FIELD OF THE INVENTION:

The present invention relates to a method to verify mobile advertising and detect fraudulent transactions made repeatedly by a fake user using bots, emulators and simulators.

BACKGROUND OF THE INVENTION:

Many mobile phone-based applications are launched in the market to take advantage of the mobile and digital penetration across the world. To ensure business viability, application developers need to reach out to as many consumers as possible, enabling them to become their customers. To achieve this, many application developers work with advertising networks to promote their application to as many people as possible. For this, application developers work with different networks, publishers and affiliates to promote applications. This can be on different models like CPM, CPC, CPV, CPI, CPR, CPS to quote a few.

Technology of mobile device simulation has progressed to enable easy simulation of dummy devices to enable application developers to test and verify their program. This simulation software is easily available on the internet. Simulators are replica of mobile devices which simulate the device for an app. Many simulators are available online (egBluestacks) which can be installed on any standard computers and used to create fake mobile devices. On these devices, apps can be installed easily. These simulators allow fraudulent activity of continuously installing thousands of apps in a continuous fashion with the aim to fool the advertiser into believing that the app is being installed on multiple devices

Many publishers and affiliates take the simulators available and run fake application installs on these fake simulated devices. Since simulation software allows complete customization of the different identification parameters, it is difficult for anyone to detect that this is not a fake simulated device. Typical parameters modified are device IDs like Google Advertising ID, IDFA, IMEI address, MAC ID apart from Make and Model of the device.

This results in application developers to pay for fake and fraudulent advertising which is presented to fake and virtual devices and consumers which do not generate any value for the application developers. Since all identifiers of a valid device are based on the device itself, there is only limited means of detection which can be done by application developers to uniquely identify and detect fraudulent advertising.

The current conventional method of detecting fraudulent installs revolves around two categories. First by detecting clicks which initiate app installs and using it to understand install patterns using heuristics analysis, under this method, when a user clicks on an advertisement for an app, the information from the device browser used to intiate the click is collected. This is then used to heuristically understand signatures of app installs being done. This method suffers from the problem of being heuristic in nature and can only indicate potential fraud. Also, it requires many transactions to form a pattern which can then be used for analytics. This means that the fraudulent activity is generally possible. Also, since the information collected from the clicks are from the device itself, the same is easily forged and changed, making this solution easily bypassed.

Secondly by using different thumbrules to detect fake devices by pulling certain information from the device, under this solution, advertisers use certain information from the device to identify duplicate and fake devices. This is information about the device which is used to detect abnormal devices. This solution offers better detection than the first option, but still picks information from the device itself. This again allows it to be easily detected and bypassed.

Therefore, it would be advantageous to develop a method which could check the fraudulent advertising of mobile application. In addition, it would be advantageous to develop a method which could determine the real mobile device and simulators. In addition, it would be advantageous to develop a method which could detect genuine mobile application installation.

SUMMARY

The following presents a simplified summary of the disclosure in order to provide a basic understanding to the reader. This summary is not an extensive overview of the disclosure and it does not identify key/critical elements of the invention or delineate the scope of the invention. Its sole purpose is to present some concepts disclosed herein in a simplified form as a prelude to the more detailed description that is presented later.

A more complete appreciation of the present invention and the scope thereof can be obtained from the accompanying drawings which are briefly summarized below and the following detailed description of the presently preferred embodiments.

The embodiment of the present invention contemplates to a method of detecting fraudulent advertising used by networks and publishers during mobile devices based advertising.

Another embodiment of the invention contemplates to a method using new identifiers and information from the mobile network operator which allows an unhackable and consistent source of validating a device for fakes.

Another embodiment of the invention contemplates to a method involving installing of mobile application on user device, followed by triggering of mobile network of the user’s device after which identification of the user SIM card residing in the mobile by the mobile network operator by verifying the MSISDN number of the SIM card.

Yet another embodiment of the invention contemplates to a method of collecting information from the mobile operator of the device as well as from the mobile application by a platform, the platform then calculate the risk score.

Yet another embodiment of the invention contemplates to a method wherein platform calculates the risk score, which is in the range of 100 to 0, from the information collected from the mobile operator and the mobile application, score 100 implies that installation is definitely fraudulent whereas score of 0 implies that installation is definitely genuine.

The details of one or more embodiments of the invention are set forth in the accompanying drawings and the description below. Other features, objects, and advantages of the invention will be apparent from the description.

