Latest data on mobile ad fraud reckons $2.3 billion in spend was subject to app install fraud over the first six months of 2019. It’s up to marketers to keep a watch for suspicious activity in their apps (or campaign results that look too good to be true). Our host Peggy Anne Salz catches up with Tyler Cooper–Head of User Acquisition, TextNow, a leading cloud communications company that also offers a free calling and texting app–to discuss how marketers can best prepare to combat fraud. Tyler, a Mobile Hero recognized for her app marketing achievement, talks about the signs of ad fraud and the importance of establishing a baseline to evaluate the normal behavior of your app users. He also chats about Search Engine Marketing (SEM) and why you need to factor in the impact of your campaign performance on organic install counts.
And we’re going to look today at a big topic out there, you’re going to be seeing a lot more about it, ad fraud in all its shapes and sizes, forms and formats, and to give you a crash course in how to fight, combat ad fraud in all of its ways in your app is Tyler Cooper, he is Head of User Acquisition at TextNow and Tyler, it is great to have you on Mobile Presence, we’ve known each other a few times before, a few other conferences and now we get to talk shop here on Mobile Presence. Great to have you.
It’s great to be on.
As I said, talking shop because I have to say we met last year and this was exactly what we were talking about, we were talking about ad fraud and I was excited about a couple of your shortcuts, we’ll be perhaps hearing a little bit more about that today but first of all, tell me about what you do over there at TextNow, what’s your daily routine?
Sure, I’ve been at TextNow for a little over three years now, we are a calling and texting platform that allows people of any budget to be able to stay in touch with their friends and family. TextNow provides people with a free phone number in their local area code, that’s part of our app, and you can call people, you can send picture messages, it works on your phone, it works on your PC or desktop. So, we see ourselves as kind of a communication platform and most importantly we’re not in networks, you can communicate with anyone regardless of whether or not they have TextNow.
And as far as my day to day, it involves trying to get more people to join our platform. So, I’m our Head of User Acquisition as you mentioned, I have a small team here, we allocate ad dollars across at this point I think we have tested up to about 90 different partners to try to find those little pockets of inventory that’ll drive new high quality users to our app and get them to not only download and register but also retain for a long period of time so that we’re able to recoup the cost of acquiring them.
Our business model is primarily focused on in-app advertising rather than direct purchases so what really matters to us isn’t just people who download the app once and then disappear but people who actually download the app and continue to stay engaged. And that’s why ad fraud is such a problem for us – it might be easy to get that quick download but you need to make sure that the users you’re downloading are actually able to maintain usage from the app for a long period of time so that we’re able to monetize and provide a good experience for them.
And also that’s what I’m hearing, you know, it’s all about high value users so to your point, yeah, it’s great to get them to download once but why is it so important, I mean, we’ve been talking about ad fraud in the industry for a while but it has perhaps new importance now because of the focus on things deeper in the funnel, you know, ad fraud is more of a problem for you?
Well, I was just at the Appsflyer MAMA conference the other day and they said that their estimate, so about 30% of all Android installs are bogus, I mean, it depends on the market, certainly in countries like Indonesia and Brazil, they have much higher ad fraud rates than elsewhere but even in the US, they’re estimating that something like 20% of all Android installs are – they’re basically bots.
They’ve got someone who’s inserted a little piece of code into a utility app and then every time somebody logs into that utility app or even in the background, they’re able to gather user data around what kind of normal behavior looks like and then try to simulate that for a new app install that comes through and some of these bots can be pretty sophisticated and if you’re losing somewhere between 20 and 30% of all installs to bot traffic, I mean, that could be your entire profit margin right there. Most people operate with – they spend a dollar, they try to pull in $1.20, $1.30 but if that 20 and 30 is fake, then essentially you’re not getting anywhere with your business, so it’s definitely critical to try to smash the bots as they come through your system or else you’ll just be losing money.
