This week, mobile marketing platform AppsFlyer named Andreas
Naumann its -- and likely the ad industry's -- first anti-fraud evangelist. At least by official title, if not in actual practice.
Naumann says his main job will be taking the volumes of data
AppsFlyer sits on and using it to help educate the entire mobile advertising ecosystem, especially advertisers and agencies, because he believes that due to other complicating matters -- like
Apple and Google privacy-framework updates -- they have taken their eye off the ball.
While mobile ad fraud has not spiked during this period, it has grown steadily, and Naumann says he's
detecting some strange behaviors -- not just from apparent fraudsters, but from some advertisers themselves -- that the entire industry should be thinking about. The following Q&A drills into
that, and answers the question: Why has mobile become the biggest vector for ad fraud? (Hint, the answer is in the palm of your hands.)
Mobile Insider: To the best
of your knowledge, this is an industry-first role. Do you think it’s long overdue?
Andreas Naumann: I have been doing nothing but fraud detection and fraud
prevention since 2007, so I feel very at home in this space. But for much of the industry, sometimes fraud is important, and sometimes fraud falls into the background as other things become more
important.
Mobile Insider: The ad industry has always had bad actors who wanted to take advantage of it. Has mobile put ad fraud on steroids? There are just so many
potential vectors and technological innovation creating new opportunities for fraud. How do you stay on top of it?
Naumann: Research. With ad fraud, there’s
the things that you know and then there are the things that you know you don’t know, but want to look into. And then there are the unknown unknowns, which we usually stumble into finding out
about.
Mobile Insider: AppsFlyer has been doing a good job of shedding light on the problem, but are there new vectors emerging that we should start thinking
about? Is generative AI something we should worry about?
Naumann: I don’t see a lot of potential for mobile ad fraud from generative AI, just because
fraud schemes are deeply technical and you’d need to have a deep, technical understanding of how attribution works and how measurement works in order to manipulate the signals that would need to
be manipulated.
Generative AI is a lot more interesting when it comes to things like social engineering, creating fake profiles, getting trust that you shouldn’t be getting
from fraudulent parties.
Mobile Insider: I’m not expert on ad fraud, but I think of it as things like sophisticated invalid traffic, which sometimes comes from
fake user profiles and fake accounts being credited like legit accounts. Can’t this new generation of bots pose better than systems can detect them?
Naumann:
If you think about things like Twitter and Facebook accounts that are being generated out of available data and AI pictures of people that never actually existed, then yes. But in our sphere,
everything comes down to devices running software and that software communicating with other software through those devices -- so everything is very tied to the platform, the systems and the
underlying tech of mobile devices and their communication with a good server infrastructure, basically.
So there’s not really a way in for that. I mean, even if you used
generative AI to create a fake company with fake employees, I still think there are much easier ways to get your hands on an advertiser’s money without having to fake a direct partnership like
that.
The big thing that fraudsters leverage is the opacity in the ecosystem, where they can hide behind the direct partnerships. It’s never the networks that are the fraudulent party.
The networks are the medium between the fraudulent parties and the advertiser.
Mobile Insider: Yeah, there’s always an energy factor in advertising fraud: how
much energy does a fraudster have to put in, versus what they get out. Is is worth the squeeze? So what are the next new things you’re starting to think about mitigating for?
Naumann: Right now, I’m still learning the ropes of what the capabilities are [at AppsFlyer] and to be quite honest, that is going to take me some time, because
there’s a lot to look at: a ton for me to figure out. What my role is going to be for the next couple of months is, on the one hand, look a lot deeper into educating the market. Obviously, our
clients, but also speaking publicly and bringing attention back to fraud.
There’s this narrative that fraudsters go through constant evolution to beat the anti-fraud systems,
but in the anti-fraud space, nothing much has happened in the past two years, so the fraudsters really didn’t have to innovate, because the stuff they did two years ago still works today.
And if you want to be even more cynical about it, click-based fraud has been around since 1997, and it’s still quite lucrative. Obviously, there have been some evolutionary steps
within those fraud schemes and the fraudsters got better and more cost-effective, but the underlying technical problems are still the same ones that were being exploited years ago. They’re just
baked into the system of how the internet works.
