We recommend regular monitoring of fraud metrics to detect critical indicators, recognize fraudulent schemes, and find the source of bad traffic.
As an example, let's build a report using a Strict fraud template (Reports → Templates). The report shows the number of suspicious and emulated devices, as well as the number of devices with quick installs and stacking clicks — i.e. the share of traffic that is likely to be fraudulent.
The report includes data for installs made only during the selected report period. Remember, the most accurate fraud indicators are only available 3 days after an install, when Fraud Scanner has collected enough data about the user behavior.
Below you’ll find info on how to read reports using benchmarks, installs, comparison, and dimensions.
Color indicators in the report are related to benchmarks.
If the values are highlighted in red (above the benchmark), we recommend adding more dimensions: Select from list → Dimensions → Traffic source → Campaign or Partner to determine the potential source of fraudulent traffic and take necessary measures.
Color-based fraud indication is only applicable if there is an Application or a Platform dimension in the report
Use the Installs metric to see the volume of incoming traffic. This comes in handy when working with absolute metrics (not percentage ones), when the same fraud values can be highlighted with different colors. Fraud indicators per se do not mean a fraud attack, it's the share of fraud in the total number of installs that’s important.
Compare the following:
It's clear that campaign 2 is using fraud methods to drive traffic.
Compare fraud metrics with data from previous periods, such as yesterday or the previous month, to track suspicious traffic flow.
The results of the comparison feature the "+" and "-" signs. Color coding is the same:
Template reports are configured to compare data with those of the previous day. To add a comparison chart to your report, press the Settings button in the Constructor, and enter new settings in the Comparison field.
Start with combined metrics from myTracker, and then gradually refine the data by adding more and more dimensions and fraud metrics.
It’s a universal approach suitable for those who don’t have time for hard research, are not familiar with key fraud metrics, have just rolled out an ad campaign, or have entered into a new partnership.
We recommend building a report at least 3 days after an app install when Fraud Scanner has collected enough data about the user behavior
Fraud metrics can be presented in absolute or percentage terms, where the percentage shows the number of fraudulent installs as a proportion of the total number of installs made in the selected period.
For more details on analyzing data, refer to the How to read reports section