Fraud Kill-Chain User Guide
Overview
As the size of the digital advertising market has grown, the number of ad fraud practices that profit from malicious and deceptive advertisements has also increased. Through many years of service operation experience from 2013, when the service was launched, to the present, the DFINERY team confirmed that AD Fraud exists in the actual digital advertising ecosystem and also accurately recognized that its scale is significant. Ad Fraud, as defined by the DFINERY team, is a cybercrime that seeks financial gain by attacking the technical and policy weaknesses of digital advertising for malicious purposes .
The reason Ad Fraud is so scary these days is that it distorts performance indicators at a level that marketers are not aware of, causing them to waste advertising costs . In other words, they make you pay for fraudulent traffic created through clever tricks rather than actual user traffic. In order to proactively and systematically respond to Ad Fraud , a type of advanced cyber crime, DFINERY established a new fundamental system structure and developed a high-end Ad Fraud defense solution , Fraud Kill-Chain .
Multi-Layered Protection Suite against mobile AD Fraud
Fraud Kill-Chain refers to DFINERY technical and policy defense system to control Ad Fraud.Fraud Kill-Chain is not just the name of a feature. This brand mission was created to reflect the DFINERY team's strong will to block Ad Fraud by borrowing the term Kill-Chain, which refers to an actual military missile defense system. 팀은 를 대응하기 위한 모든 기술적, 정책적 요소를 지속적이고 적극적인 입장에서 개선해 나갈 것이며, 공고한 을 구축해 나갈 것
The Fraud Kill-Chain feature is available as a subscription service. Please contact the DFINERY team for more details.
Why Fraud Kill-Chain is Powerful
Sub Publisher Level can be set
Combined with the Ad Campaign concept Fraud Kill-Chain basically allows you to set Ad Fraud defense rules at the device type, traffic type, and media partner level, and can also be controlled at the Sub Publisher Level, a level that cannot be provided by general attribution solutions. can. For example, Ad Fraud defense rules should not be applied to channels where relatively genuine traffic can be expected (email, SMS, company webpage, etc.), but the rules should be applied to types of media where fraudulent traffic is likely to exist. Ad Campaign structure and Fraud Kill-Chain function This is an example of good use of .
Supports Ad Fraud Index report
Fraud Kill-Chain helps you evaluate media quality after executing an advertising campaign by providing a dashboard report for each Ad Fraud defense function . The reason the Ad Fraud Index is important is because it can be used as a very important decision-making indicator in the media selection stage for additional advertising campaigns. After applying each function provided by Fraud Kill-Chain, check the frequency of Ad Fraud to establish an objective media strategy and run a successful advertising campaign.
Blocks Ad Fraud in Real-Time
Each function provided by Fraud Kill-Chain operates in real time. By determining Ad Fraud at the traffic inflow stage and supporting report results and postbacks, confusion caused by time differences is reduced. In addition, by introducing a real-time alarm system, Ad Fraud that is currently occurring can be monitored and controlled. Control performance-impeding factors in real time and save money wasted on Ad Fraud.
Fraud Kill-Chain Solutions by Ad Fraud Type
DFINERY provides systematic Ad Fraud defense to control fraudulent traffic. This guide explains each function to respond to Ad Fraud at the ad touch (impression, click, etc.) stage when the user engages in advertising to Ad Fraud in the form of attacking the tracking SDK.
Fraud Kill-Chain solutions for each Ad Fraud type are as follows.
| Ad Fraud | Fraud Kill-Chain | detail |
note |
| Unintended Traffic | Traffic Control | If traffic generated during the ad-touch stage or the open and in-app event stage does not match the conditions set, it is considered Ad Fraud and controlled. |
- |
| Click Injection | CTIT(Click Time to Install Time) Rule | Traffic in a specific CTIT section is treated as Ad Fraud and controlled. | - |
| Click Injection Prevention with Google Play | Through the Google Install referrer API, clicks between app installation and execution steps are considered Ad Fraud and controlled. (Applies only to apps released on Google Play Store.) | This item is automatically applied when linking API. Applicable only to apps released on the Play Store (For Android) | |
| Click Spamming | Impression Frequency Capping | Ad participation with the same ad impression that occurs within the set time is controlled so that it does not affect attribution. | To be updated |
| Click Frequency Capping | Ad participation by clicking on the same ad that occurs within the set time is controlled so that it does not affect attribution. | To be updated | |
| Device Conflict | Prevent device model and OS version information conflict between ad touch and installation | If the device model and OS version information collected during Ad Touch do not match the device information collected during installation , it is considered Ad Fraud and is controlled. |
Additional settings: You may also not allow it when device model and OS version information is unknown. (about 20%) |
| Country (IP-based) conflict protection for ad-touch and installation | If the Country (IP) collected at the time of AdTouch and the regional information collected at the time of installation do not match , it is considered Ad Fraud and is controlled. | Additional settings: You may not allow it even if the Country (IP) information is unknown. (about 8%) | |
| Defense when device model and resolution are different | If the collected device model information and the official resolution do not match , it is considered Ad Fraud and controlled. | Additional settings: Defense even when device model is unknown | |
| Black List | First-Party Black List | Traffic included in the blacklist information directly added to the Fraud Kill-Chain Asset is considered and controlled as Ad Fraud. |
- Publisher(Site) ID
- ADID (Advertising IDs) -IP Address |
| Spoofing | iOS SDK DSK (Dynamic Secret Key) verification | Traffic that does not meet the SDK security (Dynamic Secret Key) rules is treated as Ad Fraud and controlled. | Automatically applied when linking the latest SDK |
| Android SDK DSK (Dynamic Secret Key) verification | Traffic that does not meet the SDK security (Dynamic Secret Key) rules is treated as Ad Fraud and controlled. | Automatically applied when linking the latest SDK | |
| iOS - Store Validation | If there is a violation in the mutual verification stage through The Apple install receipt data and In-app purchase validation, it is considered Ad Fraud and controlled. | To be updated | |
| Android - Store Validation | If there is a violation during the mutual verification step through in-app purchase validation, it is considered Ad Fraud and controlled. | To be updated | |
| Server To Server Verification | Traffic is verified using items directly linked between the DFINERY server and the customer's server, and if there is a violation in the mutual verification stage, it is treated as Ad Fraud and controlled. | Requires linking to customer server |
How to check settings and reports for each Ad Fraud type
Please refer to the guide below to learn how to set up and check reports for each Ad Fraud type.
- Go to the Traffic Control Settings Report Check Guide
- Click Injection defense settings and report confirmation guide
- Click Spamming defense settings and report confirmation guide
- Go to Device Conflict defense settings and report confirmation guide
- Go to the Black List (First-Party) defense settings and report confirmation guide
- Go to the spoofing defense settings and report confirmation guide