing famously cracking the Enigma machine in 1939.

The first computer fraud, as we would recognise it today, involved a security breach at National CSS in the USA in 1980, which was followed by an explosion in hacker groups around the world, including The 414s, The Warelords and the Chaos Computer Club. This led to US Congress enacting the Computer Fraud & Abuse Act in 1986. However, with detection so hard and penalties relatively weak, technology fraud has grown with the same trajectory as Moore’s law. Recent projections by the Association of National Advertisers (ASA), put the advertising investment wasted due to bot fraud at $7bn (£4.86bn) this year. With global digital ad spend at $67bn, that is considerable.

Cross-industry action
Clearly, more needs to be done to aggressively deal with this issue. Unified, cross-industry action is required, but unfortunately the entire value chain is not incentivised to do so: if you are part of the digital advertising ecosystem, a significant amount of fraud is running across your platform – whether you choose to acknowledge it or not. To immediately eradicate it will have a significant impact on revenues – and in an era of VC-backed technologies, that’s a difficult discussion.

When we launched Voluum DSP in the UK we were in a somewhat different position. Voluum comes from a privately-owned, profitable company and – prior to launch – the DSP had little revenue. We recognised that this was a unique opportunity to take a proactive approach to removing fraud from our platform.

Our first step was to evaluate the existing anti-fraud vendors on the market. After testing technology capabilities, we began discussing commercials. Unfortunately, we then hit our first challenge: most fraud verification tools operate on a CPM model, based on the number of times their database is queried. However, we want to ensure our inventory is filtered pre-bid. This means we would have to call their servers for our entire bid-stream, many billions of times a day. In layman’s terms, this would have resulted in a bill of over $1m per day – even before any revenue flows! Thankfully, we resolved this challenge with Pixalate, who pass us their entire fraud database each evening, enabling us to query the database locally as many times as we wish.

Voluum Trust score
We then wanted to conduct a more thorough analysis of the inventory received from our exchange partners. We therefore developed a proprietary piece of technology that awards a multi-attribute, Voluum Trust score to every app within the entire iOS App and Google Play stores, based on a variety of criteria, from how many times it’s been downloaded, how recently, the number of reviews, and the spread of scores, plus a variety of other variables. In this way, we can see what real consumer engagement is with the app and judge how likely the traffic is going to be genuine. Using these two tools, we are able to filter out the vast majority of fraudulent traffic before our customer’s even have a chance to bid on it.

So having established a robust anti-fraud solution, we wanted to test what happened to campaigns when fraud is removed, with particular attention paid to the sorts of KPIs usually measured by brands and agencies. Our initial hypothesis was that the removal of fraudulent traffic would have a positive impact and campaign performance KPIs would improve. However, this was not the case.

When fraud was removed performance dropped, often by as much as 10 per cent.
And herein lies the challenge: if you are buying a fixed CPM from a variety of inventory sources, the blend of performance from real and fraudulent traffic is going to give you a better looking set of results. Therefore, remove fraud and performance drops – however, you know these are now real consumers you are engaging with.

Another industry symptom that allows fraudulent behaviour to go unchecked is how success is too often measured. The most common buy metric in mobile remains CPC (cost-per-click), which is a function of CTR (clickthrough rate) This makes no sense for brand advertisers, who are seeking to influence an audience, nor for direct response advertisers, who want to push people down the funnel to a purchase. A click is not an indicator of either, and yet we continue to hear: “I don’t want a CTR under 1.0 per cent”, or – even worse – negotiating how low the click price can go.
A click is one of the easiest things to fake with a bot. Bots can download apps; they can fill in forms. Currently, for now at least, they don’t buy chocolate bars.

Dealing with fraud
Criminals are using ever-more sophisticated means to defraud advertisers of money. Our advice when trying to deal with this fraud would be as follows. Firstly, take a firm and proactive approach to advertising fraud, no matter where you sit in the value chain – from advertiser, agency, platform, publisher – so we address this problem together. Secondly, find partners you can work with, from both a technical and commercial perspective, whether this is pre-bid or via post campaign analysis and make-goods. Finally, look at your performance metrics and the prices you’re paying and consider where this race to the bottom ends.

Fraud is a serious issue and one we are never likely to completely eradicate from the digital advertising ecosystem. However, by working together and taking a proactive approach, we believe it is an issue that can be managed successfully.

This sponsored article first appeared in the June 2016 print edition of Mobile Marketing. You can read the whole issue here.