• by Laurie Sullivan  @lauriesullivan, February 28, 2019

Moat Analytics, an Oracle Data Cloud company, has earned accreditation from the Media Rating Council (MRC) for its ability to detect and filter sophisticated invalid traffic (SIVT) such as the ad fraud generated by bot networks in mobile apps. 

The accreditation, announced Thursday, was earned by successfully completing an audit of its technologies, systems, and processes by independent CPAs working with the MRC.

Oracle has not always had the ability to detect ad fraud. The Dyn acquisitions in 2016 gave Oracle insight into DNS performance, and the acquisition of Moat in 2017 provided insight into digital ad measurement.

The acquisitions gave the company an expertise in ad traffic and fraud, said Eric Roza, senior vice president at Oracle Data Cloud. “It enabled us to uncover the DrainerBot fraud, as well as earn the MRC accreditation for apps,” he said.

Americans spent more than 3.5 hours per day using their smartphones and tablet devices on average in 2018, with 88% of that time in apps, rather than mobile web browsers, according to eMarketer.

Oracle last week announced the discovery of DrainerBot -- a mobile ad fraud operation distributed through millions of downloads of infected consumer Android apps -- its first instance in uncovering an ad fraud ring.

Infected apps could consume more than 10GB of data per month by downloading hidden and unseen video ads, potentially costing each device owner a hundred dollars per year or more in data overage charges.

“We’re looking at other ways to detect fraud [across Oracle], but nothing to announce today,” Roza said.

Detecting in-app fraud is a bit tricky. “The mobile environment enables code to act more flexible than JavaScript in a browser,” said Dan Fichter, vice president of software engineering at Oracle Data Cloud and former CTO of Moat.

Fraud compromises the intimacy that brands gain with consumers on mobile devices.

For starters, users close web browsers and the code stops running, but most people leave their mobile apps open and the code continuously runs in the background. On desktops there is only so much code can do, but in mobile apps the code and SDKs have flexibility to run a range of behaviors, Fichter said.

The move by Oracle to detect ad fraud not only helps internal operations, but brands and other companies as well. "Ad fraud is only the tip of the iceberg for larger internet security challenges," Fichter said.