BRIEF DESCRIPTION OF THE DRAWINGS

Other objects and advantages of the present invention will become apparent to those skilled in the art upon reading the following detailed description of the preferred embodiments, inconjunction with the accompanying drawings, wherein like reference numerals have been used to designate like elements, and wherein:

Fig. 1 illustrates overall advertising ecosystem in accordance with an exemplary embodiment of the present disclosure;

Fig. 2 illustrates the structure of a mobile device in accordance with an exemplary embodiment of the present disclosure;

Fig. 3 illustrates the overall structure of validating mobile network in accordance with an exemplary embodiment of the present disclosure;

Fig. 4 illustrates the overall structure of validating advertising process in accordance with an exemplary embodiment of the present disclosure;

DETAILED DESCRIPTION
It is to be understood that the present disclosure is not limited in its application to the details of construction and the arrangement of components set forth in the following description or illustrated in the drawings. The present disclosure is capable of other embodiments and of being practiced or of being carried out in various ways. Also, it is to be understood that the phraseology and terminology used herein is for the purpose of description and should not be regarded as limiting.
The use of “including”, “comprising” or “having” and variations thereof herein is meant to encompass the items listed thereafter and equivalents thereof as well as additional items. The terms “a” and “an” herein do not denote a limitation of quantity, but rather denote the presence of at least one of the referenced item. Further, the use of terms “first”, “second”, and “third”, and the like, herein do not denote any order, quantity, or importance, but rather are used to distinguish one element from another.

Referring to Fig. 1 Mobile Device (Handset or tablet etc) can also be a simulator which emulates a mobile device operating system. App is the mobile application which app developer has made and is spending money for advertising. Attribution SDK is used to identify the unique install and the publisher which is responsible for the app to be installed on this device. Attribution Platform is the platform which app developer uses to identify the publisher which carried out the install. App developer is also an advertiser. He spends money to promote the app in the market to get new users.

Referring to Fig. 2, is provided component of Normal Mobile Device which comprise of applications, operating system and hardware. Hacked Mobile Device comprise of applications, Android Frameworks (eg xPosed Framework), Operating system (eg Android) Rooted and hardware. Simulated Mobile Device comprise of applications, Android Simulator (eg Bluestacks), Any standard computer OS (eg Windows) and Any standard computer Hardware.

Referring to Fig. 3, is provided Key elements of invention, Fraud Detection SDK, which detects the SIM card information of the mobile device and triggers mobile network to identify the user ID. The mobile network used by the mobile device. The SIM card in the mobile device identifies the mobile network which also identifies the user. The Fraud Detection platform (Optional) Provides information of the fraudulent transactions to app developer for further action (eg blocking of payments etc) and can be merged with Attribution platform.

Referring to Fig. 4, the process for verification of a new app install begins from the app being installed on a device. The app when installed and opened for the first time triggers the process of verification by invoking the fraud detection SDK. The SDK when triggers try to collect information of the device. These information pieces help in validating the accuracy and sanity of the device as expected from a normal genuine device. Some examples of information collected is :
1. IMSI of the user (this is the SIM card identifier of the user)
2. IMEI of the device (each device is allocated a unique 15 digit number which identifies the device)
3. Advertising ID (this is provided by the operating system providers like Google / Apple and uniquely identifies a user
4. General device information like: user agent, make/Model of the device, mobile operator of the device, network type (Wifi or Mobile data)

If the SDK identifies that the user is on Mobile data, it identifies the mobile operator and triggers the mobile operator with a unique transactionID allocated for identifying this particular transaction. The mobile network receives this request and identifies the MSISDN (mobile number of the user behind this request) and passes a unique user identifying this user with the same transactionID to the backend server

Finally, the SDK triggers the Backend server with all the information collected from the device and also the transactionID shared with the mobile network. The mobile network triggers directly a pre-defined API interface of the backend server with the information of the user as well as the transactionID to allow the backend server to link this with the data given by the SDK

The backend server consolidates the SDK data as well as data received from the mobile network and runs it through a rule engine where data sanity and validation checks are executed on each field of the transaction. If any rule is violated, a risk score is attached to that transaction which keeps increasing as more and more rules are violated. Finally a Risk Score is generated for that transaction which confirms if the transaction is genuine or fraudulent. This information is finally shared with the advertiser (and optionally the attribution platform) for further action.

