Overview
Branch’s Fraud Detection Platform uses an intelligent blocklist to block known bad actors in real time, ensuring customers don’t pay for fraudulent traffic. It includes core metrics that help identify forms of fraud such as install hijacking, click flooding and device reset fraud.
The platform leverages Branch’s persona data to give you RealScore - a model that intelligently scores the likelihood that any given install comes from a real person rather than a bot, malware or false attribution claim. RealScore depends on a variety of web and app signals to establish patterns of normal and fraudulent behavior, making it the first fraud detection product to leverage the full set of signals available on mobile.
Prerequisites
In order to view Fraud Analytics, you need to have completed the following:
Have sufficient access/permission rights for your Branch app.
View/Edit access to the Fraud Settings & Data permission.
Core Metrics
Core Metrics allow you to quickly analyze fraud detection performance.
Metric | Description |
|---|---|
% Blocked Installs | The percentage of blocked installs divided by installs. |
Click to Install % | The percentage of attributed installs divided by clicks. |
Install % Over 1d | The percentage of unblocked installs where the time from click to install was over 1 day - an indicator of click flooding. |
Install % Under 10s | The percentage of unblocked installs where the time from click to install was under 10 seconds - an indicator of click injection |
Fraud Report
In-Depth Fraud & Recommendations
Because Fraud Detection is very complex, visit our guide on understanding fraud and recommendations here.
The Fraud Report will measure the performance of your blocked events for specific fraud indicators. Branch recommends creating fraud rules to block erroneous attribution credit in real time.
Available Fraud Rules
Fraud Rule | Description |
|---|---|
Conversion Time | The time between the touch and the conversion is short. |
Click Injection | Events with suspicious touch to Play Store Install Begin times, indicative of Click Injection. |
Device Conflict | The device information on the touch and the conversion are different. |
Geo Conflict | The touch and the conversion occur in different countries. |
IP | Events coming from known TOR networks. |
Once Ever Capped | Events only occurring once per user. |
Persona Fraud | Browsers or devices with suspicious behavior based on Branch’s cross-platform Link Graph. |
Suspicious Device | Install from fake devices or emulators. |
Custom | Events matching your custom selection of fraud parameters. |
None | Do not show blocked events based on Fraud Rules. Branch automatically selects |
Key Fraud Indicators
Fraud Indicator | Description |
|---|---|
Fake Devices/Click Farms | Emulators and click farms generate clicks from suspicious IPs, as well as show abnormal behavior after installing. Check blocked clicks and your user value metrics in Ads Analytics to identify this fraud. |
Install Hijacking/Click Injection | When a new app is installed, other apps on the phone can sometimes detect the install, even before the first open. Fraudulent publishers may fire off a click when they detect an organic install, just before the app is opened. This can be identified by suspiciously low click to install times. |
Click Flooding | Publishers can generate millions of clicks with different device IDs in the hope that one of those users will install later. Generally the click and installs actions are disconnected, so you can expect to see long click to install times and a very low conversion rate. |
Ad Stacking | Publishers will sometimes put dozens of ads in one ad placement, causing high numbers of impressions and clicks, with low install rates. |
Device Reset | Device reset fraud is characterized by new devices from suspicious IPs. Keep an eye on your user value metrics and suspiciously high click to install rates. |
Click to Install (CTI) Time Chart
The Click to Install (CTI) Time is a great tool for comparing CTI time for specific ad networks broken out by OS. Here you'll be able to compare CTI time in:
seconds
minutes
hours
days