Fraud in e-commerce means huge losses and reputational risks. There are at least 10 dangerous e-commerce fraud scenarios that can harm your app, ranging from fake installs and click flooding to carding and DDoS attacks.
Fortunately, fraud can be detected with the help of special metrics, such as:
There are 16 such metrics in Fraud Scanner by MyTracker. For simplicity, we have divided them into three general groups.
Fraud Scanner differentiates between strict, confident and soft fraud metrics depending on the accuracy of fraud detection in your application. For more information on fraud detection metrics and how they work, see the article How to Detect Bots in E-commerce Apps Using MyTracker.
Let us consider a case of fake traffic detection in an e-commerce app using Fraud Scanner. We'll walk you through 3 easy steps to detecting and preventing fraud in e-commerce apps and provide you with actionable tips on how to communicate with your ad partner once fraud has been detected.
In early 2020, one of our new partners started using our Fraud Scanner to assess its traffic. They noted suspicious activity in one of their apps. A quick check (Reports → Templates → Combined fraud metrics) reveals the following picture (we have hidden the names of the app and marketing partners):
We see a fairly large and stable share of fraud.
There are no benchmarks for combined (strict, confident, and soft) fraud metrics; it’s up to the project manager to decide whether the indicator is high or low. Some businesses don’t mind losing 20% of their traffic to fraud and plan their campaigns accordingly. We, however, believe that 5% in strict and 7% in confident fraud is too much. Based on the table above, we can clearly tell that something is wrong with Partner 1, which is a reason for a more thorough check.
We need to use those metrics that are included in the combined metric where suspicious activity has been tracked. This helps assess more accurately what exactly is wrong with the app. In this case, we add strict fraud metrics to the Report builder. These include Stacking Installs, Hyperactive Installations, High Install Rate, Emulated Devices, Inactive Installs, Stacking Installs (there is also a separate convenient template available).
To see which metrics are included in the combined metric, we clicked on the question mark next to the metric:
Adding more dimensions triggers red in the table for several metrics:
As you can see, Fraud Scanner detected fraudulent activity coming from Partner 1 across several parameters. This means it is sending bad traffic which exceeds the acceptable level (the numbers in the table are highlighted in red).
Note that we could not have accurately identified an influx of bots with the High Install Rate metric alone. But when we add the Inactive Installs and Emulated Devices metrics, our suspicions are confirmed. Almost all of them (and in all periods) are in the red zone. This means that the indicators are so far over MyTracker’s benchmarks that the system believes it is not inaccuracy, but fraud.
Such high fraud values are a good reason to leave a bad marketing partner. Take your resources to where quality traffic comes from.
The lower the fraud metrics, the more valuable the traffic source.
After we have detected fraudulent installs in a partner's traffic, we need to start communicating with the partner. In our case, the app simply stopped working with this user source, but there are always several options available for you.
First, you should download and save the report from MyTracker. Then send the partner charts showing the suspicious user activity. You can do all of these steps yourself in MyTracker’s interface. The report is downloadable for Unity, Android, and iOS apps.
Marketing partners often ask for fraudulent user identifiers to exclude them from the cost of the ad campaign. This is only possible for Android apps, as Apple has stopped sharing IDFAs starting from iOS 14.5. You can use the RAW API to download data. For more details on this, please see our documentation.
After that, there are three things you can ask your partner to do:
There are no timing preferences for combined metrics fraud tracking; it depends on the nature of your project. You can do it once a day or once a week.
You would also be well advised to look for fraud when connecting with new marketing partners to make sure they deliver quality traffic. Fraud Scanner will start detecting fraudulent activity the day after the app is installed, but for best results start tracking on the third day post install to make sure you receive the most complete information about users.
Remember that some fraud metrics might work in one instance, but fail in another. It has to do with the following reasons:
Therefore, fraudsters may be able to better disguise themselves on some days due to, among other things, the ad traffic “around them”. For that reason, on some days, metrics may be confident of having detected fraud (red numbers = fraud values above benchmarks), and less confident on other days (green numbers). However, a more comprehensive assessment of the data, using several metrics at a time, will easily detect suspicious activity. With dozens of metrics, some will confidently show fraudulent activity.
The key is regular tracking. We have created some templates for your convenience. Periodically select the Combined fraud metrics template in MyTracker, and review an automatically generated report.