Mobile content fraud: How to recognize and fight it in mVAS and DCB

Direct Carrier Billing (DCB) offers you to subscribe to a service with money on your mobile phone account instead of using a credit card or any other traditional payment method. Some people prefer to keep their personal card details private, and this is where DCB enters the scene. The likes of Apple, Spotify, and Amazon opted for this payment method in specific regions.

Since mVAS deals with DCB transactions, there is always a risk that someone will try to take advantage of the financial flow. Fraudsters aim at each part of the mVAS ecosystem, from end-users to content providers and MNOs (mobile network operators or carriers.)

In general, there are two types of fraud: advertising fraud, when attackers earn payouts with fake clicks generated by dedicated software, and DCB fraud, connected to the payment method itself and targeted at end-users and carriers. We’ll get into details on fraud types in the article section of the same name.

This text explains the importance of fighting fraud in the mVAS vertical and how to combat deceitful schemes. As a nice bonus, it includes interviews with anti-fraud companies that deal with scammers in mobile content so that you can receive honest firsthand opinions.

Why is fraud hurtful for both advertisers and publishers?

Fraud harms the whole mobile content ecosystem, from advertisers to publishers. If an advertiser receives fraudulent traffic, their offers don’t pay off, and they lose money. Consequently, affiliate programs might suffer, so there will be rate cuts and payout problems, directly influencing affiliate marketers and webmasters. 

As a result, an advertiser might think about preventing the situations when they receive fraudulent traffic. For instance, they will include an anti-fraud system in the workflow. Anti-fraud systems cost money, so the rate for affiliates will drop.

This means that unscrupulous affiliate marketers who run fraudulent traffic will suffer from their own actions and decisions. 

Apart from them, conscientious affiliates will suffer too. To attract decent media buyers, affiliate networks spend real money on marketing. When an advertiser and affiliate network suffer, they decrease the rate, making good affiliates suffer in turn. This leads to worsening traffic, so the rate drops again, and a great offer is just wasted.

Fraud types in the Mobile content niche

As we’ve mentioned in the introduction of our article, mobile content fraud is divided into two general categories: advertising fraud and DCB fraud. Let’s talk about each type in detail.

Advertising fraud

In this type of fraud, fraudsters act like publishers or regular affiliate marketers but generate fake clicks. An advertiser thinks there are real users behind the clicks and pays a ‘publisher,’ meaning they lose money for nothing. 

Subcategories of advertising fraud include:

• Click-spamming, or click-flooding: This is when fraudsters generate a large number of clicks with the help of dedicated software.
• Click-injection: This type of fraud is connected to intercepting a user’s click. Scammers use an app to identify when a user installs another app and trigger clicks right before the install is fully completed.
• Device farms: Here, the fraudsters use tons of devices that create repeated actions such as registrations and installs, so an advertiser thinks there is some actual activity, but there isn’t.

DCB fraud

With DCB fraud, scammers primarily aim at end-users. Fraudsters trick users into unwanted payments by manipulating or using dedicated software. Manipulations relate to social engineering fraud, while software usage is technical fraud.

Social engineering fraud

Social engineering fraud is simply the deception or manipulation of information a user receives. Fraudsters use misleading information to fool people, which cannot be controlled with technical means.

Examples include misinformation when a user receives misleading information and purchases something they otherwise wouldn’t buy if they knew the correct information. There might be a misleading call-to-action that says «Play now» and triggers a payment once clicked (1 click flow.) 

Some deliberately fake ads such as «You have won X sum of money» lead to additional steps and undesired purchases, which is a misleading incentive.

Another subtype of social engineering fraud is trust manipulation, when scammers use a logo of a famous brand or an identity of a prominent person to trick a user into an unwanted purchase.

Technical DCB fraud

When it comes to technical DCB fraud, scammers intercept a user’s phone to start a subscription that a person is unaware of. Some types of technical fraud include:

• Malicious app fraud: Fraudsters make a user believe they have downloaded a real app, and when downloaded, the malicious app takes a user’s money without them knowing.
• Code injection: This is when a user clicks on a link that contains malware, and the dedicated code makes the device make a payment.
• Clickjacking: Fraudsters intercept a user’s click: when a person clicks somewhere on a page, it redirects them to a page segment that creates an unwanted payment.
• Spoofing: Scammers try to control a SIM card or a user’s identity to set up undesired subscriptions.

