What is mobile ad fraud? Taking lessons from Uber’s lawsuits

In July, Uber filed a cross complaint against a Phunware, an app development and marketing agency. The genesis of the case isn’t publicly available, but it apparently relates to a suit originally filed against Uber by Phunware for non-payment and is generally related to Uber’s lawsuit against several ad networks that were being used to acquire traffic by Uber’s agency, Fetch.

This separate case is scandalous reading, especially all of the text in blue, which was recently un-redacted. What’s perhaps most interesting about the content of the suit is the way in which it pulls the curtain back on mobile ad fraud and how Uber alleges it was committed.

To attend any mobile ad tech conference, one would believe that ad fraud is a lingering, ubiquitous, atmospheric force impacting every single mobile advertiser, like an inescapable corrosive fog that gnaws at the performance of advertising campaigns. Every mobile attribution company and many more standalone fraud prevention companies have staked their futures on this narrative: the commodity business of ad attribution is in the grip of a race to the bottom with respect to price, and so ad attribution companies have constructed a nightmare storyline around fraud that seeks to build new revenue streams out of fear.

But the Uber lawsuits make clear that mobile ad fraud really takes the human form of greed and mendacity: just like most murder victims knew their killers, the allegations in these Uber lawsuits would suggest that fraud happens when unscrupulous vendors exploit the trust of a partner that isn’t exercising a minimal level of oversight on the campaigns that are being operated on its behalf.

From the Phunware cross complaint:

Click flooding (more commonly known as click spamming) is actually fairly easy to detect, even when an advertiser isn’t specifically looking for it: it is generally given away by long-tail TTI (Time To Install) distributions or a very high MTTI (Mean Time To Install), as well as just generally bad click-through rates. When an advertiser investigates these campaigns, they tend to get turned off, even if fraud isn’t suspected: poorly performing campaigns shouldn’t get funded.

Again, from the complaint:

Uber alleges that its ads were being displayed in pornographic websites but those impressions were being reported as having come from other apps, primarily games:

There are a few things about this that I find curious:

  1. Were those sites (Temple Run 2, Sonic Dash, etc.) absent from traffic reports from other networks? If not, then surely their performance was markedly different between networks, which should have at the very least catalyzed an investigation (“Why is Temple Run 2 performing so much differently on Network A than Network B?”). At that point, any suspected fraud almost certainly would have been discovered;
  2. Was no one at Uber looking for their own ads in these apps? Looking for one’s own ads is a fairly common validation technique; it would have taken someone from Uber’s marketing team 30 minutes to confirm or deny its ads were being run by Phunware in Temple Run 2;
  3. Traffic from pornographic mobile websites is almost universally terrible. Even if it wasn’t uncovered that Temple Run 2 traffic was actually coming from pornography websites, these alleged falsified sites would have underperformed and thus been continuously blacklisted until there were no more sites to falsify.

From the complaint:

This passage seems like the crux of the problem: Uber was being serviced by a constellation of subcontractors, all of which — Uber asserts — knew its oversight weaknesses and allegedly exploited them to the fullest.

The sheer volume of Uber’s spend should have dictated that it be managed in-house, but Uber’s aggressive growth goals and focus on staffing soft growth teams, which are mainly concerned with retentive mechanics that don’t overlap with the acquisition funnel, meant that tens of millions of dollars of spend were diverted to agencies. Many companies face a similar dilemma: they need to grow quickly after raising large sums of money but their CMOs are either too focused on soft growth tactics or simply can’t staff teams fast enough to facilitate their growth goals. And the real tragedy of this whole alleged fraud is that, once Uber’s contract with Fetch was terminated, organic installs increased by almost the same volume that paid installs decreased: it appears, by Uber’s accounting of the situation, that very few legitimate paid installs were being generated over the life of its relationship with its agency.

The entire document linked above is worth reading, but the main takeaway of it (and the court filing from its other ongoing lawsuit with traffic providers) to me is that the fraud that Uber alleges it fell victim to was not a low-level of imperceptible, technically-ingenious illicit activity perpetrated by a distributed web of con artists who can’t be traced. The fraud alleged in this case was perpetrated by trusted vendors that weren’t, for whatever reason, held accountable for performance.

No vendor can sell a solution to a lack of analytics or basic oversight: it’s not a dark fog that can be illuminated with a technological tool. The solution to mobile advertising fraud generally is more transparency, more analytics, more accountability, higher performance standards, more analysts and quantitative marketers, and a more aggressive focus on the audited performance metrics that should have headlined every single report that these vendors submitted to Uber.

Disclosure, August 28, 2019: The author of this piece does not now and has never owned shares, warrants related to shares, or options related to shares in Phunware. The author owned shares in Uber at one point but no longer does, and the author did not own shares, warrants related to shares, or options related to shares in Uber at the time the article was published.

Photo by Pepi Stojanovski on Unsplash