Detection strategy
Detection strategy is a set of filters the 24metrics use to define conversion fraud probability. You can select the needed strategy preset while creating an Anti-fraud rule.
There are four strategies:
Mobile CPI
Mobile CPA
LeadGen
eCommerce
Each of them contains a set of filters by 24metrics applied to the selected conversions. Here you can learn more about each filter.
⚠️ Affise doesn't define the filters set within a detection strategy. 24metrics do it on their side and check fraud via their advanced databases.
Mobile CPI
The best for mobile-app traffic (cost per install).
Filter name | Description |
Emulators and Bots | Detects and rejects traffic from non-human traffic sources by analyzing multiple data points, such as user agents, IP frequency, and more.
🔎 Blocking bot traffic is essential to prevent false attribution and click fraud. |
VPN/Proxy | Blocks clicks from VPNs, proxies, and residential VPNs. Configuration options can also include a threshold percentage, minimum click count, and look-back time upon request. |
Third Party Rejection | Identifies conversions marked as rejected by a third party. |
Duplicate IP | Duplicate IP occurs when multiple conversions for the same partner, affiliate, or product share the same IP within a set time frame.
🔎 Excessive repeats suggest fraud, indicating the same user generating multiple conversions. |
Sub ID Validity Check | Blocks clicks with invalid Sub IDs. |
Conversion Rate | Marks conversions above or below a defined Conversion Rate limit, measured in percentages and based on a minimum number of clicks and conversions. Conversions outside the defined range are marked as rejected. |
Old Devices | Detects traffic sources with an excessive number of devices.
High amounts of old devices can indicate fraud and lead to unprofitable campaigns. |
Click Spam | Click spam is a fraudulent tactic where organic conversions are stolen by flooding the attribution system with excessive clicks. This increases the chances of fake clicks matching real users, causing conversions to be wrongly attributed to the fraudster. |
Session Time | Blocks conversions below the minimum session time or above the maximum specified session time in seconds.
🔎 The session time is the time between the click and the install. |
Low Session Time Anomaly | Blocks conversions that exceed a defined percentage threshold for traffic with a short session time.
🔎 The session time is the time between the click and the install. |
Mobile CPA
The best for mobile-app traffic (cost per action).
Filter name | Description |
Emulators and Bots | Detects and rejects traffic from non-human traffic sources by analyzing multiple data points, such as user agents, IP frequency, and more.
🔎 Blocking bot traffic is essential to prevent false attribution and click fraud. |
VPN/Proxy | Blocks clicks from VPNs, proxies, and residential VPNs. Configuration options can also include a threshold percentage, minimum click count, and look-back time upon request. |
Third Party Rejection | Identifies conversions marked as rejected by a third party. |
Duplicate IP | Duplicate IP occurs when multiple conversions for the same partner, affiliate, or product share the same IP within a set time frame.
🔎 Excessive repeats suggest fraud, indicating the same user generating multiple conversions. |
Sub ID Validity Check | Blocks clicks with invalid Sub IDs. |
Old Devices | Detects traffic sources with an excessive number of devices. |
Referrer URL Patterns | The Referral URL shows the referring URL Network or the website of the affiliate.
A missing referral URL would be from Email Newsletters, Direct Type in. The filter flags every conversion with no referral URL or where the URL is empty. |
Click Spam | Click spam is a fraudulent tactic where organic conversions are stolen by flooding the attribution system with excessive clicks. This increases the chances of fake clicks matching real users, causing conversions to be wrongly attributed to the fraudster. |
Session Time | Blocks conversions below the minimum session time or above the maximum specified session time in seconds.
🔎 The session time is the time between the click and the install. |
Low Session Time Anomaly | Blocks conversions that exceed a defined percentage threshold for traffic with a short session time.
🔎 The session time is the time between the click and the install. |
LeadGen
The best setting for lead offers.
Filter name | Description |
Emulators and Bots | Detects and rejects traffic from non-human traffic sources by analyzing multiple data points, such as user agents, IP frequency, and more.
🔎 Blocking bot traffic is essential to prevent false attribution and click fraud. |
VPN/Proxy | Blocks clicks from VPNs, proxies, and residential VPNs. Configuration options can also include a threshold percentage, minimum click count, and look-back time upon request. |
Duplicate IP | Duplicate IP occurs when multiple conversions for the same partner, affiliate, or product share the same IP within a set time frame.
Excessive repeats suggest fraud, indicating the same user generating multiple conversions. |
Conversion Rate | Marks conversions above or below a defined Conversion Rate limit, measured in percentages and based on a minimum number of clicks and conversions. Conversions outside the defined range are marked as rejected. |
Old Devices | Detects traffic sources with an excessive number of devices. |
Referer URL Patterns | The Referral URL shows the referring URL Network or the website of the affiliate.
A missing referral URL would be from Email Newsletters, Direct Type in. The filter flags every conversion with no referral URL or where the URL is empty. |
Session Time | Blocks conversions below the minimum session time or above the maximum specified session time in seconds.
🔎 The session time is the time between the click and the install. |
Low Session Time Anomaly | Blocks conversions that exceed a defined percentage threshold for traffic with a short session time.
🔎 The session time is the time between the click and the install. |
eCommerce
The best setting for the eCommerce.
Filter name | Description |
Emulators and Bots | Detects and rejects traffic from non-human traffic sources by analyzing multiple data points, such as user agents, IP frequency, and more.
🔎 Blocking bot traffic is essential to prevent false attribution and click fraud. |
VPN/Proxy | Blocks clicks from VPNs, proxies, and residential VPNs. Configuration options can also include a threshold percentage, minimum click count, and look-back time upon request. |
Duplicate IP | Duplicate IP occurs when multiple conversions for the same partner, affiliate, or product share the same IP within a set time frame.
Excessive repeats suggest fraud, indicating the same user generating multiple conversions. |
Conversion Rate | Marks conversions above or below a defined Conversion Rate limit, measured in percentages and based on a minimum number of clicks and conversions. Conversions outside the defined range are marked as rejected. |
Old Devices | Detects traffic sources with an excessive number of devices. |
Click Spam | Click spam is a fraudulent tactic where organic conversions are stolen by flooding the attribution system with excessive clicks. This increases the chances of fake clicks matching real users, causing conversions to be wrongly attributed to the fraudster. |
Session Time | Blocks conversions below the minimum session time or above the maximum specified session time in seconds.
🔎 The session time is the time between the click and the install. |
Low Session Time Anomaly | Blocks conversions that exceed a defined percentage threshold for traffic with a short session time.
🔎 The session time is the time between the click and the install. |
Fraud probability
Fraud probability allows defining the conversions to be declined automatically according to the selected options (see below). You can select the needed strategy while creating an Anti-fraud rule.
24metrics calculates scores depending on which type of abnormality the system detected for each conversion. Each type has a certain number of points. As a result, every conversion has its score and the fraud probability. Here you can learn more about what every level means.
⚠️ Affise doesn't influence the scoring process and fraud probability determination and calculation. 24metrics perform it on their side.
There are four options:
No Risk: conversions always approved due to no identified risks.
Low Risk: approved by the system despite displaying certain patterns, which are not sufficient grounds for rejection.
Medium Risk: patterns exceed the threshold, prompting rejection flags.
High Risk: clear patterns indicating fraud, such as high amount of duplicate IP addresses, device IDs, or bot activity.
Please contact the Affise Customer Support team regarding all raised questions via the e-mail: [email protected].