Best practices to fight mobile content fraud

How to mitigate the mVAS fraud? Here are some ideas that might help:

1. You should always check your traffic sources. Be attentive to traffic you receive, as your partners might not have cleaned it.
2. Appoint a person from your team as an anti-fraud manager. Make sure your company has a detailed anti-fraud strategy.
3. Audit the risks by checking out problematic GEOs, billing flows, and traffic sources.
4. Work with independent anti-fraud companies as they can help you grow. Anti-fraud specialists will share their expertise to make your company’s workflow smoother.
5. Set up strict rules and block any partner that brings in fraudulent traffic.
6. Prevent fraud before it occurs, and don’t panic when it does, as there is always a chance it might happen to you.

Q&A with our anti-fraud partners 

It’s hard to underestimate the importance of fighting fraud. Golden Goose has anti-fraud solutions in our platform’s interface that are constantly upgraded and improved. What’s more, GG has an anti-fraud department that mitigates such cases.

We’ve reached out to GG’s Head of the anti-fraud department Artem Berdiev for his opinion on the most relevant questions that come to mind concerning the topic. We also asked our friends and partners in anti-fraud companies to share their thoughts since they understand the specifics of the mobile content market.

• What makes fraud in mVAS different from fraud in other niches? Are there any specifics in mobile content fraud? Is it easier or harder to fight fraud in mVAS than in other niches?

Evina’s Lilit Melikyan: The mVAS market, being a highly efficient market with optimized billing flows, attracts the most sophisticated cybercriminals. For this reason, it requires equally sophisticated high technology that is continuously kept up-to-date in real-time to protect mVAS payments. This is the price to pay for such an amazing payment system with the high conversion rates it offers.

What sets mobile content fraud apart is the specific business model of cybercriminals based on the theft of advertising money. Oftentimes, users download an app that contains malware (of which they are unaware), and via this malware, cybercriminals take control of the mobile device. A cybercriminal clicks on an ad hosted on its fake, fraudulent website, completes a subscription to a service using the user’s money and receives a commission on the transaction amount made via his website. All this is done without the user’s consent or knowledge.

MCP’s Riccardo Vallaro: mVAS has always been an easy entry point for fraud due to the shorter payment cycles or factoring, a focus on CPA, and little to no compliance in the form of anti-fraud or Compliance Monitoring. This has started to change with most Mobile Operators and Aggregators either enforcing anti-fraud solutions or implementing their own. Compared to other industries, I think it can be managed far more practically, as payment is always controlled by the Mobile Operator. Thus, the more logic Mobile Operators build around preventing mVAS fraud, the easier it is to manage. 

Empello’s Jeremy Flynn: The majority of this type of digital fraud scams advertising with high levels of fraudulent traffic remunerated by CPC clicks. VAS fraud targets the CPA model, with a relatively small amount of clicks but high fraud revenue per click. Be it advertising fraud or payment page fraud, the behaviors are very different from mainstream digital fraud, and VAS anti-fraud solutions are unique.

GG’s Artem Berdiev: The difference in fraud lies within the specifics of a niche, and the billing flows it’s connected to. In mVAS fraud, auto subscriptions are an example of something not present in other verticals. 

• Who is the main victim of mobile content fraud: MNOs, advertisers, or end-users?

Evina’s Lilit Melikyan: Although it starts with the user, everyone is a victim of mobile content fraud. We have a user who has been tricked and whose consent and money have been stolen. This user will first complain to the mobile operator that provided the bill that included the unwanted service. As fraudulent transactions increase, complaint rates increase for the MNO, which then entails bad buzz, increased complaint management costs, and decreased revenue.

The merchant/advertiser will also see its complaint rate increase and eventually in user churn, followed by a decrease in revenue. The merchant will also run the risk of having their service cut off by the MNO or having less efficient billing flows imposed on them.

MCP’s Riccardo Vallaro: This feels like a loaded question since no one wins from mVAS fraud, but if I had to point to the biggest loser (besides the consumer, of course), I would say it’s a tie between the Mobile Operator (Carrier) and the Content Service Provider. The reputational harm to the industry and the brand is really hard to overcome. Yes, carriers can say they are implementing solutions, but the damage is already done. It can take a brand a long time to overcome the negative perception of their services being associated with mVAS Fraud.

