CTO and Co-Founder, AppsFlyer
In September, mobile marketing analytics and attribution company AppsFlyer announced a novel integrated solution to immunize advertisers against mobile install fraud and loss of mobile customers. Branded as the Protect360, AppsFlyer’s latest anti-fraud technology provides near real-time protection against suspicious behavior on mobiles and anomalous activities. We spoke to Reshef Mann, CTO AppsFlyer, to familiarize with DeviceID Reset Fraud and how it poses big risks to mobile marketers that are yet to justify their investments in mobile marketing campaigns.
MTS: Tell us about your role at AppsFlyer and the team and technology you handle?
Reshef Mann: As the CTO and co-founder, I lead a great research and development team. AppsFlyer is a mobile attribution and marketing analytics platform, providing the world’s most advanced marketers with granular insight into which marketing efforts drive their mobile business growth. Our global teams work incredibly hard to make sure that the billions of data points we are processing in real-time all run smoothly and as expected for the marketers that count on these insights.
Recognizing the importance of marketing data integrity, we have developed a number of proprietary technologies and solutions that provide an enhanced, bulletproof layer of protection against fraud.
MTS: What is the foundational tenet of Device ID Reset Fraud?
Reshef: DeviceID Reset Fraud was born out of necessity. The tens of billions of dollars flowing through the mobile app marketing ecosystem hold incredible promise for unsavory characters looking to make a quick buck. However, as marketers have gotten better at protecting themselves against your run-of-the-mill click flooding, install hijacking and device farms, fraudsters needed to find new ways to tap into marketing budgets.
DeviceID Reset Fraud works well for most fraudsters because it hides fraud behind a fresh IP address, a fresh DeviceID, a real click, a real app install and even real in-app engagement. Resetting a DeviceID is pretty easy, and the payouts are very lucrative.
Protecting yourself against DeviceID Reset Fraud requires a massive database – one that already recognizes nearly every app capable device on the market – as well as machine learning that can quickly identify criminal DeviceIDs and publishers. Building this solution wasn’t easy, but the results have been very powerful.
MTS: What apps are most likely to open threat pools related to Device ID Reset Fraud?
Reshef: Tools apps on Android are hit particularly hard by DeviceID Reset Fraud, followed closely by entertainment, finance, gaming and shopping apps across both iOS and Android.
However, this is all at a macro level. Marketers need to remember that DeviceID Reset Fraud hits them extremely hard on both Android and iOS and across verticals. Advanced fraud tends to target regions with the lowest barriers to entry (weak protection against the fraud) and the best payouts (high CPI). With 1 in 10 marketing-attributed installs coming from fraud, there is a good chance that if you are investing in mobile growth, you are facing some serious loss to fraud.
MTS: Together with Ad Fraud, Device-based fraud would expose brands and advertisers to poor ROI? Doesn’t that pose a greater risk for mobile marketers who are yet to justify their campaign investments?
Reshef: While marketers today certainly take ROI into account, most optimize their spend based on upper funnel KPIs – installs, early activity and short-term retention. This “lean marketing” allows for faster insights and optimization. For example, we have seen fraudsters that clearly know day 3 retention matters, and are willing to engage the necessary 3 days before resetting their DeviceIDs and repeating. In the short-term, these spurts of engagement often fool marketers lacking the means to identify the DeviceID Reset Fraud.
Furthermore, marketers using “open” SDKs with exposed code are highly susceptible to fake in-app revenue event reports, which can easily indicate positive ROI when none in fact exists. In one recent example, a large bank discovered that over 50% of their alleged mobile deposit transactions had in fact never occurred. While the criminals were not able to actually withdraw funds, they had fooled the marketer into doubling down on fraudulent traffic for quite some time.
We have also seen many savvy marketers use their ROI reports as part of a monthly or quarterly review. While these marketers may discover that their short-term “leading indicators” of eventual ROI did not result in actual revenue, this realization often occurs weeks or months into their campaigns after tens of thousands, if not millions, of dollars have already been spent on fraudulent traffic.
MTS: How would the combination of machine learning and human intelligence neutralize the newly discovered threat in mobile marketing?
Reshef: There are many tasks optimally suited to machine learning, and others that are best addressed by real, human analysts. The optimal solution leverages both approaches to deliver comprehensive coverage. Machine learning is ideal for new pattern and anomaly recognition, optimizing models based on false positives and the like.
In the context of DeviceID Reset Fraud, the latest advances in machine learning are ideal for scaling and optimizing our fraud recognition solutions, where analysts are often limited by the sheer size of the data that must be crunched. On the flip side, analysts still serve an important role – both here at AppsFlyer, by monitoring the changes to protections made by our machine learning solutions, and at the marketing organization, by performing their own fraud analysis based on Protect360’s unique fraud indicators.
MTS: How do you see App tracking and audience targeting analytics converging to create a unified omnichannel user experience?
Reshef: The one constant in the omnichannel environment is the mobile phone. Nearly everyone has a personal mobile device within reach 24×7. Our phone is our digital identity – it is where we surf the net, engage with our favorite brands and more often than not, is with us when we shop, watch TV and commute to work. Marketers are leveraging this identity to build highly targeted and engaging campaigns and in-app experiences, in addition to retail and web experiences.
When a consumer or user says to a brand, “Hey, I want to install your app,” what they are saying is that they are ready for a deeper, more engaging and often longer-term relationship. They will carry your app in their pocket, hold it in their hand when watching TV and use it as both a first and second screen. Brands that are going to succeed over the next few years are those that succeed in mobile, bridging relationships and data into a broader omnichannel experience. We have only begun to explore the true power of mobile.
MTS: Thanks for chatting with us, Reshef.
Stay tuned for more insights on marketing technologies. To participate in our Tech Bytes program, email us at firstname.lastname@example.org