Building better antifraud solution for mobile network

Image for post
Image for post

Our goal is to provide as much more insights as possible regarding the traffic and conversions we receive.

This information is really useful to understand the nature and quality of the inventory publishers drive to the campaigns.

What facts we are interested in when analyzing clicks:

  • Non-human traffic (bots, emulators, data center traffic etc.)
  • Hacked devices traffic (User has no intention for click, and probably even don’t see it)
  • Impression is not visible to user
  • Brand safety violation (adult traffic sent to non-adult offer, etc)

When analyzing conversions we want to know:

  • SDK spoofing (real event did not occur). Could be detected by analyzing CTIT distribution.
  • Bot conversions.
  • Click injection taking place (Conversion attributed to a different source).
  • Wrong attribution (ex.: organic traffic attributed to the partner)
  • Suspicious distribution of OS/Device versions.

Typically advertisers are using 3d party services to check conversions and clicks. Conversions are being checked without clicks information and vice versa.

Since we have all data in one place and have the technology which can process it in real time, we believe that we can perform facts extraction better and more accurately than 3d party platforms.

How do we test clicks:

  1. We pick data clusters from the click flow. Usually it is a combination of publisher and his sub source which is the common cluster when buying team making optimization decisions.
  2. Sample of this selected click flow is diverted to a special page where we perform detection of inventory. We sample approximately 1% of the click flow. Detection takes about 2 seconds and then the user is being redirected to the original link. Real users should not be affected much.
  3. We send back collected data to our server. If no postback received this is itself also counted as the fact of lacking page activity (usually bot traffic).
  4. Clicks and test results data are grouped together.

How do we test conversions:

  1. We compare conversion and click data we have. Any mismatch here is a red flag.
  2. Distribution of OS/devices is checked against normal traffic. We want to see some specific ratio of recent OS versions. If all conversions are from the same device type this is also a bad sign.
  3. Conversion IP addresses checked against bad reputation IP lists and also scanned for open proxy ports to detect possible VPN/Proxy.
  4. CTIT (Click to install time) compared with known normal values.


With all data we collect the following report is being created. Buying team analyzes it and makes optimization decisions.

Image for post
Image for post

Platform will give recommendations and calculate a fraud risk score. Some types of fraud are clearly visible with such data.


Using in house traffic analyzing tool all types of users gets better traffic insights.


  1. Advertisers can save their budgets by removing bad sources.
  2. Buyers can reduce risk of rejection and cut some click flow before it reaches the advertiser.
  3. 3d party tools cost could be saved by using inhouse tool.
  4. Inhouse data is transparent and more accurate.

We are Canadian startup building modern SaaS platform for mobile advertisers. Website:

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store