Detect and fight ad fraud by configuring your fraud validation rules. You can set the prevention level for each rule and decide how to process the fake conversions and touchpoints.
Caution
The fraud validation rules may affect ad cost calculations for paid ads. Consult with your ad channels, agencies, and any other stakeholders before configuring the fraud validation rules.
Fraudulent conversions can be detected using the device information of the device to which the conversion event is traced back. Follow the steps below to add fraud validation rules that can identify fake conversions.
1. Click the “Add a rule” button. Select the [Property] from the following options:
OS Version, App Version, Timezone, Country, Language, Locale, Network Carrier, IP Address
2. Select the [Condition] for the property. The following table lists the available options.
Property | Condition |
|---|---|
OS Version | Less than, Less than or equal to, Equal |
App Version, Timezone, Country, Language, Locale, Network Carrier, IP Address | In, Not In |
3. Select the [Prevention Level].
4. Click the “Add a rule” button to add more rules.
Fraudulent touchpoints can be detected by identifying unusual lag time or touchpoint-to-install time. Follow the steps below to add fraud validation rules that can identify unusual lag time to detect fake touchpoints.
1. Click the “Add a rule” button. Select “Click” or “Impression” from the [Touchpoint] dropdown list.
2. Select “Less than” or “Greater than” from the [Condition] dropdown list.
3. Set the lag time. The lag time can be set in seconds, minutes, hours, and days.
4. Select the [Prevention Level].
5. Click the “Add a rule” button to add more rules.
Fraudulent touchpoints can be detected by determining whether unusually excessive numbers of touchpoints occurred during a set time period. For example, if 10 touchpoints per minute are considered to be normal, and 15 touchpoints have been collected per minute, the last 5 touchpoints will be flagged as ad fraud.
1. Click the “Add a rule” button. Select “Click” or “Impression” from the [Touchpoint] dropdown list.
2. Select “IP,” “Device,” or “Sub-Publisher” from the [Property] dropdown list.
3. Enter the cap amount. All touchpoints beyond the cap amount will be flagged as ad fraud.
4. Set the time period. You can set 1 to 10 minutes in 1-minute increments, 10 to 55 minutes in 5-minute increments, and 1 to 24 hours in 1-hour increments.
5. Select the [Prevention Level].
6. Click the “Add a rule” button to add more rules.
Fraudulent touchpoints can be detected by determining whether the touchpoints occurred from suspicious IPs.
1. Select “Server IP” or “Country IP” from the [Property] dropdown list.
Server IP: IP address provided by data storage services such as AWS and GCP. In general, legitimate events are not traced back to a server IP, which means that events that are traced back to a server IP are highly likely to be fraudulent. When you select “Server IP,” all events that are traced back to the server IPs that are included in the “Suspicious IP list in Airbridge DB” will be flagged as ad fraud.
Country IP: Geographical location of the IP address.
2. If you have selected “Country IP,” select “in” or “not in” from the [Condition] dropdown list, and select the country from the [Value] dropdown list.
3. Select the [Prevention Level].
4. Click the “Add a rule” button to add more rules.
Fraudulent conversions and touchpoints detected by the fraud validation rules will be processed according to the set prevention levels of each fraud validation rule. There are 3 prevention levels you can choose for each rule.
When fraudulent conversions or touchpoints are detected, they will be marked as fraud in the Actuals Report and in raw data. Other than that, they will be attributed, and postbacks will be sent to the attributed channel.
To view the fraudulent conversions and touchpoints, you can select the following fraud tags from the GroupBy options in the Reports.
Fraud_Touchpoint_BlacklistingByServersideIP
Fraud_Touchpoint_BlacklistingByOverseaIP
Fraud_Touchpoint_ClickFrequencyCapped
Fraud_Touchpoint_ImpressionFrequencyCapped
Fraud_Touchpoint_ClickFrequencyCappedByIP
Fraud_Touchpoint_ClickFrequencyCappedByDevice
Fraud_Touchpoint_ClickFrequencyCappedSubpublisher
Fraud_Touchpoint_ImpressionFrequencyCappedByIP
Fraud_Touchpoint_ImpressionFrequencyCappedByDevice
Fraud_Touchpoint_ImpressionFrequencyCappedBySubpublisher
Fraud_Touchpoint_ClickShortLagTime
Fraud_Touchpoint_ClickLongLagTime
Fraud_Touchpoint_ImpressionShortLagTime
Fraud_Touchpoint_ImpressionLongLagTime
Fraud_Conversion_DeviceAOSVersion
Fraud_Conversion_DeviceiOSVersion
Fraud_Conversion_DeviceAppVersion
Fraud_Conversion_DeviceTimezone
Fraud_Conversion_DeviceCountry
Fraud_Conversion_DeviceLanguage
Fraud_Conversion_DeviceLocale
Fraud_Conversion_DeviceCarrier
Fraud_Conversion_DeviceIpAddress
If the Target Event is detected as fraud, the subsequent events will also be marked as fraud.
Fraud_Conversion_DeviceAOSVersion
Fraud_Conversion_DeviceiOSVersion
Fraud_Conversion_DeviceAppVersion
Fraud_Conversion_DeviceTimezone
Fraud_Conversion_DeviceCountry
Fraud_Conversion_DeviceLanguage
Fraud_Conversion_DeviceLocale
Fraud_Conversion_DeviceCarrier
Fraud_Conversion_DeviceIpAddress
When fraudulent conversions or touchpoints are detected, they will be marked as fraud. They will be attributed, but no postbacks will be sent to the attributed channels.
When fraudulent conversions or touchpoints are detected, they will be marked as fraud, won’t be attributed, and no postbacks will be sent.
Was this page helpful?