The anatomy of mobile ad fraud: Device Farms

Along with Bots, Device Farms are one of the oldest types of fraud. Device Farms are a physical location with a lot of devices on which fraudsters manually perform different actions: clicks, installs, registrations, views, impressions, etc. At Scalarr we classify this type of fraud in the Classic Fraud category.

Most anti-fraud solutions show too much information publicly and are easily reverse-engineered by fraudsters so they can emulate real users. Their Device Farms can fake post-install events up to 14, and even 30 days

Quick facts

1. In 2018 Device Farms were responsible for 5,8% of all fraud cases.

2. Android devices are more commonly used for Device Farms, as well as “Hybrid Farms” - when fraudsters use only the motherboards, not whole devices.

3. Device farms can have several thousand devices faking post-install events for as long as a month after each install.

The anatomy of mobile ad fraud: Device Farms

How Device Farms work

1. Fraudsters connect to several publishers, constantly monitor all available apps/games which need paid traffic sources, and target them for fraud.

2. Then they perform analysis to determine the expected KPI for good traffic quality.

3. Finally the device farm operator gets these parameters: how to download the targeted apps/games and what post-install events to perform afterward for each. More complex device farms use “matrices”, which automate operator work and perform the same actions across multiple devices simultaneously.

How to deal with Device Farms

More primitive Device Farms are identified by detecting numerous installs from one device, or by detecting numerous installs from several identical IP addresses. However, considering that each fraud farm has its own constantly evolving scripts and algorithms, successful detection requires detailed analysis of all data points for post-install events.

Read Scalarr’s Ultimate Guide to Mobile Fraud Types to understand more about dealing with Device Farms in all specific cases.