Fraud Kill-Chain : Event Verification
Introduction
This document is for the Server to Server Event verification to prevent and defend against SDK Spoofing in DFINERY.
What is SDK Spoofing?
SDK Spoofing is hacking the server protocol in DFINERY SDK and sending a false SDK event (Sign up, level up, purchase) to the DFINERY server to make fake ad performance.
Fraud Kill-Chain : Server-to-Server Event Verification
- The DFINERY Fraud Kill-Chain Detecting fake SDK events using confirmation with the client-server that event actually happened.
- Set the events for the confirmation between client-server and DFINERY. In the confirmation, both use a certain key to verify the request.
- If the client-server does not verify the event, DFINERY will define this event as SDK spoofing.
Setting
To set a Server to Server Event Verification move to next menu.
- Attribution - Fraud Kill-Chain Settings - Server to Server Verification
Verification method and Settings
a. Name
Set a name of this Event verification
b. Endpoint
Set a URL for Event verification request.
c. Target Events
Set an event for verification. Events that integrate with DFINERY SDK will be shown in the list.
d. HMAC SHA-256 key
This UUID-formatted key is used to authenticate Event Verification data transmitted by the definer. Through this key, the authenticity of the Event Verification data transmitted by the DFINERY can be verified.
[[보통:인용:경고]]How to verify the request.
- When requesting verification, the value for validating the data is transmitted as the "ABX-HASH" value in the HTTP header settings.
-The "ABX-HASH" value is the result of HMAC SHA256 encryption of the HTTP request body using the issued encryption key with BASE64 encoding.
- If the "ABX-HASH" value sent by the DFINERY and the value generated by the verification server using the same method are different, it should be considered as an incorrect access and treated as a verification failure.
e. Http Method
This is the method used by the DFINERY to send requests to the verification server. Only POST method is supported.
g. Success Code
This is the verification server will return when the verification request sent by the DFINERY is not Fraud. If a code other than the one set here is returned, the definer will consider it Ad Fraud.
h. Success Message
This is the HTTPS response message that the verification server will return when the verification request sent by the DFINERY is successful. The message does not affect the verification result, but this can tell you fraud reason.
i. Template
This is how the definer constructs the data to be sent to the verification server. It is constructed in the form of key=value.
Template Macro list
Device
| Index | Macro | Note | Example |
|
Device |
{req.common.identity.adid} | Device ID (Google GAID /Apple IDFA ) | 0fa27c1e-9378-4d1c-8f01-118e094240e5 |
| {req.common.identity.gaid} | Google GAID | ||
| {req.common.identity.idfa} | Apple IDFA | ||
| {req.common.identity.idfv} | Apple vendor ID | ||
| {req.common.identity.ad_id_opt_out} | Adblock info | FALSE | |
| {req.common.device_info.os} | Device OS version | 6 | |
| {req.common.device_info.model} | Device Model name | modelmodel | |
| {req.common.device_info.vendor} | Device manufacturer | samsung | |
| {req.common.device_info.resolution} | Device resolution (landscape x height) | 800x600 | |
| {req.common.device_info.is_portrait} | Device Orientation | FALSE | |
| {req.common.device_info.platform} | Device Platform (iOS / Android) | 1 | |
| {req.common.device_info.network} | Device Network type | network | |
| {req.common.device_info.is_wifi_only} | Device cellular data support | FALSE | |
| {req.common.device_info.carrier} | Device Carrier | skt | |
| {req.common.device_info.language} | Device Language | kr | |
| {req.common.device_info.country} | Device Country | ko | |
| {req.common.build_id} | Device build_id | 1 |
Server
| Index | Macro | Note | Example |
| Server | {req.common.a_ip} | Click ip data provide by DFINERY | 14.33.77.170 |
| {req.common.a_fp} | Click fingerprint data provide by DFINERY | Android 7.0:LG-F800L:14.33.77.170 | |
| {req.common.a_country} | Click country code provide by DFINERY | kr | |
| {req.common.a_city} | Click city data provide by DFINERY | suwon-si | |
| {req.common.a_region} | Click province data provide by DFINERY | gyeonggi-do |
App
| Index | Macro | Note | Example |
| App | {req.common.package_name} | Android package name / Apple bundle ID | com.dfinery.v2 |
| {req.common.appkey} | DFINERY Appkey | 6aE6E7OO5EOsw35P8vCHtQ | |
| {req.common.sdk_version} | DFINERY SDK version | 1.1.1 | |
| {req.common.installer} | Installer info | ||
| {req.common.app_version} | App version | 1.0.0 |
Event
| Index | Macro | Note | Example |
| Event | {req.evt.event_name} | Event name | abx:sign_up |
| {req.evt.group} | Event group | abx | |
| {req.evt.event_datetime} | Event datetime | 2019-06-25 02:31:43.603 | |
| {req.evt.event_timestamp} | Event timestamp | 1561429903 | |
| {req.evt.event_timestamp_d} | Event timestamp with millisecond | 1561429903.60351 | |
| {req.evt.param_json} | Event Parameter(json type) |
Event property JSON(Recommend use HTTP POST) |
|
| {req.evt.user_properties_json} | UserProperties parameter (json type) | JSON data set by SetUserProperties API |