DeviceID重置作弊：移动应用营销人员面临的新威胁（英文版）.pdf

DeviceID Reset Fraud: The New Threat to Mobile App MarketersSeptember 2017Key Findings16 of the top 100 networks are significantly exposed, with over 20% of installs coming from DeviceID Reset FraudNewly-discovered DeviceID Reset Fraud is costing advertisers $1.1-$1.3 billion annually - accounting for more than 50% of all app install fraudWith DeviceID Reset Fraud,1 in 10 non-organic installs is fraudThis type of fraudis equally rampanton iOS and Android Mobile Advertising Setto Overtake DesktopMobile Ad Fraud Is Rapidly Evolving When big budgets started pouring into the mobile advertising industry, fraudsters quickly followed the money trail. As the industry started paying attention and fighting back, bad actors adapted, and fraud became more advanced and harder to detect. Newer types of mobile ad fraud surfaced, attempting to trick attribution providers by stealing organic or non-organic users through methods such as click flooding, malware-based clicks, or install hijacking.2017 Global Spend Forecast$99.3B $97.4BWhat we found might be shocking, even for savvy mobile app marketersWe Discovered A New Type of Advanced Fraud, On A Massive Scale Shortly after launching DeviceRank a year ago, we began diving deeper into studying mobile device-based fraud to better understand this hidden phenomena.Our latest finding is DeviceID Reset Fraud bad actors using phone farms to reset their DeviceIDs in between each app install on a massive scale, generating a colossal amount of fraudulent traffic that bypasses all other anti-fraud technologies. DeviceID Reset FraudBad actors reset their DeviceIDs between each install at scale, generating a massive amount of traffic from New DeviceIDs while bypassing most real-time anti-fraud protection measures1. Click an ad3. Reset DeviceID 2. Download andEngage with appThe Danger of DeviceID Reset FraudDeviceID Reset Fraud is a particularly sneaky type of fraud because it is seemingly legitimate app install activity. Fraudsters utilize real clicks on real ads, to create real installs and engagement from real devices - all of which are perpetrated in phone farms. These actions are repeated at scale through DeviceID reset marathons, or by hiding behind the “Limit Ad Tracking“ setting (on iOS devices). So while the app install and engagement activity appears to be real, none of it has any actual value to advertisers or the apps growth. On the contrary, it is highly detrimental. DeviceID Reset FraudJanuary-August 2017Duration550Media Networks9,000+Apps1.1 BillionApp Installs Sampled GloballyMethodology DeviceID Reset Fraud RateWe divided the number of fraudulent installs driven by DeviceID resets, by the total number of non-organic installs. The data was then sliced by different parameters (Operating System, geographic region, media source, and app category).DeviceID Reset Fraud Economic ImpactTo calculate the amount of money lost to DeviceID Reset Fraud we multiplied the average weighted cost per install globally (based on 50 million installs with cost data from over 100 networks), by the number of fraudulent installs. To reach an overall market figure, we then factored AppsFlyers market share to encompass the entire app marketing ecosystem. Based on AppsFlyers Scale of DataBillionDevices Mobile Attribution Market Share, Globally 4 60%$1.1-$1.3B Lost to DeviceID Reset FraudDeviceID Reset Fraud Made Install Fraud More Than 2x Larger Than We ThoughtDeviceID Reset Fraud is responsible for over half of mobile app install fraud. It will cost advertisers an estimated loss of a staggering $1.1-$1.3 billion in 2017, globally.Marketers have been looking at click patterns and install validation to detect fraud. By ignoring device-based fraud, marketers remain exposed to over 50% of mobile app install fraud.Distribution of Mobile AppInstall Fraud by TypeDeviceID Reset FraudOrganic Installs Hijacked by MalwareOrganic Installs Hijacked by Click FloodingKnown Device-Based FraudNon-Organic Installs Hijacked by MalwareNon-Organic Installs Hijacked by Click Flooding10%$2.2-$2.6B Lost to App Install FraudAll paid (non-organic) installsShare of Non-OrganicFraudulent InstallsWith DeviceID Reset Fraud, 1 in Every 10 Non-Organic Installsis FraudNearly 10% of all non-organic installs are fraud. This means that out of every dollar spent on mobile advertising, 10 cents go directly out of your budget and into the pockets of fraudsters. Advertisers will lose an estimated $2.2-$2.6 billion to app install fraud in 2017.Share of Financial Loss Per Region Out of Total Global DeviceID Reset FraudDeviceID Reset Fraud Hits EverywhereAcross the GlobeThis new type of fraud isnt limited to a specific country or region. Fraudsters mainly target countries where there is a high CPI payout. In addition, DeviceID Reset Fraudsters target regions with a high volume of campaigns and users, in order to seem genuine and remain inconspicuous to advertisers and networks expecting traffic in these areas.For example, while in North America and Western Europe the volume and payout are both high, Southeast Asia has a lower than average payout, but a very high volume of users, so that region is still very attractive to fraudsters. Region Share by RegionNorth AmericaWestern EuropeSoutheast AsiaNorth Pacific AsiaIndian SubcontinentEastern EuropeLatin America33.6%17.1%14.5%12.3%6.0%4.8%4.0%