Mobile Ad Fraud Detection and Prevention

Fight back with the industry’s most trusted ad fraud prevention tools.

Mobile Ad Fraud is evolving. Are you protected?

Download our new fraud eBook



BY 2022

Mobile ad fraud is sophisticated and growing, with some research firms projecting an estimated $87 billion loss to global advertisers by 2022.(1) The Kochava Fraud Prevention suite offers advertisers comprehensive protection through advanced machine-learning algorithms that detect and prevent more fraud than any other tool on the market.

Our Anti-Fraud Toolbox

Meet the tools that make Kochava fraud prevention potent and comprehensive. Marketers employing the full complement of our anti-fraud capabilities can expect to save 15% or more on ad spend. Even enabling the most basic tools with minimal effort or customization will provide valuable results.

Activated at the flip-of-a-switch, the Kochava Global Fraud Blocklist protects your global campaigns at scale and in real-time. Learn More

Anomalous geo distributions between click & install – one of the many detection methods that inform Kochava’s machine learning algorithms.

click flooding

Go beyond one-size-fits-all solutions with customized fraud thresholding tailored to the needs of your brand. Learn More

New Kochava Fraud Console dashboard

Explore all fraudulent and suspicious traffic across your campaigns with this interactive, fraud analytics suite. Learn More

Kochava Traffic Verifier

Set advanced rules to guard and keep watch over your campaign traffic in real-time.  Learn More

No more unwanted surprises. Stay informed when fraudulent activity surfaces in your campaigns. Learn More

Credit Sesame logo

Credit Sesame protects their apps from SDK Spoofing with Kochava Fraud Prevention.

Learn More
Smartphone with a credit score interface

What is mobile ad fraud?

Mobile ad fraud is the theft of the cost-per-install (CPI) or cost-per-engagement (CPE) bounties that advertisers pay media  partners for driving conversions through a marketing campaign. Fraudsters intentionally bury this theft in code that is difficult to decipher and at small increments that can easily go unnoticed by advertisers. It is the volume of transactions in digital advertising that enables fraudsters to amass huge bounties for their efforts.

Fraud may be perpetrated through the manufacturing of fake ad impressions and/or clicks that steal attribution credit from the true driving force of the conversion: another paid or organic campaign. Often categorized as “attribution fraud,” commonly used tactics include: click flooding, click injection, and ad stacking.

In other cases, fraud takes the form of fake app installs or in-app engagements. SDK spoofing, bots, and in-app purchase fraud fall into this category. These are the most dangerous types of fraud, as brands are not just paying credit to the wrong partner, but paying out a bounty for a user and/or conversion that doesn’t exist.

Does mobile ad fraud impact me?

Unfortunately, the answer is yes. Whether you’re the user acquisition manager for a small new app, or the chief marketing officer (CMO) for a major brand—if you’re spending money on mobile ad campaigns, you are a victim of ad fraud, even if you don’t know it.

Without a preventive solution, mobile ad fraud artificially inflates performance, siphons off media spend from the ad partners delivering true value, and infects marketing data with false information – leading marketers to make poor strategic decisions.

How Kochava can help

Our mission is to educate and empower marketers in the battle against ad fraud. Since 2015, we’ve been pioneering new tools and advanced methodologies to beat fraudsters at their own ever-evolving game. 

The Kochava Fraud Prevention suite represents years of research and development involving data scientists, engineers and insight analysts. Analyzing trillions of data points across millions of campaigns for the world’s largest brands, we have built a comprehensive solution with a multi-layered defense that protects the two signal sources where fraud attempts to insert itself: user engagement signal and ad campaign signal.

If either of these signals is infected with fraud, the integrity of attribution is at stake, as are any decisions marketers make based on their attribution data. Therefore, each layer of defense detects and blocks fraud in advance of attribution processing, ensuring that only legitimate ad campaign signal and user engagement signal are considered for matching. 

Explore the layers of the Kochava Fraud Prevention engine. Click any pulsing icon to learn more.

App installs, sessions, and events are analyzed in real-time by Traffic Verifier. This layer protects against SDK spoofing, bot traffic, invalid app store receipts and other in-app fraud.
Impressions and clicks from all campaigns are analyzed in real-time by the Global Fraud Blocklist, Traffic Verifier and customized thresholds. This layer protects against click flooding, bot farm traffic, ad stacking and many other fraud tactics.
The final layer of defense prior to attribution. Traffic Verifier analyzes the relationship between the two signals prior to attribution, enforcing minimum-time-to-install (MTTI), Google UTM source matching, device language settings and more.
App installs, in-app events, website visits, and other user activity that originates from applications on connected devices.
Impression and click data originating from ad partners (networks, DSPs, etc.), which details the interaction of users with advertisements across campaigns and channels.