Empello’s Jeremy Flynn: On the face of it, the consumer is the victim who has money fraudulently taken from their phone accounts. However, this misses the point that the MNO has all the costs of investigating and processing consumer refunds because consumers expect their operator to help them out. Also, the advertiser will suffer if the defrauded consumer unsubscribes after two weeks and their CPA is on the basis of four weeks of subscription revenue.

GG’s Artem Berdiev: Fraud is a problem for each market member. In general, the situation develops this way: an advertiser loses money, and as a measure, it influences the payment for traffic and its quality, so the rates drop, and everyone gets less revenue.

• Which type of fraud in mVAS is the hardest to fight?

Evina’s Lilit Melikyan: The most difficult to combat is undoubtedly technical fraud as opposed to manipulation. Technical fraud is when malware takes control of a user’s phone. With this technique, cybercriminals can do things like reading SMS confirmations and bypass compliance rules. These attempts happen so quickly and quietly that only with a very accurate and advanced cybersecurity solution can the market fight them. 

MCP’s Riccardo Vallaro: Fraud is fraud no matter which way you look at it, and companies spend a lot of money mitigating both types, advertising fraud and DCB (payment) fraud. MCP is focused on fighting these types of fraud with our relevant products, MCP Scanner Compliance for Ad Fraud and MCP Shield for DCB Payment Fraud.

GG’s Artem Berdiev: I think auto subscriptions are the hardest thing to fight in mvAS fraud. For example, dedicated apps are created with access to SMS and phone calls and the ability to subscribe a user to something without them knowing. Such techniques are hard to track.

• Among the different players in the mobile content ecosystem, who’s your most typical client? MNOs, advertisers?

Evina’s Lilit Melikyan: Evina protects all players along the mobile payment chain: the merchant who advertises and sells its services, the mobile operator who offers carrier billing to users, the payment aggregator who processes the payment, and the vulnerable user.  

To protect the user, all mobile players need to be thoroughly protected, as it only takes one weak link for cybercriminals to easily steal. This is why we equally protect all of the above-mentioned players. 

MCP’s Riccardo Vallaro: MCP works with Partners all through the value chain, from Mobile Operators, Aggregators to content providers. We are also working with other key partners in the value chain to ensure traffic from the source is protected all the way through to the payment pages.

Empello’s Jeremy Flynn: MNOs, payment aggregators, advertisers/merchants.

GG’s Artem Berdiev: Since I’m not a part of an independent anti-fraud company, I can only share my thoughts on who needs an anti-fraud system the most, a carrier (MNO) or an advertiser (a provider service.) Sure, each market player needs anti-fraud solutions, but a carrier is the most dominant participant in the chain. MNOs define the market’s “sensitivity level” on how services are promoted. Besides the direct and obvious deceitful schemes, there is indirect fraud. Some carriers and GEOs allow aggressive marketing, while others consider this a violation of rules.

— What are your thoughts on the partnership with Golden Goose?

Evina’s Lilit Melikyan: As David Lotfi, CEO of Evina, mentioned, it is precisely by working with responsible players like Golden Goose that we are able to create a more secure and prosperous mobile ecosystem. Evina and Golden Goose are two like-minded players with the same goal: to secure all mobile players in the mobile payments market. This makes for a great and smooth strategic partnership.  

MCP’s Riccardo Vallaro: MCP values our GG relationship and their approach to working with anti-fraud platform providers in the industry. It is imperative for a business to take ownership of their channels and traffic, and from the discussions MCP has had with GG over the years, we can see they are taking the lead in ensuring better compliance and blocking malicious activity, thus preventing unwanted DCB payment fraud and pushing to a sustainable business with good traffic.

GG’s Artem Berdiev: Again, it’s a question for our partners, but I can also comment on our partnership. As a head of an in-house anti-fraud department, it’s crucial for me to find an approach to collaboration with prominent anti-fraud market players. We’re sure that being open to the market is a must. We’re building our own ecosystem, DCB HUB, which must be comfortable and efficient for each participant, and anti-fraud solutions are an integral part of the system.