When you’re playing games or using an application on your mobile phone device, it doesn’t just run smoothly but also show you products or services you might be interested in, these are called mobile ads (advertisements). Now-a-days, this is so common that application developers are getting more creative about accommodating them, because they have proven to be a huge industry in themselves. According to Zenith Media, Media Company, out of the global ad market, one third the size accounts for the mobile ad market, which is a multi-billion dollar industry, estimated at about 187 billion USD. But like every other industry, it has threats which tend to steal and leak money out of it, this is called Mobile Ad-fraud. It impacts and undermines the entire ecosystem of App markets and victimises not only the users but also the publishers of the apps.

This mobile ad fraud leads to loss of revenue to the marketers. According to the Google Ads website, mobile ad fraud can lead to a loss of revenue in tune of 9-20% of the annual market budget for global mobile advertising. In the proceedings of the ACM conference on Computer and Communications security, it was revealed that the world’s largest botnet which is operated by ZeroAccess makes a hundred thousand US Dollars every day via ad fraud. To prevent this apps with abusive behaviours resulting in mobile ad fraud are actively identified by Google Android Security to protect users. Additionally, to protect its users from ad fraud, a developer policy denouncing abusive ad libraries for their excessive monetisation regarding mobile ads has been published by Google Play Store

By now, it is pretty evident how big the mobile ad industry is and with it another multi-billion ad fraud industry is also emerging. To understand the concept of mobile ad-fraud let us first understand the mobile ad ecosystem and then delve deeper into mobile ad-fraud.

Mobile Ad-ecosystem

One of the most popular way of monetising mobile applications is by serving ads. A hosting app displays ads which are embedded in a library which in turn is integrated by the app developer in the mobile app. AdMob, an ad library managed by Google, is used by an estimated 56% of Android applications in Google Play Store. Hence, it is safe to say that usage of mobile ad libraries is quite common.

Let’s now look at the major parties who make up this ecosystem, they include: an ad service provider, an advertiser and a publisher.

1. An ad service provider bridges the gap between the publishers’ need to offer ads and the advertisers’ need to showcase their ads to a bigger audience, which provides great exposure to the advertisers. The services of an ad service provider also offers an ad library for publishers to include. After a library is embedded by the service provider, it goes and fetches ads from the service provider which are eventually displayed at the user’s screen. An impression constitutes each ad rendered, which usually means each video or an image displayed/rendered one time.
   

2. The advertiser or agency designs the ad which is to be displayed for the target audience. They request the ad service provider for launching their ad campaigns.
   

3. A publisher is the app developer who integrates an ad library, which is managed by an ad service provider, for monetising their app.

Ad service providers charges advertisers on various ways, the three representative ways of billing are (1) Cost-Per-Mile (CPM) which is charged for ad-impression (2) Cost-Per-Click (CPC), for user clicks (3) Cost-Per-Install (CPI), for app installs.

Mobile Ad Fraud

Mobile ad fraud refers to generation of fraudulent revenues by operations that generate unwanted ad traffic by the means of clicks, conversions and ad impressions. This article will now talk about how mobile ad fraud can hurt advertisers and app publishers.

Types of ad fraud that typically affect advertisers and ad publishers are as follows:

1. Invalid traffic :

This is the most common form of fraud. In this type of fraud, scammers tend to mimic genuine traffic to earn money illegitimately instead of ads reaching the data-rich traffic of high quality. Several tactics are used at once to make the traffic appear as genuine as possible.

2. Ad Stacking :

A user might only see one ad but the predator stacks multiple ads one below the other. But, regardless of the position of the ad in the stack, all of them are paid for by the advertisers.

3. Bots :

Some bots are malicious that range from simple to sophisticated and some aren’t necessarily fraud, which act as general invalid traffic. But these can be used for creating fake installs, traffic or clicks.

4. App Spoofing:

In this type of fraud, the ad might end up appearing on apps which might not be deemed brand safe i.e. the ad appears on a different app than what the advertisers paid for. This is done when a fraudster app sends a fake bundled ID to display itself as a premium app to the advertiser.

5. Click fraud :

Fraudulent operations generating illegitimate clicks which consume the marketing budget of an advertiser are called click fraud, the advertiser is exploited. The main objective of the publisher and service provider for doing such a fraud is that it helps in manipulating and inflating their cost-per-click (CPC) prices by promoting a misleading cost per click. The adversary could be an ad service provider, or a competitor of a targeted advertiser, or an abusive publisher. This adversary depleted the ad budget by recruiting a botnet network to click ad impressions of a targeted advertiser. The success of a click fraud is dependent on generating click URL requests, which should target an ad service provider which accepts and counts the clicks towards the billing of a target advertiser.

6. Impression fraud :

Before understanding this type of fraud it should be known to the reader that the key requirement of mobile ads for charging advertisers is to render ad impressions. The advertisers are charged usually by the number of impressions rendered. This fraud is said to have been committed when a predator creates invisible ads by making them tiny or hides ads under visible elements on the screen. These are very sneaky ads placed on the screen which send ad impression requests, that lead to advertisers being charged and no ad impressions are exposed to users. This method is kind of similar to ad stacking.

Thus, it can be concluded that there are many ways of implementing ad fraud: (a) when there is no understanding but necessary deception, a large number of users are lured into clicking and interacting with unwanted ad impressions, this is usually done when the predator dupes users into genuinely clicking ad impressions, thus generating admissible click URL requests from users’ devices (b) when there is an understanding of how the ad service provider generates an admissible click URL request, the attacker sends a vast volume of click URL requests that a target ad service provider accepts by leveraging his own botnet networks.