In another embodiment of the invention is provided a method of using advanced detection method which provides a unique and unfakeable identifier for application developers to use for identifying fraudulent and repetitive application installations. When an application is installed on a user device, the Mobile network used by the customer is triggered. The mobile operator of the subscriber identifies the user using the unique identity of the SIM card residing on the mobile device. This SIM card is uniquely linked with the subscriber’s Mobile Station International Subscriber Directory Number (MSISDN) number which is stored in the mobile operator’s network. This number does not reside on the mobile device and hence cannot be faked. This mobile number is retrieved from the mobile network and used to identify the mobile device the user is using for installing the application. The method used ensures the following :
- The MSISDN is not shared externally in a usable format to protect the user’s privacy
- The trigger to mobile network of the customer is done silently at the background, ensuring there is no impact on customer’s user experience
- The method used to trigger mobile operator and the backend server in a realtime format ensuring detection of the fraudsters in realtime
- The method ensures that the user maybe travelling or roaming into another mobile operator network, but is still able to identify the user
Even in case a user is installing the application using the wifi, the mobile operator can be used for detecting the user’s mobile number (MSISDN).
In another embodiment of the invention is to use the network identifier (MSISDN) and the SIM card identifier (IMSI) for detecting duplicate transactions in the digital world. In case the same user is repeatedly trying to access a service

In another embodiment of the invention, there is a platform which is used to collect information from the mobile operator as well as from the application. This platform is used to collect information from the application and the mobile operator to understand whether a user is installing the application fraudulently or repitively. The platform calculates a ‘risk score’ which gives a level of risk associated with that transaction. A risk score of 100% means that this transaction is definitely fraudulent. A risk score of 0% means that this transaction is definitely safe. A risk score in between gives a range of confidence which that transaction provides.
In addition, the platform checks further the identity of the device using the IMEI number provided. The IMEI number comprises of the TAC code (the first 8 digits of the IMEI number). The TAC codes globally are registered by handset manufacturers with GSMA. Each TAC code uniquely corresponds to a device make and model to which it is registered with. The platform checks the make and model of a TAC code (received from the device) with the make and model provided by the application from the device. In case these do not match, there is a possibility of the device being fraudulent.

In another embodiment of the invention, there is provided software. This software comprises of 2 components: One part is embedded within the application software. The second component is embedded on the platform.
The part embedded in the application is designed to implement the methodology provided in the first part of this invention. Key characteristics are:
- Small in size to ensure application developers are not providing a large application for download to their customers
- Silent and works in the background to ensure there is no impact on the customer experience. The customer does not have to trigger any additional steps for the same.
- Easy to embed and integrate into the application to ensure that the application developer does not have to spend a lot of time into integration
- Pulls all relevant information from the device to detect if it is fraudulent device or not.

The part embedded into the platform is designed to interface with the part embedded with the application. It pulls and extracts all information collected by the first part and analyses the information to calculate the ‘risk score’. The information from the mobile operator (the Mobile number) is also processed by this program. Finally the program shares the same with the application attribution platform viarealtime interface.

The benefits of the method and the implementation are :
a. Foolproof and unhackable method for detecting fraudulent installations
b. Realtime and instant detection of fraudulent installs
c. Protects application developer’s investments into advertising providing them a safe and secure environment to advertise.
d. Ensures there are no barriers to customer experience.

In the foregoing specification, the invention is described with reference to specific embodiments thereof, but those skilled in the art will recognize that the invention is not limited thereto. Various features and aspects of the above-described invention may be used individually or jointly. Further, the invention can be utilized in any number of environments and applications beyond those described herein without departing from the broader spirit and scope of the specification. The specification and drawings are, accordingly, to be regarded as illustrative rather than restrictive. It will be recognized that the terms "comprising," "including," and "having," as used herein, are specifically intended to be read as open-ended terms of art.

We Claim:

1. A method for detecting fraudulent installation of mobile application during mobile device based advertising, comprising:
installing of mobile application on user device;
triggering of mobile network of the user’s device;
identifying of the user SIM card residing in the mobile by the mobile network operator by verifying the MSISDN number of the SIM card.

2. The method as claimed in Claim 1 wherein, the mobile application is installed on the user’s mobile device referred by mobile device based advertising.

3. The method as claimed in Claim 1 wherein, the trigger of mobile network is done by fraud detection SDK.

4. The method as claimed in Claim 1 wherein, the trigger of mobile network is done silently at the background, ensuring there is no impact on customer’s user experience.

5. The method as claimed in Claim 1 wherein, the trigger of mobile network and the backend server is in a real time format ensuring detection of the fraudsters in real time.

6. A method for detecting fraudulent installation of mobile application during mobile device based advertising comprising:
collecting information from the mobile operator of the device as well as from the mobile application by a platform;
calculating a risk score by platform;
identifying the mobile device by platform using the IMEI number.

7. The method as claimed in Claim 5 wherein, the platform calculates the risk score, which is in the range of 100 to 0, from the information collected from the mobile operator and the mobile application, score 100 implies that installation is definitely fraudulent whereas score of 0 implies that installation is definitely genuine.

Dated this on November 10, 2017
ABHISHEK SAINI
PATENT AGENT (IN/PA-1731)
AGENT FOR THE APPLICANT