Ad fraud rate in SEA drops, but finance remains vulnerable

 

Once a hotbed for mobile ad fraud, the situation in Southeast Asia has improved significantly, with mobile ad fraud now dipping 50% in April to June this year compared to July to September last year. According to AppsFlyer's State of Mobile Ad Fraud 2020 report, South Korea now suffers from the highest rates of fraud (113%), more than double the global average, while the average fraud rate in Japan is nearly 10% lower. The report analysed 12.5k apps and 7.3 billion app installs in APAC from July 2019 to May this year, covering countries including Singapore, Indonesia and Vietnam. 

During the first half of 2020 (H1 2020), US$1.6 billion was exposed to app install fraud, a 30% drop compared to H1 2019. The average fraud rate in APAC during H1 2020 was 20.3%, 54% higher than the global rate. 

According to the report, financial exposure is the money that would have been lost to fraud had there been no protection. Finance is the most exposed vertical, with 40% of overall exposure amounting to US$630 million. The explanation lies within heavy investment in marketing financial institutions in APAC markets make. These are traditionally more exposed to ad fraud, and are responsible for US$945 million (nearly 60%) of financial exposure worldwide. When it comes to fraud, the report explained that payout and scale make this vertical particularly lucrative. Fraud in the finance industry for countries such as South Korea, Vietnam and Indonesia have exceeded 50%.

Vietnam, in particular, is currently experiencing the highest of fraud levels in the finance vertical, seeing a fluctuation in rates, with a growth to 64% by May 2020, in comparison to 62.3% in July 2019. Indonesia on the other hand, saw finance fraud rates fluctuate between 2019 and 2020. In July 2019, fraud rates were 55.9% but dropped to 38.2% by October 2019. These fraud rates seem to have risen by April 2020 to 63.3%, but by May of the same year started to decline to 61.2%. Fraudsters are attracted to this vertical because of the monetary nature of these apps, with significant scale and higher payouts, the report said.

appsflyer finance ad fraud

Meanwhile, relatively low fraud rates are seen among gaming genres globally. However, hardcore and social casino games in some APAC regions paint a different picture, with fraud rates in South Korea amounting to 44% for hardcore gaming and 61% for social casino gaming on a yearly average. In Vietnam, fraud rates for hardcore games were at 30% and leapt 10 times in social casino games between March to April this year. In Singapore, AppsFlyer's report noted that fraud in the hardcore gaming genre dropped drastically from 50.8% in July 2019 to 4.6% in May 2020.

Interestingly, verticals such as entertainment, casual games, midcore games, and shopping saw drops in the fraud rate across various markets during the first quarter of 2020 when most of APAC was under COVID-19 lockdown. Midcore gaming apps involve adventure, simulation, action, arcade and racing, while hardcore gaming apps comprise strategy, and role playing. 

Join us on a three-week journey at Digital Marketing Asia 2020 as we delve into the realm of digital transformation, data and analytics, and mobile and eCommerce from 10 to 26 November. Sign up for early bird tickets here!

Bots formed majority of fraudulent installs in APAC

Meanwhile, 64% of the overall fraudulent installs in APAC in H1 2020 were bots, especially targeting finance apps in Japan (87%) and social apps in Vietnam (91%). According to the report, device farms, such as bots, automate fake user activity and this method is deployed among gaming and non-gaming apps, but on a relatively smaller scale.

Click flooding, however, is more common among gaming genres such as casual in South Korea (75%) and hyper casual in Japan (86%), but it also shows up in non-gaming verticals such as shopping in India (47%) and social in Indonesia (33%).

Gaming apps are also unique in terms of the high share of install hijacking events. The reported added that this is not surprising given the depth and scale of mobile games, and the potential for fraudsters to target cost per action (CPA) payouts from real users who perform many post-install in-app events in gaming apps.

The average post-attribution fraud rate for APAC in H1 2020 is 18.4%. The report explained that post-attribution fraud catches fraud that cannot be blocked in real-time. This is an important layer of protection in APAC where rates can climb, as they have earlier in the year when they surpassed 25% in most markets in the region. During the first five months of 2020, the post-attribution fraud rate rose across this region, peaking at an average of 43% during February in Japan, South Korea, and Vietnam, followed by a drop in March when protection tools learned the new method and how to dismiss it. The rate rose again during May as new tactics were deployed and identified post-attribution.

