Types of Mobile App Install Frauds – Are you being duped?


Mobile marketing (apps specifically) is one of the top hot talks of the town as mobile is the next generation of online marketing due to increased no. of smart phone users all across the world. Since most of the time people use their smart phones instead of the desktops hence it becomes very important for the advertisers to stay ahead. While the mobile marketing/advertising has increased however the frauds happening all around have also equally cropped. So I will be talking about Mobile App Install Frauds in this post, as the title suggests.

Although frauds have been there since the start of online or digital marketing and various actions/measures have also been taken to circumvent the same yet fraudsters have been ahead of all the technologies & have tricked to do frauds. So let’s discuss what are types of frauds happening in mobile marketing (specifically apps) and what are the measures we can use to identify the same & circumvent it.

Types of Mobile App Installs Frauds

Fake in-App Purchases

  • What is Fake in App Purchase? fake in-app purchase is faking the in-app purchase transaction utilizing some tricks where in a transaction receipt is sent back to the server confirming a transaction has taken place where as there is no actual purchase has happened. Such type of fraud is instigated by users who are willing to stay ahead in the market or want to stay ahead in competition with other users (free to play games). Such type of fraud does not happen on a very large scale but it can lead to skewed performance matrices of the advertiser.
  • How does it happen? Basically app is tricked to send a request to proxy server instead of the the server of app store provider using a proxy server which acts as the genuine source of receipt, is sent by the user who is playing game which is considered as confirmed transaction. This is also tricked by hijacking the API and sending the cracked code by the hijacked mobile device to the server as if the request has come from app store.
  • How to Circumvent it?  It is very important to circumvent such situations wherein the business may be at risk. It can be stopped using server to server receipt verification method wherein app developer uses his own server instead of using app store server to verify the transactions. It has to be done in real time whenever a transaction is recorded. By using this method user can’t fake transaction.

Fake Installs Through Fraudulent Data Center Traffic

This is one of the most used methods and probably makes a large pie of the fraud happening around.

  • What is Fraudulent Data Center Traffic? Such type of fraud is one of the most unethical and one of the most misleading as well as loss making fraud because there is no real install in such type of fraud. So you see 5 installs in your report but none of these are actual ones as there are no real users.
  • How does it happen? Publishers making such type of frauds basically identify the structure of the http call or request where in the information is passed. They identify the complete string of the URL which is used by the app developer or ad network. They exploit this forging installs. They use mobile simulator softwares and datacenter traffic to make fake calls to server as server only identify the string of parameters irrespective where it has come from & hence counts it as an install.
  • How to identify & circumvent such Fraud? There are some matrices in reports an advertiser or ad network may have a look at. Which are as under:
    • IP address: IP addresses will have very limited range if you look at multiple installs. There will be many duplicate IPs in case of such fraud.
    • Click to install time: this will be very minimal so it will look unreal.
    • Referrals: will be blank
    • No. of installs in a duration: if you look no. of installs in a particular time frame it will be very high. E.g. no. of installs in an hour. Have a look at hourly report. Though this may not be correct yet you can have a look at along with other supporting parameters.

How to Circumvent Such Fraud? This fraud can be circumvented by using whitelisting IPs where the transactions are coming from (for ad networks) & passing the security tokens along with the whitelisting. Apart from this, app developers need to have secured & encrypted pattern which can not be easily broken and read.

Overriding the Organic Install by Fraud Publishers

  • What is this? Such type of frauds are done by publishers who have some sort of app installed in the users device which could be an app or may be a malware so whenever any user installs any app through google or fb or any other channel, the malware/publisher’s app identifies the event.
  • How does this happen? Whenever an app in installed by the user through any source the publisher’s app or malware identifies this & fires a click at the backend just before the installation completes as there is a time b/w installation & opening the app. Publisher exploits this time duration to fire his click so the advertiser looks it as the source of install.
  • How to Identify & circumvent this? Although there is no clear or direct method to identify yet you can look at some matrices in report which may indicate such activity. You can look at:
    • Time difference b/w install & click: it will be very low as click fires just before the installation completes.
    • CR will be very high
    • Referrals: will be blank (though this is not very solid proof)

Fraud Incentivised Traffic

This sort of fraud is most commonly used methods and it quite apparent from reports. Publishers send incentivized installs on non incentivized app. In such cases the CR will be higher if you break the report down hourly basis or you change the time zone of the report you will know that CR will vary from very low to very high.

You can only prevent this by scrubbing such publishers from the network. You need to be very alert on such installs and keep a regular check and pose penalty on publishers for doing such activity.


You have now understanding of various mobile app install frauds apparent in the market & some of which are real concern & some are very hard to identify. All in all you need to have a very robust tracking/distribution system in place along with your expertise analyzing reports to identify frauds as thieves always leave signs behind J.