Mobile Insider: So are we at an ad fraud equilibrium now? Will that status quo remain for some time?
Naumann: For some time, yes. I would argue that for the past couple of years, mobile advertisers were a lot more occupied with figuring out how iOS 14.5 works, and how the
new privacy world looks so they can run their campaigns. And fraud became somewhat of an afterthought.
And that goes through the entire ecosystem. The advertisers needed to figure it out. The
networks needed to figure it out. The agencies needed to figure it out. The measurement companies needed to figure it out. Everybody was scrambling. And when the Google Privacy Sandbox releases,
it’s probably going to be a similar thing, which means the fraudsters are having a much easier time, because people’s attention is divided right now.
Mobile
Insider: So we’ve taken our eyes off the ball?
Naumann: Exactly. It’s not by any fault of their own, but I want to make sure that we keep at
least a modicum of discussion going on around the topic of fraud and how we are dealing with it.
Mobile Insider: Given all that divided attention, why hasn’t
ad fraud gone up during this period? Is it that bad actors have gamed the system as much as they possibly could with the current system?
Naumann: We see what we see
and what we measure, and there’s going to be a new [AppsFlyer] fraud report in April. And for at least the period through 2022, the trend has been going up month to month. It’s nothing
drastic, but there has been a steady increase in what we’ve detected.
That also comes down to what we are able to detect and what we’re encouraged to detect, because not
all of our clients want to have fraud prevention. There’s also some advertisers that build their own attribution models that basically factor in the risk of ad frauds on their media mix.
Mobile Insider: So for some marketers, it’s part of their cost of doing business? It’s just baked in for them?
Naumann:
Exactly. And there also are some advertisers that have a strong incentive of leveraging what we would call fraudulent traffic by capitalizing on their organic influx in ways that they get users to
brand advertising through word-of-mouth. They capitalize it through paid media in order to show that they can get a higher amount of users into their app for a lower price, which makes them look more
attractive for investment.
Mobile Insider: That’s a first for me. I never knew there was an ancillary benefit from ad fraud for some marketers. It’s
weird, because it may not be fraudulent for them to do that, but they are benefiting from it.
Naumann: I have not encountered that from what I would call a
“mature” company. It’s for companies that are looking for a growth spurt.
Mobile Insider: That’s interesting to me, because I believe
everything in this industry falls on a spectrum from ethical to legal to illicit to illegal. Is there some meeting point between best practices, grey markets and black markets where legitimate
advertisers step over the line? Are there other unintended use cases like that -- permissible and legal and quasi-legitimate -- where advertisers benefit from ad fraud?
Naumann: Yes, because the incentive structures are what makes fraud happen. And there are very different kinds of fraud. And not all of them are like the black-hat hackers
that sit in a dimly lit room running a bot net. There’s a great variation, and some of them are legitimate businesses that are trying to diversify their revenue stream and it actually gets
through, because all the intermediaries between the actual fraudster and the advertiser are paying for it, so an advertiser might have an incentive to -- not become actively fraudulent -- but at least
not look too hard for it, right?
I mean, if you get 5% from all the traffic running through your system, and you are the one that cleans house, then you’re the one that looks
bad, because you’re the one getting the least amount of reach for the highest price. To put it in a nutshell, fraudsters are trying to convince the market that the attention and engagement of
legitimate human beings is an unlimited commodity that can be had at a very low price, which is not true.
That is the fallacy. The attention of a human being, especially for
advertising, is extremely limited. If you really want to grab the attention of a person who is an extremely rare commodity, it’s going to be expensive.
So anything offering 10x
the amount of attention for a tenth of the price is not a real deal. And that is something the entire ecosystem doesn’t want to confess to. I mean, I read about a branding campaign that
ran in the U.S. only, and it got 7 billion impressions in a week. How is that possible? And how is that a point of pride? You should be concerned about those numbers, but people aren’t.
Mobile Insider: I’d love to drill into that more, but we are out of time, so let me ask you one final question: Why is the mobile medium the biggest vector for
advertising fraud?
Naumann: Because it’s accessible. And you don’t need to have a laptop or a desktop. I mean, people are still afraid of computers, but
they all use their phone. So mobile, I think, is a computer in your pocket.