Fraud Tactics We Prevent

Our multilayered tools detect and prevent all prevalent and emerging fraud tactics.

Global Fraud Blocklist

Powered by advanced machine-learning and data-driven detection algorithms, the Kochava Global Fraud Blocklist is a dynamic curation of IP addresses, publisher IDs, and device IDs observed as repeat offenders of fraudulent activity. With over 10 billion unique devices measured and billions of transactions processed daily, Kochava can analyze global traffic at scale and rapidly identify fraudulent sources. 

Enable the Blocklist seamlessly across your entire account, or to specific apps and/or individual trackers to instantly analyze and protect your traffic across your campaigns. Traffic that violates the Blocklist is flagged for instant visibility in reporting and analytics, while also being disqualified from attribution to valid conversions. This real-time fraud prevention tool eliminates time-consuming chargeback negotiations for marketers and costly make-goods for networks.

Custom Thresholds & Blocklisting

As fraud grows in its sophistication, one-size-fits-all tools are incapable of offering adequate protection. Fraud tactics vary widely across app store verticals, device platforms and brand size, among other factors, requiring adaptable anti-fraud solutions that enable tailored defense strategies. 

Kochava offers customizable thresholding and account-level blocklisting that lets marketers decide their own rules and dynamic conditions for blocking fraudulent sources. Not only can marketers curate a personal blocklist of IP addresses, publisher IDs, and device IDs through our Fraud Console or programmatic fraud API, they can also establish custom thresholds for each of Kochava’s machine-learning fraud algorithms. For example, while one marketing brand may consider a click-to-install ratio of 500:1 acceptable, another team may tighten that to 50:1. Once a custom threshold is set, traffic sources that violate them are automatically disqualified from attribution to conversions. Only with Kochava do brands have this level of flexibility in calling their own shots in the battle against fraud. 

Need help refining your anti-fraud strategy and custom fraud thresholds? Our highly trained Client Success Managers and Client Analysts are available to help you maximize your protection. 

Fraud Console

The Kochava Fraud Console provides an interactive analytics dashboard for marketers to explore all fraudulent and suspicious traffic across any apps and campaigns within their account. 

Use the Fraud Summary to quickly zero in on the greatest offenders across distinct fraud tactics, including click flooding, click injection, ad stacking, and more. Dive into detail and export data to further investigate with your partners. 

New Kochava Fraud Console dashboard

With a single click, easily add unwanted sources to your own custom blocklist.

Obtain valuable insights on abnormal click-to-install ratios, high click volume by devices, and other trends to inform your custom fraud thresholds.

Traffic Verifier

Traffic Verifier was developed as the ultimate secret weapon for marketers. From configuring traffic rules that enforce the terms of insertion orders (IOs) with ad partners, to enhancing mitigation strategies to shield campaigns from fraud, Traffic Verifier enables marketers to set the rules that guard and keep watch over their campaigns in real time.

Enforce the terms of your IO:
Make sure you only pay conversion bounties for the traffic you contracted for. If your campaign is focused on a certain geographic area, set a rule that blocks impressions and clicks from outside areas. Or perhaps you’re targeting high-value users on the latest iPhone or Android phone models. Set a rule that verifies ad traffic only from those device models and disqualifies older phones. 

Select from the following Traffic Verification rules to help enforce your IO: 

  • Device Characteristics (including: OS, model, and language)
  • Precision Geo Placement (including: country, state, city, postal code and DMA)
  • Active Campaign Dates
  • and other criteria

Traffic that fails verification is disqualified from attribution and flagged for analysis in Kochava reporting and analytics. Setup alerts and reports to be delivered to your ad partner to quickly correct targeting mistakes.  

Enhance Fraud Mitigation:
Do you only want to attribute iOS installs that have verified install receipts from the App Store? Would you like to require your attributed Android installs to have a referrer click time from the Google Play Store? 

Traffic Verifier provides marketers with these options, plus the ability to: 

  • Set a minimum-time-to-install to combat click injection
  • Require a Google Referrer UTM Source Match on Android installs
  • Set frequency caps for impressions and clicks based on device ID, site ID, and/or IP address
  • Activate Click Authentication* with supporting media partners.

