While some within the industry might have previously brushed off ad fraud as an annoying itch, adland has since begun to acknowledge the immense threat it poses. With fraudsters estimated to have swindled a total of US$18 billion last year from advertisers in APAC alone, it’s not hard to see why.
High profile fraud cases have been coming in thick and fast. These include revelations of 3ve, a massive botnet operation, late last year – thought to have defrauded brands and businesses out of US$29 million. Additionally, in February 2019, Oracle uncovered DrainerBot – an in-app malware that generates fake ad views, wasting up to 10 GB of data a month for unsuspecting consumers. Most recently, a Buzzfeed investigation revealed substantial allegations of ad fraud against Chinese developer DO Global, leading Google to impose an unprecedented ban on the behemoth developer’s apps from the Play Store.
Complacency has allowed fraud to scale rapidly
The bad guys are no longer a group of rogue actors operating from dingy basements – they’re well equipped and innovative in their approaches. To put things into perspective, more is lost every day to ad fraud than the entire US$29 million thought to have been earned by 3ve over the course of three years of operations.
While many in the industry have wasted time pointing fingers at one another, fraudsters have been running sophisticated, profit-driven businesses equipped with R&D resources, to find new ways to exploit digital advertising.
And while every new scam exposed appears to be more sophisticated than its predecessor, the reality is that each of these cases is a drop in the ocean of ad spend being wasted on fraud. The real threat isn’t these relatively small players that get caught, but the sophisticated operations that will continue to evade authorities.
But just because they avoid prosecution, doesn’t mean we can’t stop them committing the crime. With digital advertising poised to account for almost half of the US$220 billion set aside by APAC’s advertisers this year, the stakes are higher than ever. It’s high time we make a stand.
To our credit, the industry has recently made some strong headway in the fight against ad fraud. The Interactive Advertising Bureau (IAB), for one, has set a strong precedent, introducing a number of new initiatives and standards to keep abreast of the latest threats.
For example, with ad fraud on OTT and mobile channels growing, the (IAB partner organisation) IAB Tech Lab recently introduced app-ads.txt – a standard which provides a mechanism for mobile content owners to declare their authorised digital sellers. In addition, IAB UK recently announced a more stringent process for its Gold Standard initiative – awarded to buy and sell-side members to recognise their commitment to best practices in preventing ad fraud and promoting transparency. As a first line of defence, strong governance from industry authorities will continue to be crucial – and with greater cooperation, things are definitely already on the up.
That said, regulations have their limits – they are slow to react to changes in the landscape and can’t patch every leak. So while they are vital in maintaining industry awareness and vigilance, regulations don’t stop criminals in their tracks. And in some cases, regulations can actually create a false sense of security – hence the reaction to recent ads.txt shortcomings.
Grab the bull by its horns
The key to eradicating fraud therefore lies not in regulation or even trying to bring every fraudster to justice. The key lies in stopping the fraudsters from getting paid – essentially, make it impossible for them to justify the costs of maintaining their operations.
Today, it is standard practice for advertisers to wait until billing time to assess the quality of their ads, before requesting refunds or credits from traffic sources – as compensation for invalid traffic. As supply-side intermediaries typically operate on shorter payment terms than advertisers, this means that the fraudster would have already been paid by the time the advertiser is invoiced, and can re-invest the funds to further innovate their product, for example.
Ultimately, intermediaries pay the fine for fraud, and fraudsters are free to continue innovating to avoid detection – and the vicious cycle continues. In fact, Juniper Research estimates that an advertiser displaying 1 million ads in a 24 hour period will pay for more than 100,000 fraudulent ads on average, before they get detected.
Worse still, when fraud-riddled sources get misattributed as genuine engagement, it makes them appear better performing than they actually are. As a result, advertisers and intermediaries often complacently increase their investment with these sources mid-campaign, creating more and more demand for the fraudulent product, only to then be informed at the end of the campaign that their traffic has been invalid. In other words, the fraudster gets paid even more.
The question, then, needs to focus not on who owes who what, but how we speed up the process to diagnose that fraud sooner rather than later. How do we prevent ad fraud as it occurs, before spend gets siphoned off? How do we optimise fraud out of the equation?
What’s clear is that we need to take a proactive – and not reactive – attitude towards mitigating fraud. Let us not be bystanders when crime is happening beneath our very noses.
Ultimately, as digital ad spend continues to rise globally, adland will become increasingly arable for fraud – by 2022, global loss to ad fraud across mobile applications will reach US$65 billion, with APAC accounting for US$44 billion of this.
At such a scale, it would be unrealistic to expect each fraudster to be brought to justice. But if we can stop the fraudsters from getting paid, the business of fraud becomes less lucrative and ultimately, less attractive. The onus will thus be on every player in the industry to build a healthy digital advertising ecosystem by taking steps to proactively remove fraud to stop the fraudsters from getting paid.
Luke Taylor is the founder and chief operating officer of TrafficGuard. He has over 18 years of experience in managing and growing various digital marketing, internet and mobile technology companies.