We have helped customers like Adcash prevent ad fraud by incorporating IP data into their ad performance metrics and fraud detection mechanisms. Advertising fraud, as an online scam, is quite unique, and many standard threat prevention practices will not work. However, IPinfo’s IP data suite can help you build systems that prevent ad fraud and design a better monetization framework.
Fundamental Idea of Ad Fraud
In this article, we are interested in the variant of ad fraud called “Click Fraud” or “PPC Fraud.” We will not explore malicious ads, fraud campaigns, cookie stuffing, domain spoofing, hidden ads, click hijacking, etc., in this post. However, you should be able to get an idea of how you can prevent them by reading this post. We are going to focus on how click fraud affects advertisement platforms and networks.
Imagine you are an advertising platform that places digital advertisements and website banners on various websites on behalf of your clients. The ads are hosted on different websites, and you pay these websites each time their visitors click on your digital banner. This process is called “Pay Per Click” (PPC), the clicks are referred to as "impressions”, and the websites that host these ads are called “affiliate websites”.
The affiliate website hosting your advertisement is intended to produce more clicks on your ad. Consider this: if a website generates thousands of clicks per day, from your perspective as the advertisement platform, you would imagine that the website is fantastic and generating a lot of revenue for your client. Moreover, you are not only paying for these clicks; you are also interested in raising their PPC rate because of the traffic.
So, what are the guardrails for that?
As an advertisement platform, you are getting paid by your clients to create and manage digital ads that attract people to visit the client’s website.
The dilemma here is that the website hosting your ads is incentivized to produce only clicks, and they can use bots and click farms to click on the ads you put there. These bots click on the ads, and you, as the advertisement platform, may assume this is genuine traffic these sites are bringing to your client’s website or service. As PPC payments are made fairly quickly (as frequently as daily), you could be paying for bot traffic that does not help your client at all.
Now, if your clients come back to say that the “people” who clicked on the advertisement and visited their site did not buy anything, and your clients ended up paying for your service for nothing, your reputation in the industry will take a massive hit.
That is where IP data comes into play as a fundamental guardrail against click fraud. IP data can not only prevent fraudulent clicks and identify click farms, but it can also help with dynamic pricing for ad clicks.
Identifying bots
To prevent fraud, the primary IP data you should explore is our IP to privacy detection data via the API service or data downloads. As advertisement platforms, the website ad usually goes through your servers before being redirected to your client’s websites. When the visitor goes through the server via the redirect URL, you will have access to their IP address. Then, you can simply look up the IP address from our data.
Bot / Hosting / Data Center / Cloud Provider IP address
curl ipinfo.io/136.175.28.225?token=$token | jq .privacy
{
"vpn": false,
"proxy": false,
"tor": false,
"relay": false,
"hosting": false,
"service": ""
}
VPN IP address
curl ipinfo.io/102.38.246.8?token=$token | jq .privacy
Response:
{
"vpn": true,
"proxy": false,
"tor": false,
"relay": false,
"hosting": false,
"service": "Hotspot Shield"
}
If the hosting flag is true, that means the IP address belongs to a hosting provider or is a data center IP address, which usually indicates a bot. A bot is designed to be hosted on a server that can mimic the behavior of a regular visitor visiting the affliate website and clicking on an ad.
We also tag VPN, proxy, Tor, and relay services in our IP to Privacy Detection data. We let our users choose which IP addresses they deem appropriate for their ad traffic. A VPN user can be a real human interested in your ads, but it can also be used to hide a bot’s real IP address.
As the advertising platform, you decide how you want to treat traffic based on IP address privacy detection metadata. You can also use the service field to identify certain VPN providers as genuine traffic. Some VPN services cost 10-20 dollars a month while some are free.
Identifying click farms
The privacy detection service is adequate to prevent the vast majority of PPC fraud. However, if you are interested in achieving near-absolute prevention of click fraud, you must consider click-to-earn services and clickfarms. Clickfarms and click-to-earn services do not usually use hosting IP addresses or data centers. They can use VPN IP addresses, but in most instances, they use carrier IP addresses.
Example of a full IPinfo API response:
curl ipinfo.io/103.60.XXX.XXX?token=$token
{
"ip": "103.60.XXX.XXX",
"hostname": "103.60.175-0.mazedanetworks.net",
"city": "Dhaka",
"region": "Dhaka Division",
"country": "BD",
"loc": "23.7104,90.4074",
"postal": "1000",
"timezone": "Asia/Dhaka",
"asn": {
"asn": "AS63996",
"name": "Mazeda Networks Limited",
"domain": "mazedanetworks.net",
"route": "103.60.XXX.XXX/24",
"type": "isp"
},
"company": {
"name": "Mazeda Networks Limited",
"domain": "mazedanetworks.net",
"type": "isp"
},
"carrier": {
"name": "Grameenphone",
"mcc": "470",
"mnc": "01"
},
"privacy": {
"vpn": false,
"proxy": false,
"tor": false,
"relay": false,
"hosting": false,
"service": ""
},
"abuse": {
"address": "Zaman Rose Garden, House # 123, Road 13/A, Flat B4 West Dhanmondi, Dhaka",
"country": "BD",
"email": "abuse@mazedanetworks.net",
"name": "ABUSE MNLBD",
"network": "103.60.XXX.XXX/24",
"phone": "+000000000"
},
"domains": {
"total": 0,
"domains": []
}
}
To prevent clickfarms and click-to-earn services, you need to create a model to identify click fraud based on IP data.
- IP to Geolocation Data: If your target audience is based in the United States but the vast majority of clicks on your ads come from outside the United States, that should be a cause for concern.
- IP to Carrier Detection Data: If a website exclusively contains carrier IP addresses, that should be concerning, as many click farms usually use mobile devices since as individual devices are assigned individual IP addresses, lower overhead, universal access, easy to use and carrier IPs churn easily. The majority of Click-to-earn service users consist of mobile users as well
- IP to Company Data: If a website receives a vast amount of traffic from the same ASN or the same internet organization, it could be concerning as a click farm may use the services of the same ISP for all their devices.
You have to look into your data and enrich it with our IP metadata to understand the context and behavior of visitors based on IP data. You can prevent IP addresses that meet certain IP metadata criteria or you can even set up a dynamic PPC rate. It is your decision.
So, that is how you prevent click fraud and ad fraud. We highly recommend checking out our IP metadata and analyzing the traffic and user behavior. If you are interested, send us a list of visitor IP addresses by clicking your ads. Our data experts can then share insights that could help you increase profits and build a good reputation within the digital marketing industry.