I’m just – if you could see me here, I’m just shaking my head because I didn’t realize it was that big a percentage of Android downloads as you said, but you just came back from the Appsflyer conference and of course they, being a mobile measurement provider platform, they know what they’re seeing. Huge problem, we’re going to talk about how to combat ad fraud but I'm just curious, just stepping back for a moment, you’ve written a blog about this, we’ll be telling our listeners about it later and also giving that link in the show notes but at a high level, you divide ad fraud into two main categories of fraud – that’s maybe a better way to look at it because it’s manageable like that because I’ve read reports, there’s 9 different types and there’s this and there’s that and you can get very, very confused. So, I love the fact that you’ve got it down to two categories. So define that for me, let’s start with those two types of fraud that app marketers need to be watching.
Sure. So there are essentially two ways to claim credit as an ad network partner. So, I’m the fraudulent publisher, I want to claim that a bunch of installs came from the ads that you paid for. So, I can either create an entirely fake person, this is where – and I mentioned earlier with the bots – essentially I’m finding some device ID out in the eco system, I’m deciding to pretend that the TextNow app has been installed on it and they start firing events for retention based off of that particular device ID.
If I were to actually dig deeper into the system and try to find evidence of this customer having sent any text messages, they might not exist but if the network is trying to provide high retention users, maybe they can simulate app open. You do that enough times and it starts to simulate real activity. This is kind of the first type of fraud that people think about, they say, “Oh, this is a fake person, they are not – this isn’t like actual human activity so we know that it’s fake”. You can dig deeper and find it, there’s some patterns that’ll be off.
So you’re looking for something that isn’t – that it’s meant to be human-like, it’s programmed to be human-like and you’re looking for what isn’t human-like basically in those patterns, right?
Essentially yes. You’re looking for what is normal behavior and what is abnormal behavior and if you have a good baseline for normal behavior and you’re able to look at a bot especially from a cohort of bots, you can see unusual patterns of post-install behavior.
There’s also another type of fraud which is the mis-attribution, so the customers are real but they’re coming from another source. So in this case, often times the cause of this will be what’s called click spamming, modified click spamming, so essentially the network is – they have lots of information around device IDs. For example, TextNow is such a large app that, and we have – we’re advertising pretty aggressively and we’re expanding to a new territory so they said “Well, organically a lot of people are going to download the TextNow app anyway so if I just send enough clicks from enough devices that eventually I can trick the mobile measurement partner into thinking that this click happened just before an install of a user who either had organically downloaded the app or had downloaded through another marketing partner”.
So, we have seen this a lot in the past where a given network might claim millions of clicks in a week which is a lot when you consider how often people actually intentionally choose to click on ads or tap on ads as the case may be. And then you look at it and say, “Does it really seem plausible that for the amount of budget that I allocated to this campaign, the network was able to run enough ads to generate millions of clicks?” and in that case you will see what appears to be totally normal behavior, any kind of detection based around post-install behavior would not necessarily be indicative of, “Oh, this customer looks clearly fake” – they are a real customer, in fact, they are one of your customers you probably already paid for somewhere else and that’s the real danger you can run into with this type of fraud where a network is claiming an install that really doesn’t belong to them.
And that happens more frequently do you think now than before? Because a lot of marketers are watching this but I’m still hearing that it’s a huge issue so I’m wondering, you know, when you call an ad network on this, you know, is it difficult to make that argument or easier now?
It’s a balancing act. I mean, you certainly have networks who specialize in being fraudulent, I can bring this name up just because they’ve already disintegrated but there was a network called “Mundo Media”, they’re actually based out of Toronto and they were engaged in this type of behavior, the company actually was sued by many of their advertisers and went out of business a few months ago – you can look that up. So, they were engaged in pretty – they shut down I think it was in April – and they were engaged, they had, they claimed to have 30,000 publishers and they claimed to have all these different unique traffic sources but when we started digging into the data, we noticed that the patterns of click behavior just seemed to be off so we stopped working with them and then I wasn’t that surprised to find out they’d gone out of business.
So, it’s definitely quite common, this again, I’m just taking this stat from the Appsflyer conference last week – they said that about 80% of all Android fraud consists of bot activity, so it’s essentially people faking post install activity and 80% of iOS ad fraud consisted of click spamming. It’s much more difficult to emulate the iOS devices, there’s some better security, Android of course being more of an open source platform, much more easy to generate the fake bot activity.