Activate Click Authentication with Support Partners:
Kochava click authentication enables verification that each click sent to Kochava for a partner’s campaign originated from their genuine ad servers. Only authenticated clicks are made eligible for attribution, protecting both the marketer and the ad partner from falling prey to fraudsters, who try to hijack click tracking links and repeatedly trigger the request even when no click takes place. 

Click Authentication is available with: 

Don’t see your ad partner, contact your Client Success Manager or for the complete list. 

Are you a network or DSP? Please contact


Protect against SDK Spoofing:

Traffic Verifier also includes install and event authentication, a powerful feature to block SDK spoofing attacks. This feature uses secure methodologies to validate that every user engagement data signal (app install, in-app event, etc.) genuinely originated from the Kochava SDK. Spoofed payloads are detected and blocked to maintain the integrity of user engagement data and prevent CPI or CPE payouts on entirely fake conversions. 

Install and event authentication is available for Kochava Clients using the Kochava SDK (versions Android 3.2.0, iOS 3.3.0​, Windows 3.0.1 versions or greater) and server-to-server integrations. 

Existing clients, please contact your Client Success Manager or for questions on updating your SDK to support this feature.

Fraud Alerts

Is a network violating the frequency capping threshold you set through Traffic Verifier? Has a sub-publisher just been blocked for click flooding? Kochava Alerting keeps marketers informed when their campaigns are being targeted by ad fraud. Know what Kochava is protecting you from and which ad partners are being flagged and blocked.

Independent Fraud Audit

Advertisers aren’t the only victims of ad fraud. Networks and agencies operating in good faith also have much to lose when fraud infiltrates campaigns. 

The Kochava Client Analytics and Data Science teams have completed hundreds of independent fraud audits for advertising brands, networks, agencies, and other parties. These audits put the full complement of Kochava’s fraud prevention tools to work analyzing relevant campaign data. Across the years, our team has uncovered large-scale operations that were defrauding advertisers of hundreds of thousands to millions of dollars. 

If you’re a brand, or work with one whom you believe is being defrauded, learn more about Kochava Fraud Audits and other premium consulting services.

Suggested Reading

Grant Simmons, Head of Client Analytics, Kochava

Grant is our resident mobile ad fraud expert. He leads an all-star team that helps brands analyze campaign performance, uncover fraud, and optimize for growth. Explore his in-depth content series on fraud.

Part 1: Detecting Fraud by Counting Clicks]
If marketers only focus on install rates, they’re missing the action behind the scenes. Fraudsters can employ a number of tactics to win attribution, resulting in an exorbitant number of clicks per install and wasted ad spend. Read More.

Part 2: Devices With High Click Volumes and Fraudulent Traffic
Devices that output a high number of clicks are likely the product of a bot or hijacked device. The fraud report for this tactic flags abnormally high click volumes, but marketers should also have their own baselines for acceptable volumes. Read More.

Part 3: The Fraud Behind Install Metrics
The time from click to install varies according to a campaign. However, abnormal patterns require further investigation. Differences in MTTI and TTI may show evidence of unwanted incentivized traffic or are indicative of poorer quality users. Read More.

Part 4: Ad Stacking
Ad stacking is a fraud technique where multiple ads are layered on top of each other in a single ad placement – with only the top ad being visible. If a user clicks on the visible ad, a click is registered for all ads in the stack. Read More.

Part 5: The Global Fraud Blocklist 
The Global Fraud Blocklist acts as a firewall for campaign traffic. It is a dynamic list comprised of known fraudulent device IDs, IP addresses and network/site IDs. These are entities that are repeat offenders of fraudulent activity or exceed established thresholds outside of normal activity. Read More.


On Medium:

Your attribution may be more wrong than right
Today’s marketer is data-driven. With significant ad spend dollars on the line, accuracy in the attribution data that links advertisements to in-app conversions is vital. Read More.

Having A Poor Signal Results In Poor Measurement
Why do you hire an attribution company? Sounds like a silly question: Why do advertisers pay for attribution? As a data analyst, I’d argue that the main reason is to get a handle on all the marketing efforts to make associations that weren’t previously available and to get a measure of user engagement. Read More.

Market Incentives That Drive Fraud: The Truth Behind Reach vs. Frequency
As the digital advertising ecosystem becomes educated on mobile ad fraud, it’s important to understand that fraud comes from a variety of different angles. The majority of fraud is actually a side effect of the way attribution is performed. It is, interestingly enough, directly correlated to the predominance of mobile app install ads being priced on a CPI basis. Read More.

Request a Demo

Required Fields*

Preferred method of contact:*