Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Why Fraud detection doesn't work


Published on

Everyone is paying for fraud detection, but without enough technical knowledge, they don't realize the fraud detection doesn't work or is easily tricked by the bad guys. So what's worse is that the people paying for fraud detection have a false sense of security and take their eyes off of the obvious fraud that is still getting through.

Published in: Marketing
  • Want to earn $4000/m? Of course you do. Learn how when you join today! ▲▲▲
    Are you sure you want to  Yes  No
    Your message goes here
  • Earn $500 for taking a 1 hour paid survey! read more... ♣♣♣
    Are you sure you want to  Yes  No
    Your message goes here

Why Fraud detection doesn't work

  1. 1. Why Fraud Detection DOESN’T Work June 2018 Augustine Fou, PhD. acfou [at] 212. 203 .7239
  2. 2. June 2018 / Page 1marketing.scienceconsulting group, inc. Despite using fraud detection… Launch Week 3 and beyondWeek 2 Initial baseline measurement Measurement after first optimization After eliminating several “problematic” networks Obvious fraud still gets through
  3. 3. June 2018 / Page 2marketing.scienceconsulting group, inc. After all flavors of“fraud filters” Obvious fraud still gets through; but we turned off manually early in the campaign
  4. 4. June 2018 / Page 3marketing.scienceconsulting group, inc. Conflict and bad measurement Incorrect IVT Measurement Source 3 - in ad iframe, badly sampled Sources 1 and 2 corroborate One agency sticks to fraud measurement company (that is owned by same agency holding company), despite proven errors in IVT measurement (due to sampling and tag being in ad iframe). Uses high IVT numbers to get refunds, which agency keeps as profit.
  5. 5. June 2018 / Page 4marketing.scienceconsulting group, inc. Bad guys actively trick measurement FAKE 100% viewability AD • Stack ads all above the fold to trick detection • Use code to alter the detection code
  6. 6. June 2018 / Page 5marketing.scienceconsulting group, inc. (2018) Code to trick measurement “the [malicious] code used by NMG is designed to interfere with the ability of third-party measurement systems to determine how much of a digital ad was viewable during a browsing session. This code manipulated data to ensure that otherwise unviewable ads showed up in measurement systems as valid impressions, which resulted in payment being made for the ad.” Buzzfeed, March 2018
  7. 7. June 2018 / Page 6marketing.scienceconsulting group, inc. Bad guys A/B tested their bots They know for sure their bots get through the filters and get marked as “valid” – they charge more for them. Selling “compliant” traffic
  8. 8. June 2018 / Page 7marketing.scienceconsulting group, inc. Blacklists/whitelists don’t work bid request cookie blacklist whitelist ✅ ✅ bid ad impression Pre-bid filters FRAUD DETECTIONPROGRAMMATIC SEQUENCE In-ad declared FAILS because everything is declared (i.e. easily faked) Lists rely on or compare against declared data, so they don’t work
  9. 9. June 2018 / Page 8marketing.scienceconsulting group, inc. Fraud filters don’t work Turning ON and OFF 4 different fraud filters resulted in NO DIFFERENCE in the heights of the red peaks (bots) or blue peaks (naked ad calls)
  10. 10. June 2018 / Page 9marketing.scienceconsulting group, inc. No better than manual, costs more 1.Fraud filters are no better than manual blacklists 2.In some cases, there’s MORE fraud when filter is on 3.Using fraud filters adds 20 – 24% to costs; manual blacklists are free