So, depending on the platform, you might have different patterns of fraudulent behavior and that’s something to keep a look out for as well but it’s definitely when you see very, very high click numbers – I mean, you’re talking millions, tens of millions – I had one network claim, what was it, about two hundred million clicks in a month which is essentially one click for every adult in America and I came back with the numbers and I looked at this and I thought, “This is just implausible”, there isn’t enough ad traffic out there especially given that our initial invoice would have only been for several tens of thousands of dollars, there’s no way you can buy 200 million clicks for $20,000.
It’s usually that rule, when it’s too good to be true, it usually is and that goes doubly true for mobile app marketing. We do have to go to a break, Tyler, but listeners, you can see we’re going to be deep diving into how you can tell suspicious behavior in your app and what you need to do about it so don’t go away, we’ll be right back.
And we’re back to Mobile Presence. We have Tyler Cooper, Head of User Acquisition at TextNow. And Tyler, right before the break, we were talking about ad fraud, you know, it is a massive problem, we talked about it being a growing problem. You have some numbers from Appsflyer, I have some as well from Appsflyer, estimates in the first half of 2019 alone – mobile ad fraud cost marketers over $2.3 billion and nearly 1 in 4 paid installs were fraudulent. So, we know it’s a huge problem, we have some numbers that give us the range but let’s just talk about the tech stack to combat this. You know, what do you need to have, I’ll call it the anti-fraud tech stack, right? We talk about the growth stack, we’ll talk about the tech stack for this. What are some of the parts in this because in order to combat fraud, you have to be equipped in the first place, so what would you suggest?
Well, right off the bat, everyone who works with an MMP, a mobile management partner, who is able to both attribute installs properly as well as find networks that are attempting to attribute installs improperly so in the case of TextNow, we actually use Adjust, they have a fraud prevention suite that detects several different types of fraud, things like device farms, those are the bots we mentioned earlier, ASDK spoofing where an SDK that has been implemented in the app is trying to fake an install and signals at scale where they’re kind of generating a lot of essentially post install things that aren’t real, click spamming as we mentioned where a network will send out tens of thousands and millions of clicks well beyond what they’re actually buying in order to try to take credit for installs that aren’t there.
So, we certainly use Adjust as the starting place to combat fraud and they definitely catch significant amounts of it even with networks that we trust and have worked with for a while, we’ll still see some small percentage of installs come through that need to be rejected for various reasons.
So definitely talk to your mobile measurement partner, make sure that they have all their fraud tools up in place and you should be able to get a first sweep of detecting a decent amount of what’s going through. So, right off the bat, just by working a mobile measurement partner and integrating with their existing fraud detection tool, you should be able to combat a sizable amount of the fraudulent activity.
That being said, that’s only a first step. You will still want to have an existing system in place that helps you define what does normal behavior look like and I speak about this in my blog where it’s best to run a small test for the network that you worked with in the past and trust or just one that other people have given you social proof to prove Hey, this is someone that we can trust and watch it drive decent high quality users. And that small test will tell you things like what does a normal click through rate look like, what does a normal conversion rate look like, what does the normal rate of retention for our customers look like? You can compare that against your organics, typically an ad network will have users who are within a fairly narrow range of what your organics look like.
If your day one retention rate is 40% and your new network says that their day one retention is 80% or 8%, that could be a problem. If you’re doing twice as well or a small fraction as well as what you expect your customers to behave like, that could be a sign that – you know, fraud is a really strong word, maybe they’re just buying users from sites that are poorly aligned with your customers’ use case, if you’re advertising a kids game to men in their 50s, maybe there wouldn’t be a strong affinity for it so they might download the app and then not retain once they realize that it’s too cutesy.
So, it’s certainly possibly that your ads might just be mis-targeted but that’s still something you’d want to watch out for if your ads are not driving value for you, then obviously you want to rearrange your budgets.
And just to be clear on this part of the tech stack, this is what you need to do – are there any tools or any shortcuts here that you can recommend?
Sure. So, one thing that we had recently integrated with is a company called Scalarr, I’m sure you’ll have that in your notes somewhere.
