This is the tenth in a series of interviews with vendors combating the problem of ad fraud. Other companies participating in this series include Moat and Sizmek. Read previous interviews with comScore, DoubleVerify, Dstillery, Forensiq, Integral Ad Science, PubChecker, Telemetry, Videology and White Ops.
When Andy Fan founded Shanghai-based RTB Asia a couple of years ago, fraud detection wasn’t really on his mind. Today, RTB Asia provides the country’s only anti-fraud pre-bid solution.
“At the beginning, we were focused on audience segmentation, but we quickly realized the challenge – and opportunity – of programmatic in China,” Fan said.
The opportunity is this: In China, all ad exchanges, supply-side partners and private marketplaces furnish the full IP address along with each bid request. (This isn’t the case with other global exchanges, like Google, which hashes part of the IP address.)
With full IP addresses at their disposal, Fan and his team of 12 can categorize each unique number stream based on behavioral patterns. From there, they assign the address with a “humanness” score from 0 to 99. When an IP falls in the 0 to 49 range, the behavior associated with it is characterized as different from human behavior, and RTB Asia’s algorithm might suggest adjusting the price of the bid or scrapping it altogether. If the range is from 50 to 99, the traffic is considered to be normal and human.
As of now, RTB Asia has impressive coverage, with continually updating information about 99.98% of IP addresses in China. Current clients include SSP and DSP player AdChina and online marketing firm iClick, which is in the process of integrating with RTB Asia. China-based DSP Yoyi Media and Kuzai Technology, a company similar to Sizmek, which uses data to fuel dynamic creative, are both in the process of evaluating RTB Asia’s fraud solution.
“The entire fraud industry in China is emerging,” Fan said. “It’s our job to educate advertisers and DSPs that they don’t just have to read reports after the fact – they can detect and reject fake impressions.”
AdExchanger caught up with Fan.
ADEXCHANGER: How big of a problem is ad fraud in China?
ANDY FAN: If you read any public report, most email spam and fraudulent activity comes from China. It’s the main source. Ad fraud is a very serious problem here and there are challenges that exist here in China in particular than are not like other regions.
Programmatic accounts for around 10 billion impressions per day. According to our data and fraud analysis, about 15 to 20% of that is nonhuman.
What kind of fraud do you see most?
Fraud doesn’t necessarily just come from robots sitting in a data center. A large percentage actually comes from people running a very old version of Windows XP on their computers. These computers have been acting as malware hosts for a very long time, but it’s extremely difficult to shut them down because a big portion of Internet users in China still use Windows XP despite the fact that it’s already been retired by Microsoft.
The malware spams email and visits websites. Whenever a personal computer is turned on, bots are doing something in the background. They’re doing human activity mixed with nonhuman activity at the same time. Anytime one of those computers is in use, it becomes part of the fraud network.
What are the other particular challenges of battling ad fraud in China?
For one, the industry here doesn’t have a habit of taking action against fraud – but I’m not talking about a technology challenge. It’s more of a business habit or a state of mind.
There is also a lot of nonhuman traffic that isn't about generating impressions. A pretty sizable source comes from declared and undeclared search crawlers. There are many more search engines in China than in the US, where the search landscape is less fragmented. But crawlers, specifically, are becoming more sophisticated and they’re very fond of this kind of traffic in ad exchanges.
Also, a shocking number of people will voluntarily install a certain kind of traffic software on their computers to get more followers and make them look more popular on social networks. But once they install this software on their computer, it also engages in other activities they don’t know about, like becoming part of a bot network. There are more than one million installations in China and it’s becoming a big challenge for the advertising industry because it generates a confusing combination of human and non-human traffic on a single computer. There are even some very good, real conversions mixed in with the fraudulent traffic.
Human computers are continually participating unknowingly in advertising fraud.
How does your technology work?
We mostly do prevention by providing a pre-bidding solution for DSPs to reject possible bids that include non-human traffic. We have a real-time database that the bidding program can use to check the information in an RTB environment.
We give the DSP two options. One is to use a real-time server that sits in their bidding environment, handles the bid request and gives them a signal as to whether it’s good or bad. And there’s another way where we give them an API so they can pull their own data and use it to modify their bidding price or reject a bid.
How do you do your scoring?
We give the bidders two types of information for each bid request. One is the category of the IP address, which is part of our unique approach. The second piece of information we provide is something we call the human activity level. If it’s at zero, it’s clearly a bot or a crawler. If it’s over 60 or 70, then it’s at least close to being a real human. The maximum number is, of course, 99.
What is an IP category?
Exchanges in China provide the full IP address with every programmatically bought impression. By contrast, Google doesn’t give the full IP address; the last three numbers are removed. But because we have the full IP addresses in China, our technology can categorize exactly where they came from and give DSPs additional information about the source of their audience.
We can see if they came from a broadband connection at home, a data center or a fixed line connection like LAN. If an audience is coming from an address associated with a data center, for example, that’s immediately suspicious.
Seems like this information could also be used for cross-device targeting.
That is a possible byproduct of what we’re doing. We have the ability to identify when a phone switches from an outside network to a home network, like when you come home and switch to Wi-Fi. When that happens, we can provide that information to a mobile DSP. In a home ADSL [asymmetric digital subscriber line, a type of DSL broadband technology] environment, if a PC, iPad and phone all share the same IP address at a given time for a couple of hours, that data is helpful for targeting across screens.
China has a fragmented app store ecosystem. Does that play a part in ad fraud?
In China, it’s all about Android. Google Play has standards and rules for accepting and rejecting applications, so the quality is relatively high. But in China, there are quite a few Android markets, and the quality varies a lot. You can pretty much say that there are no rules around running ads in Android apps and no authority to regulate how your ads have to behave in your app.
The main source of advertising in apps is promoting other apps, and people are using all kinds of methods to manipulate the installations in a way similar to click fraud. One of the main problems with mobile ads is that real installations are mixed with incentivized traffic, and developers can’t tell the difference between an incentivized conversion and a real conversion. It also means that developers have unrealistic expectations of installation costs.
Are you noticing more ad fraud in mobile?
Mobile fraud is a rising issue and a special challenge. The more aggressive way of doing app installations is to use a big pool of fake Android IDs and proxy servers to generate the installation of apps. These IP addresses also come from the malware in Windows XP computers.
But to tackle fraud, you really need to look at both mobile and PC display for a complete picture of what’s happening. We see the most fraudulent activity happening on PCs right now. Mobile programmatic is still emerging in China.