Branch’s Fraud Detection Platform uses an intelligent blacklist to block known bad actors in real time, ensuring customers don’t pay for fraudulent traffic. It includes core metrics that help identify forms of fraud such as install hijacking, click flooding and device reset fraud.
The platform leverages Branch’s persona data to give you RealScore - a model that intelligently scores the likelihood that any given install comes from a real person rather than a bot, malware or false attribution claim. RealScore depends on a variety of web and app signals to establish patterns of normal and fraudulent behavior, making it the first fraud detection product to leverage the full set of signals available on mobile.
In order to view Fraud Analytics, you need to have completed the following:
- Enabled Fraud Rules
- Have sufficient access/permission rights for your Branch app.
- View/Edit access to the Fraud Settings & Data permission.
Core Metrics allow you to quickly analyze fraud detection performance.
% Blocked Installs
The percentage of blocked installs divided by installs.
Click to Install %
The percentage of attributed installs divided by clicks.
Install % Over 1d
The percentage of unblocked installs where the time from click to install was over 1 day - an indicator of click flooding.
Install % Under 10s
The percentage of unblocked installs where the time from click to install was under 10 seconds - an indicator of click injection
In-Depth Fraud & Recommendations
Because Fraud Detection is very complex, visit our guide on understanding fraud and recommendations here.
The Fraud Report will measure the performance of your blocked events for specific fraud indicators. Branch recommends creating fraud rules to block erroneous attribution credit in real time.
The time between the touch and the conversion is short.
Events with suspicious touch to Play Store Install Begin times, indicative of Click Injection.
The device information on the touch and the conversion are different.
The touch and the conversion occur in different countries.
Events coming from known TOR networks.
Once Ever Capped
Events only occurring once per user.
Browsers or devices with suspicious behavior based on Branch’s cross-platform Link Graph.
Install from fake devices or emulators.
Events matching your custom selection of fraud parameters.
Do not show blocked events based on Fraud Rules. Branch automatically selects
Fake Devices/Click Farms
Emulators and click farms generate clicks from suspicious IPs, as well as show abnormal behavior after installing. Check blocked clicks and your user value metrics in Ads Analytics to identify this fraud.
Install Hijacking/Click Injection
When a new app is installed, other apps on the phone can sometimes detect the install, even before the first open. Fraudulent publishers may fire off a click when they detect an organic install, just before the app is opened. This can be identified by suspiciously low click to install times.
Publishers can generate millions of clicks with different device IDs in the hope that one of those users will install later. Generally the click and installs actions are disconnected, so you can expect to see long click to install times and a very low conversion rate.
Publishers will sometimes put dozens of ads in one ad placement, causing high numbers of impressions and clicks, with low install rates.
Device reset fraud is characterized by new devices from suspicious IPs. Keep an eye on your user value metrics and suspiciously high click to install rates.
The Click to Install (CTI) Time is a great tool for comparing CTI time for specific ad networks broken out by OS. Here you'll be able to compare CTI time in:
Updated 27 days ago