Skip to main content

The app fraud no one is talking about

In any fast growing and competitive market there are pressures which can sometimes lead people to undertake controversial practices to gain an edge, or put simply, cheat to get ahead. The app promotion market is a prime example of these pressures in action.

The Fraud

Increasingly, bots that create fake click and install IDs have been deployed to boost apps "popularity". This is much more than simply mixing incentivised and non-incentivised traffic to grow volumes and lowers costs; it is clearly fraud.

It makes up one of a growing list of fraudulent practices that are infecting the app market but are seldom discussed. For example, in the case of Android, the open source code has been exploited to "steal" downloads.

By copying an Android app's open code and creating an APK file out of it, you can essentially "own" the whole code within the app including, crucially, the tracking code. This APK code can then be linked to a website to create a self-standing "app store", with real apps, detached from the real Google Play store. Fraudsters have recently taken this practice to the next level, now not only do they make money from downloads and in-app purchases, but also from hijacking the genuine marketing campaign for the app from an affiliate programme.

The Defense

The question is therefore: How can the developer community fight back and counter these fraudulent practices? The first step is to understand the risks involved when bringing an app to market. Beta testing, impressions requests and constructive feedback are all necessary parts of the development process. Unfortunately at any one of these stages someone can steal the idea, resources, theories or code that underpins the app. To minimise these risks, it is essential to only work with trusted media sources and partner with tracking services that offer transparency and can validate users and tracked installs (particularly between installs from tracking solution and the app store).

By shoring up development processes it will make it much more difficult for fraudsters to misappropriate proprietary app data. However, the history of fraud in any market can be characterised as an arms race. As people fight back, fraudsters become more sophisticated. To break this cycle, developers and companies need to discuss the fraudulent practices they have experienced openly and share their insights. Common knowledge and experience will help the developer community to counter fraudsters and predict practices that could emerge in the future.

At the moment, there is a reluctance to talk about fraud as a problem within the app development community. Until these practices are all out in the open and subjected to vigorous debate they will continue to thrive and developers, companies and users will lose out.

Shlomy Aviram is the director of mobile apps & social media at dmg DSNR media group (opens in new tab).