They are an additional fraud detection layer so they go beyond just what the mobile measurement partner does or what your own kind of definitions of normal would be – this third party tool allows us to really dig into in particular modified click spamming which will essentially create an abnormal click time to install distribution which – very technical - if you have a new person just coming in and they go, “Huh, what’s that?” Essentially, there’s some normal curve between seconds after someone taps on an ad and when the install began. If a very large number of people claim to be launching a 2Gb app after 3 seconds, that’s probably suspicious, you can’t download something that quick. If the network is saying that half of all their installs are happening a day after the click, that’s also suspicious, typically when people go through their intent driven experience of tapping on an ad, clicking on the download feature and downloading the app, they’re likely to open it relatively quickly. So, certainly there is a long curve of people who take a while to launch an app after that initial period but if the distribution is too off, if you don’t see – if normally people take around 5 minutes to go between tapping on an ad and launching the app, if you see too many of the installs happening either way too quickly right after that tap or way too far out from that initial tap, then that can be sign of suspicious behavior and that’s what our Scalarr tool is able to do.
They’re essentially looking at – they run for the first month, they gather lots of data on what your normal behavior of tapped install looks like and then they’re able to scrub out installs that are happening outside of that normal window, if there’s too many of them.
The best way to solve something like this would be looking at a bunch of complicated graphs with a chart, not great for a podcast formal but suffice it to say that you definitely want to look at your normal behavior of tap to install times and see what your normal distribution looks like and if you have – Scalarr helps us to identify what normal looks like so we can find the abnormal.
I get it completely, you’re making a bell curve out of this particular part of behavior and you’re saying, “Okay, this is where it all usually happens and this is not and this is not” and scrub them out and then also have an argument for your ad partner to say, “Look, this could not have been the case” and you have something to back it up. Is it only for that point, you know, that time between tap and install or can you use this on other moments, you know, sort of in the journey to just say, “Yes, this is a real user as opposed to this is fraud”?
They are definitely looking at other behaviors as well, abnormal engagement behavior, if there are too many PPN-based installs, you have too many willed with anonymous IP addresses, that could be suspicious, also be looking at things like – again, those smart bots and bot farms – although in the case of the bots, they’re usually pretty obvious so you don’t necessarily need to layer in another tool for that but if you’re really new coming into this and you’re not sure how to identify that behavior, then definitely building out that tech stack can be helpful.
So the tech stack is one part of it which is extremely key. I’m just curious, you yourself, Tyler, I’ve known you for a while now and I know that you also, you know, love to innovate on your own. Is this something that marketers need to do or automate? Is it something where I have to sit down and also think of new ways to do things or are all the tools there or are there still some gaps where I’m going to have to glue it together? I guess the question is, the role of marketing automation, the role of AI in all of this, we don’t have it all stitched together yet, I don’t know how you approach it but how do you see the role of that?
Stepping back slightly on that question, as a higher level, the reason you want to bring in another third party tool is you need a neutral arbiter, so from the point of view of the publisher, they want to take credit for as many installs as they can possibly claim. To the point of view of the advertiser, they want to take credit for as few installs as they can possibly claim to reduce their bill.
So, when you just have that conversation between the marketer and the person who sold the ads to you, it’s also a contentious relationship, that’s often why ad agencies exist in the first place is that new buyers are reluctant to get into these long heated battles with existing publishing partners and the agencies also have an incentive to make sure that their publishers are happy, that if they fight too much on fraud and they allow too many false positives to come through, then they’re not going to have business in the long run, nobody will want to work with them.
So, it’s definitely a balancing act, it’s often, “Oh, cut out the middle man, get rid of all these extra layers and bureaucrats and do everything yourself in-house”. There is sometimes a value to having that neutral arbiter come in as a third party and say, “Look, we’re trying to balance the needs of both parties here, we’re looking at aggregates of data across multiple partners, not just one app or one publisher, so we’re able to kind of – at a higher level – get a better sense of what’s going on” and there is often some value there.
And just curious for yourself, is this something that you believe you can do or that mobile marketers can do with the tools that are out there or are there still some gaps that you’re finding you have to fill with, you know, with what you know, with sort of like I want to say sort of homemade solutions but not duct-taping them together, I don’t want to put that as a thought. But, you know, it doesn’t all work yet, does it, and so there are places where we need to, where the marketer has to bridge it somehow.
