You can set fraud validation rules and prevention levels for Touchpoint and Conversion from [ Management > Rule Configuration > Fraud Validation Rules ]. You can determine how to mark suspicious events by 3 levels: 'Mark as a Fraud', 'Disabled Postback' or Disabled Attribution'

Please be noted Fraud Validation Rules may affect the calculation of paid advertisements, thus the rules MUST be discussed and consulted with agencies and Ad channels in advance.

 

Configurable Rule Types

Conversion Traffic

Detect fraudulent events based on the APP information in which conversion has occurred.

 

1. Rules are generated based on device information in which conversion has occurred.

• OS Version: Android / iOS (e.g. Android 5.0.2)

• App Version: App version the user installed (e.g. 1.2.3)

• Timezone: Timezone of device (e.g. Asia/Seoul)

• Country: Country code of device (e.g. KR(Korea, Republic of))

• Language: Language code of device (e.g. ko(Korean))

• Locale: Locale information of device, Language/Country (e.g. ko-KR)

• Network Carrier: Network Carrier of device (e.g. SKTelecom)

• IP Address: IP address of device (e.g. 61.33.15.194)

2. The following conditions are available for the selected properties.  

• OS Version: Less than, Less than or equal to, Equal

• App Version / Timezone / Country / Language / Locale / Network Carrier / IP Address: In, Not In

3. Choose the prevention level when the events are affected by the rules. You may refer to the following guide.

• Setting prevention levels for fraudulent events

4. You can create multiple validation rules. All rules are reflected as 'OR' conditions. 

 

Lag Time

Using the lag time between Touchpoint (Click, Impression) and App Installation, you can mark specific Touchpoints with abnormal lag time as fraudulent. You can create Lag Time rules per each Touchpoint type individually.

1. Select the type of Touchpoint (Click, Impression)

2. The following conditions are available for the selected property. 

• 'Less than', 'Greater than'

3. Select the unit of time as follows. 

• 'Second(s)', 'Minute(s)', 'Hour(s)', 'Day(s)'

4. Choose the prevention level when the events are affected by the rules. You may refer to the following guide.

• Setting prevention levels for fraudulent events

5. You can create multiple validation rules. All rules are reflected as 'OR' conditions.

 

Frequency Capping

If touchpoints occur more often than the threshold value during the configured time, you can mark the touchpoints above the threshold as fraudulent touchpoints. You can apply specific IP, device, and sub-publisher on each touchpoint type. Follow the below guide to create your own Frequency Capping rules.

1. Select the type of Touchpoint (Click, Impression)

2. Select Property. (IP, Device, Sub-Publisher)

3. Type Capping value. (thresholds) 

4. Select the time range. The time range is broken down into 1-minute unit up to 10 minutes, 5 minutes unit from 10 minutes to 55 minutes, and 1-hour unit from 1 hour to 24 hours.

5. Choose the prevention level when the events are affected by the rules. You may refer to the following guide.

• Setting prevention levels for fraudulent events

6. You can create multiple validation rules. All rules are reflected as 'OR' conditions.

 

IP Blocklisting 

You can classify fraudulent events based on the IP where the touchpoint occurred. For example, you can exclude touchpoints that occurred from non-target countries or touchpoints that occurred from AWS and GCP Server IPs that can be suspected as bot traffic. 

1. Select the type of IP property. (Server IP, Country IP)

• Server IP: These IPs registered in Airbridge DB are IP bands provided by cloud services such as AWS and GCP. Thus a normal user's device cannot generate such IP addresses. Should an event occur in these IP bands, you could suspect it as a fraud. 
• Country IP: You can select a specific country's IP to include or exclude. 

2. Select Condition over the selected property. 

3. Select Country from the drop-down menu.

4. Choose the prevention level when the events are affected by the rules. You may refer to the following guide.

• Setting prevention levels for fraudulent events

5. You can create multiple validation rules. All rules are reflected as 'OR' conditions.

 

Fraud Tag

Any events that correspond to the Validation Rules you set can be filtered by 'Fraud Tag' in the Actuals and Raw Data. Below, you can find the full list of Fraud Tags.

* Fraud tag can be added anytime if a new condition is added to the Validation Rules.

Touchpoint Fraud Tag

- Fraud_Touchpoint_BlacklistingByServersideIP
- Fraud_Touchpoint_BlacklistingByOverseaIP
- Fraud_Touchpoint_ClickFrequencyCapped
- Fraud_Touchpoint_ImpressionFrequencyCapped
- Fraud_Touchpoint_ClickFrequencyCappedByIP
- Fraud_Touchpoint_ClickFrequencyCappedByDevice
- Fraud_Touchpoint_ClickFrequencyCappedSubpublisher
- Fraud_Touchpoint_ImpressionFrequencyCappedByIP
- Fraud_Touchpoint_ImpressionFrequencyCappedByDevice
- Fraud_Touchpoint_ImpressionFrequencyCappedBySubpublisher
- Fraud_Touchpoint_ClickShortLagTime

• If Lag Time is shorter than the time in 'Click' Touchpoint and 'Less Than' Condition you set in the [ Lag Time ]

- Fraud_Touchpoint_ClickLongLagTime

• If Lag Time is longer than the time 'Click' Touchpoint and 'Greater Than' Condition you set in the [ Lag Time ]

- Fraud_Touchpoint_ImpressionShortLagTime

• If Lag Time is shorter than the time 'Impression' Touchpoint and 'Less Than' Condition you set in the [ Lag Time ]

- Fraud_Touchpoint_ImpressionLongLagTime

• If Lag Time is longer than the time 'Impression' Touchpoint and 'Greater Than' Condition you set in the [ Lag Time ]

 

Conversion Fraud Tag

Any events that correspond to the Conversion Traffic rules you set will be marked with Conversion Fraud Tags.

- Fraud_Conversion_DeviceAOSVersion
- Fraud_Conversion_DeviceiOSVersion
- Fraud_Conversion_DeviceAppVersion
- Fraud_Conversion_DeviceTimezone
- Fraud_Conversion_DeviceCountry
- Fraud_Conversion_DeviceLanguage
- Fraud_Conversion_DeviceLocale
- Fraud_Conversion_DeviceCarrier
- Fraud_Conversion_DeviceIpAddress

 

Target Event Fraud Tag

Any Target events that correspond to the Validation Rules you set, the attributed subsequent events such as Open, Purchase, etc will be marked with Fraud Tags. 

- Fraud_Conversion_DeviceAOSVersion
- Fraud_Conversion_DeviceiOSVersion
- Fraud_Conversion_DeviceAppVersion
- Fraud_Conversion_DeviceTimezone
- Fraud_Conversion_DeviceCountry
- Fraud_Conversion_DeviceLanguage
- Fraud_Conversion_DeviceLocale
- Fraud_Conversion_DeviceCarrier
- Fraud_Conversion_DeviceIpAddress

 

Setting Prevention Levels for Fraudulent Events

Mark as a Fraud

When fraudulent events are detected by the configured rules, the touchpoints or conversions are marked as fraudulent. For this prevention level, attribution is acknowledged and postback is also sent to channels accordingly.

Disabled Postback

When fraudulent events are detected by the configured rules, it acknowledges the attribution for touchpoints or conversions, but postback will not be sent to channels.

Disabled Attribution

When fraudulent events are detected by the configured rules, it neither acknowledges nor sends postback to the channels.