Finance apps experienced higher than average rates of post-attribution fraud, especially in South Korea and Japan where numbers soared during January and February. Social apps in South Korea and particularity in Japan also suffered from high post-attribution rates. Shopping apps were heavily targeted as well, with high rates of fraud in Indonesia earlier in the year, and as of late in Vietnam.

Meanwhile, gaming apps are also at risk from post-attribution fraud in APAC, especially in Japan, where the average rate across genres this year reached almost 20%. Other sizable peaks were seen in Vietnam (social casino in January which surged beyond 60%), Singapore (hardcore in South Korea reached 25%), and Indonesia (midcore rates exceeded 35% earlier in the year).

Ultimately, all verticals, gaming and non-gaming alike, are a target of recurring, advanced fraud attacks that can only be identified using post-attribution detection. As these attacks can easily go undetected without this protection layer, heavy damage was prevented.

Fraudsters are looking beyond cost per install

AppsFlyer explained that a growing number of advertisers are adopting a pure performance CPA model that connects deeper funnel action to payment, eg. Level 10 passed, registration or purchase. The report debunks the long-standing notion that CPA campaigns play a part in fraud protection because deeper funnel activity is harder to hijack or mimic. Clearly, fraudsters have set their sights beyond CPI to include CPA rewards. And they do so mainly with gaming apps whose in-app fraud rate is double that of non-gaming apps. Despite low install fraud rates, gaming is a target of in-app fraud.

According to the report, down-funnel CPA payouts are extremely attractive to fraudsters for two main reasons - their high payout and the fact that they are harder to detect.

Payouts can be higher because of the higher user value connected to meaningful down funnel activity, while undetected fraudsters can deliver real or fake users who perform more in-app events.

This then leads to favouring these "quality" media sources who delivered "quality" users. The threat is doubled in APAC, according to the report which said that, the region suffers from the highest install fraud rates in the world. Hyper casual gaming apps have the highest ratio as a result of the many "level complete" events apps measured as they rely mostly on ad-revenue. However, these events are not tied to CPA revenue.

The numbers show that in APAC, entertainment apps are heavily targeted, with many recurring, subscription-based events that are attractive to bad actors. Hardcore games, casual games which also rely on in-app purchases alongside ad revenue, are also a lucrative target with several events tied to CPA, eg. Level 10 complete and purchase.

On the other hand, hopping apps are experiencing much better days this year, with a 30% decrease in exposure compared to H1 2019, or a total of US$260 million at risk. A jump in online shopping activity, and therefore in marketing, was mostly seen during COVID-19 lockdowns when brick and mortar stores and consumers went online, but existing fraud prevention tools were able to maintain protection and prevent higher exposure, the report added.

appsflyer in app install ad fraud

Ronen Mense, MD and president of AppsFlyer APAC, said despite a general downtrend of ad fraud in Southeast Asia, due to the market’s heightened awareness; Indonesia, Singapore and Vietnam saw a peak of ad fraud in March 2020. This is because COVID-19 forced many countries to implement strict lockdowns. With more people staying at home, the demand for mobile apps increased, leading to aggressive user acquisition activities.

"This saw a large number of fraudsters be drawn towards this activity, which was notably unsuccessful as seen in a drop of fraud levels in the following months. Indonesia experienced a 28% rate of fraud in March 2020, which dropped to 19% by May 2020, while Singapore levels declined from 35% in March 2020 to 20% in May 2020," Mense added.

Join us on a three-week journey at Digital Marketing Asia 2020 as we delve into the realm of digital transformation, data and analytics, and mobile and eCommerce from 10 to 26 November. Sign up for early bird tickets here!

Photo courtesy: 123RF

Related articles:
Southeast Asia a 'highly lucrative' target for mobile ad fraud, says AppsFlyer
"Ad fraud will always be a cat and mouse game if we don’t come together”
Infographic: Singapore hardest hit by mobile ad fraud in APAC