  11. 11. June 2018 / Page 10marketing.scienceconsulting group, inc. declared to be: Brand safety tech doesn’t work Pre-scanned Domain List In-ad tag Ad tags that are in the foreign iframe (different domain) cannot look outside the iframe. So they cannot read content on the site to determine brand safety. bad word porn terrorism hate Domain Placement Reports FAILS because it is not directly measured; relies on domain placement reports which have declared data.
  12. 12. June 2018 / Page 11marketing.scienceconsulting group, inc. Why it doesn’t work In-ad tag ad iframeBad word Bad content Bad word Bad content Basic browser security (no cross-domain)… … means tracking tags, riding along with the ad (in ad iframe) cannot read content on the page to do brand-safety measurements.
  13. 13. June 2018 / Page 12marketing.scienceconsulting group, inc. Entirely different measurements In-Ad On-Site ad tag / pixel (in-ad measurement) (copy and paste ad tag) Google Analytics BotAnalytics
  14. 14. June 2018 / Page 13marketing.scienceconsulting group, inc. Tag placement matters ... A LOT In-Ad (in foreign iframe) On-Site (on page) window sizes detected as 0x0 or 0x8 pixels correct window sizes for ads detected 0% humans 60% bots 60% humans 3% bots “fraud measurements could be entirely wrong, depending on where the tag is placed and where the measurement is done.”
  15. 15. June 2018 / Page 14marketing.scienceconsulting group, inc. Redirect traffic – not detected “this is bigger than ALL of the monthly pageviews of good publishers combined.” How much is available? a.k.a. “zero-click” “pop-under” “forced-view” “auto-nav”
  16. 16. June 2018 / Page 15marketing.scienceconsulting group, inc. Apps load webpages – not detected “fraud sites’ traffic comes from apps that load hidden webpages” Openly selling on LinkedIn
  17. 17. June 2018 / Page 16marketing.scienceconsulting group, inc. Legit sites incorrectly marked Domain (spoofed) % SIVT 77% 76% 76% 74% 72% 71% bid request passes blacklist passes whitelist ✅ ✅ declared 1. has to pretend to be to get bids; 2. fraud measurement shows high IVT b/c it is measuring the fake site with fake traffic 3. Fake gets mixed with real so average fraud rates appear high. 4. Real gets backlisted; bad guy moves on to another domain.
  18. 18. June 2018 / Page 17marketing.scienceconsulting group, inc. Fake sites/apps NOT detected com.dxnxbgj.mkridqxviiqaogw com.obugniljhe.fptvznqwhmcjm com.bpo.ksuhpsdkgvbtlsw com.rlcznwgouw.vvtexstbfttngc com.kasbgf.sbzwtgpcbjexi com.bprlgbl.vbze com.zka.lzhsoueilo com.alxsavx.mizzucnlb com.jxknvk.lrwfdfirdzpsw com.tvwvqbt.wbshaguqy com.iwnxtpahcu.leyuehdwdbb com.okf.rhvemtykfibzpxj com.obpmirzste.ldsjpv com.zmm.shmxvjxnsagndui com.nqzwr.leusrmpmsq com.rced.zcdsglptpdlwpu com.kerms.ehlsgnc com.cmia.iabhheltm com.skggynmtx.tyyjnwpefvqtll com.kgdtltnuv.hayvfhob com.ztzsiqg.dyojlxdscxws com.xlwuqe.ddrdhsuosbn com.rkrhmzee.wjcoznxu com.ebhzb.hbzvomzpcctovj Fake sites Fake sites Fake apps
  19. 19. June 2018 / Page 18marketing.scienceconsulting group, inc. “Verified” no different than control “Verified Bots” “Verified Humans” Control: No Targeting +$0.25 data CPM +$0.25 data CPM “verified bots” and “verified humans” showed no difference in quality to each other – AND both were no different than the control where no targeting was used.
  20. 20. June 2018 / Page 19marketing.scienceconsulting group, inc. Obvious fraud seen in analytics top 4 referrers – same exact pattern/data
  21. 21. “fight ad fraud with common sense” - stop wasting money on tech that doesn’t work - insist on detailed data and look at the analytics yourself
  22. 22. June 2018 / Page 21marketing.scienceconsulting group, inc. About the Author Augustine Fou, PhD. acfou [@] 212. 203 .7239
  23. 23. June 2018 / Page 22marketing.scienceconsulting group, inc. Dr. Augustine Fou – Independent Ad Fraud Researcher 2013 2014 Published slide decks and posts: 2016 2015 2017