A marketer will need to essentially be their own fraud detection bot as well, not everything is going to be caught by a third party tool, you also need to be able to identify false positives that there could be differences in the mix of the partners that you work with, you might have some partners that are heavily view and video-based where you are expecting to drive somewhat of an organic uplift so you wouldn’t expect there to be the same behavior in terms of click to install or view to install behavior as you would from, say, a search ad on Apple Search where you would have that direct link in place putting it right in front of the customer direct driven.
Different traffic partners will have different click to install behavior and just sort of general post install behavior as well so the marketer needs to understand how different traffic sources will generate different types of user and different types of behavior from that user’s install journey so you don’t necessarily want to outsource everything and just hope their algorithm will just put everything together and look at it – holistically sometimes you’ve have nuance in your different traffic partners and you might not want to shut down things that are being flagged as fraudulent inappropriately.
That’s what I meant, there’s still an element, a very important element of human judgement in this. And Tyler, we do have to go to a break again but when we get back, we’ll be talking about the place of the human, the future of AI and maybe also a couple of your tips around how to establish baselines that work. So, lots of reasons to come back, listeners, don’t go away, we’ll be right back.
And we’re back to Mobile Presence. I’m Peggy Anne Salz and we have Tyler Cooper, Head of User Acquisition at TextNow and also a Mobile Hero because of your accomplishments in mobile marketing. And of course one of your other accomplishments, I think, is – I don’t know, was it your first blog, Tyler, I’m just curious?
I think I had a few blog posts before...
A few before...
Some smaller ones where I’ve had some Q&A sessions with people but I don’t think I’ve ever written anything directly like this.
Well, I’ve looked at it over on your page, over at Liftoff for the Mobile Heroes and I have to say it is really well done and in particular you don’t just sort of dwell on ad fraud as we know it, talking about the suspicious behavior and that sort of thing, but you get out into another area that we also have to be concerned with which is mis-attribution – it’s not fraud per se but it’s something you need to watch and more importantly you need to check because it isn’t intended but, you know, impact is significant. So, I’d like to hear about search engine marketing and how you approach that and some of your tips from your blog.
Sure. So, in the case of search engine marketing, we have to realize that Google is the largest by far ad network in this entire space, something like 37% of all marketing dollars spent on mobile are spent through Google, that’s why Google’s one of the richest companies in the world. They’ve really mastered this space, they know how to get a specific ad unit in front of a customer who’s likely to click on it and then download the app.
So, you think, “Okay, Google I can trust them, everything works just fine”. Well, technically, yes, you can trust them, they’re probably not engaged in click spamming or bot traffic, they don’t need to do that – they have the Google Play Store itself, they know the direct data that comes from their own system, they know that if somebody sees an ad and then taps on it within the 7 day window or whatever window we’ve set with them, that we’re able to identify the installs appropriately.
The downside is that Google is not the only ad partner that you’re working with. So, if you’re working with multiple ad partners, it’s possible that, for example, somebody saw an ad on your third party display network, maybe AppLovin, they say, “Oh, this is interesting”, they then search on Google Play, they say, “What is this texting app?”
So, they type in “TextNow texting app”, our Google ad will pop up to the front because they’ve picked a very keyword rich search that is very related to what we’re looking for, they see the TextNow ad, they click on that ad and they download the app. Well, who should get credit? And that’s kind of an open question in the space.
There’s no single journey where one customer sees one ad and then instantly becomes a loyal customer, often times it requires multiple touches. No-one has, to my belief, put together a perfect model for how to give partial credit to every publisher but there can definitely be an issue where multiple networks will try to claim credit for the same install.
The mobile measurement partner, if you’re using a last click attribution, would pick a specific network to give credit to but from the point of view of Google, well they saw a customer come in, click on one of their ads and then launch the app. So, they’re also going to claim credit. So, because Google is what’s called a self-attributed network, they might take credit for installs that potentially don’t belong to them, they actually belong to some other third party where we invested more and put maybe a large video ad in front of them before they did the search.
So, so long as self attributing networks exist, there’s always going to be somewhat of a mismatch between the number of installs that Google will claim and the number of installs that, say, Adjust would claim that Google should have. That’s an ongoing issue in this space so it happens not just with Google but certainly Facebook and Apple Search ads as well.
