Fraud Risks in SKAdNetwork
Ad fraud problems are widespread today. We detect ad frauds such as click spamming, install farm, click fraud as Interceptd. As a result of the analysis made with various ad fraud detection tools, frauds can be prevented by eliminating these problems.
Fraud Scenarios in SKAdNetwork
- Changing the return before it reaches the advertiser:
Signature and transaction ID are for such cases. However, both can be skipped. The transaction ID can be used multiple times. The solution is to return the post to the advertiser.
- Replacing Apple with a false attribution decision at the device level.
The SKAdNetwork attribution protocol offers limited data and campaign ID for measurement or optimization.
Device interaction time indicators are significant for measuring click time and setup time. Without these measurements, normal user behavior trends cannot be constructed.
Interceptd tries to protect our advertisers from this type of fraud by analyzing potential vulnerabilities.
Click flooding is filling the advertiser with click fraud reports. These clicks can be when someone downloads the app on their own, or the user clicks after viewing another publisher’s ad.
SKAdNetwork provides credit for downloads from the Apple App Store. When the user clicks on the publisher’s ad, the publisher sees the in-app store page. The App Store page view is reported as a click by the SK protocol. When the app is downloaded and launched from the App store page, this download is associated with the publisher’s app. It can trigger the App Store page to appear without a user’s ad click. So, it can generate a click fraud report. This flow can be manipulated in this way.
The app store page can be triggered multiple times without ad clicks, creating a click flooding effect.
Fake Install Farming
It is used for mobile app install farms, mobile upload, and interaction fraud. These install farms are physical locations filled with real mobile devices. Generally, by changing the IP addresses, the process develops over the campaigns in regions where there are profitable payments.
It can be done with SKAdNetwork. SKAdNetwork has discontinued IDFA, but Apple account ID can still be used for measurement purposes.
By resetting the Apple account ID, it is possible to create multiple fake users on one device. When using a jailbroken device, you eliminate the need to use a broadcaster app without generating click spamming.
The SK protocol logs all clicks on an internal device database and enables you to create a fake app-like environment connected to the ad networks server. The fraud app environment you created can then add the click details to the CB’s database. That way, it can fool iOS into thinking that a real mobile app does the click. Also, with such devices, fraudsters provide the ability to programmatically control the SC timer through the created fake app environment. Since this manipulation occurs on the device with no time data, the advertiser does not know that the schedule has tampered with.