Fraud Kill-Chain User Guide
Overview
As the digital advertising market size grew, the act of AD Fraud which gains profit from malicious and fraudulent advertisement, has grown rapidly. Based on multiple years of service operation since 2013 the year we launched the service, adbrix team has confirmed the existence of ad frauds in the digital ad environment, and recognized the size of them was huge. The adbrix’s definition of AD Fraud is a cyber criminal activity attempting to generate financial benefit by attacking the technical and political weakness of digital ads.
The reason why AD Fraud is threatening is that it distorts the performance indices without noticing the marketers, thereby leading to waste the marketing budget. This means that marketers pay for the fraudulent traffic which is not real user traffic. To proceed with active and systematic countermeasures against advanced cyber crime, AD Fraud, adbrix has reconstructed the fundamental of system, developing high-end level defence mechanism named Fraud Kill-Chain.
Fraud Kill-Chain
Multi-Layered Protection Suite against mobile AD Fraud
Fraud Kill-Chain means technological and political defense system of adbrix to control the AD Fraud. Fraud Kill-Chain is not a simple name of a feature. We have borrowed the name ‘Kill-chain’ from the military missile defense system to become our brand name, and this shows the strong will to eradicate the AD Fraud. Team adbrix will constantly develop the technology and policies to respond to the AD Frauds, constructing solid Fraud Kill-Chain.
Fraud Kill-Chain is provided on a subscription basis. For further inquiry, contact adbrix team.
Why Fraud Kill-Chain?
Sub Publisher Level Setting
The Fraud Kill-Chain combined with the concept of AD Campaign can set the AD Fraud defense rules based on device type, traffic type, media partner, and even sub-publisher level to control the mechanism. For example, you can exclude the AD Fraud defense mechanism for the channels with relatively loyal users like e-mail or SMS, and apply the defense rule to the media with possible frauds.
AD Fraud Index Report
After the campaign, Fraud Kill-Chain provides the dashboard report on each type of AD Fraud defense to support evaluating the quality of media. The reason AD Fraud Index is important is that it can be utilized as an index for a critical decision making in the step of media selection for ad campaigns. After the application of each features provided by Fraud Kill-chain, check the frequency of AD Frauds to build objective media strategy and manage successful ad campaign.
Real-time AD Fraud Detection
All features provided by Fraud Kill-Chain are in real-time basis. The system distinguishes AD Frauds in the step of traffic inflow to provide report results and sends post-back, and this lessens the complication arising from time differences. Also, by onboarding real-time alarm system, you can monitor and control the concurrent AD Frauds. Save the wasted costs by controlling the factors slowing down your performance in real-time basis.
Fraud Kill-Chain solution by AD Fraud types
AD Fraud defense system to control fraudulent traffic is provided by adbrix. This guide explains the type of fraud from ad-touch(impression, click, etc.) which user gets involved with the campaign to type of fraud which attacks the SDK directly.
Fraud Kill-Chain solutions for each type of AD Fraud are as following:
| AD Fraud | Fraud Kill-Chain | Explanation | Information |
| Unintended Traffic | Traffic Control | Distinguishes as AD Fraud if the traffics from the ad-touch or in-app events do not comply with the fraud rule you set. | - |
| Click Injection | CTIT(Click Time to Install Time) Rule | Regards the traffics from certain CTIT range as AD Fraud and controls them. | - |
| Click Injection Prevention with Google Play | Regards the clicks generated in between the app install complete and app open as AD Fraud with Google Install referrer API. (Only applicable for the apps in Google Play Store.) | Applies automatically when integrated with API, and it is only applicable for Play Store(For Android) apps. | |
| Click Spamming | Impression Frequency Capping | If ad impression is generated multiple times within the certain set time, control them not to affect the attribution. | To be updated |
| Click Frequency Capping | If ad click is generated multiple times within the certain set time, control them not to affect the attribution. | To be updated | |
| Device Conflict | Defends the conflict between the ad-touch and install device model and OS version | Regards as AD Fraud if the collected information of device model and OS version in the ad-touch does not match with the information collected in the install. | Option: You can exclude the traffic if you cannot know the device model and OS version information. (About 20%) |
| Defends the conflict between the ad-touch and install device’s Country(IP based) | Regards as AD Fraud if the collected information of device country(IP) does not match with the information collected in the install. | Option: You can exclude the traffic if you cannot know the country(IP) information.(About 8%) | |
| Defends if devices models have different resolution. | If collected device information does not match with certified resolution, regard them as AD Fraud. | To be updated | |
| Black List | First-Party Black List | Regards the first-party traffics directly included in the blacklist in Fraud Kill-Chain Asset. | - Publisher(Site) ID- ADID(Advertising IDs)- IP Address |
| Third-Party Black List | Regards the third-party traffics included in the Fraud Kill-Chain Asset. | To be updated | |
| Spoofing | iOS SDK DSK(Dynamic Secret Key) Examination | Regards the traffics which does not meet the SDK security (Dynamic Secret Key) rule as AD Fraud. | Applies automatically when integrated with the latest SDK. |
| Android SDK DSK(Dynamic Secret Key) Examination | Regards the traffics which does not meet the SDK security (Dynamic Secret Key) rule as AD Fraud. | Applies automatically when integrated with the latest SDK. | |
| iOS - Store Validation Examination | Compares and matches the Apple install receipt dat and in-app purchase validation, and if fails the test, regards as AD Fraud. | To be updated | |
| Android - Store Validation Examination | Regards as AD Fraud is it fails the mutual examination steps through in-app purchase validation. | To be updated | |
| Server To Server Examination | Examines the traffic directly between the adbrix server and client server directly integrated, and if the traffic fails the test, regards them as AD Fraud. | To be updated |
AD Fraud rule setting and report setting
Please refer to following links to learn more about AD Fraud rule settings and report settings.