There’s also an issue of organic poaching, so this isn’t so much that multiple ad networks are trying to claim credit for the same user but imagine that user experience again where someone is merely looking for a texting app, they’ve never seen a TextNow ad before, they go into Google and search “texting app”. Now, for that particular keyword, we may very well be ranked number one organically, it’s a common problem with search engine marketing where your organic rank could be at the very top but you still run an ad on top of it, so essentially they’re seeing two placements for the same product.
Now, from the customer’s point of view, they say, “Okay, this is great”, they click on the ad, they download the app. Now, there’s always an unwritten rule of could that customer have downloaded your product that was on the top of the listing without that ad? And in many cases, yes, so you’re now essentially buying your own organics and as you ramp up your marketing budgets on search, say, your total number of paid installs from search marketing goes up by 100, the number of organic installs you have every day drops by 10. So on net, your campaign actually only drove 90 installs, some of the installs that you purchased, you would have gotten organically.
This is kind of organic poaching or mis-attribution, it’s very difficult to build a perfect model for this, you have to kind of run some small tests, slowly ramp up budgets, see what happens to organics. It’s a big challenge in this space but it’s definitely something you want to keep an eye on especially if you plan on ramping up search engine marketing very aggressively, very quickly – you will see a drop in organics potentially, that could be concerning and at that point you want to look at “What is my net increase in total installs?” so it requires a little more math on your part and you may result in not only a self attributing network claiming more installs than they saw because they’re essentially taking them from other partners, but they’re also claiming organics so you’d want to look at, you know, the network might be claiming a certain number of installs but you would actually want to give them credit for slightly less than that in terms of how you calculate ROI.
The challenge with this is that unlike with some of the third party display networks, you can’t really go back to Google and say, “Well, hey, I want 10% of my money back” because 10% of those users would have been organics that you essentially poached anyway. So, given that you can’t really go back to Google and demand money back, it’s not really how they operate, you just want to kind of make a note of that when you’re doing your yield calculations.
So, in this case again, you would say my real cost per install is actually whatever I paid for the 100 installs divided by the 90 that I actually got and that can be a challenge to do and it can create some additional math and the number is never that clean, it’s never exactly 10% all the time, it will fluctuate. So, it’s something to keep an eye on and something to watch out for but it’s definitely a concern for marketers as they start to move into search engine marketing.
You bring up some great points there, I mean, it’s literally something where our listeners taking notes or making note of that but you can read it over on your blog. We have run out of time, Tyler, I would love to hear from you what’s next for you but I think what we’re going to have to do is bring you back a second time, if you’re open to that?
I’d love to have you on the show again, I think this was very informative, I mean, one of the shows where I know that you’ve raised more questions than we’ve been able to answer in this sort period of time which is why I’m going to ask you how our listeners can stay in touch with you because you may have just kicked off something loose here, where it’s like, “Wait, I have a question, I want to ask Tyler this”. How can they do that, is it LinkedIn, is it...
Sure, you can reach me on LinkedIn, I generally accept invites especially if you call out this podcast and I’ll know that it’s someone that has an interesting question for me. You can also reach out to me on the Mobile Heroes Liftoff channel, I think many of your listeners might be members of that channel and you could also email me as well – email@example.com – be happy to answer any questions or follow up and see if maybe there’s some way we could do business together.
Absolutely, I will absolutely have you back, in fact, you’re not going anywhere because right after this show I’m going to ask you to be back and talk about more about this. But in the meantime, my friends, this is a wrap and of course if you want to read up on Tyler or any of the other Mobile Heroes in the series, you can check out their dedicated page over at heroes.liftoff.io.
And if you want to keep up with me throughout the week or find out more about how you can be a guest or sponsor on Mobile Presence, then you can email me, firstname.lastname@example.org.
And that, my friends, is a wrap of yet another episode of Mobile Presenc as I stated, and you can always check out earlier episodes by going to webmasterradio.fm or on iTunes, Stitcher, Spreaker, Spotify and iheartRadio, go to any of them and look for Mobile Presence. So until next time – remember - every minute is mobile, so make every minute count. We’ll see you soon.