Advertisers often face issues such as fraudulent traffic, traffic inflation, and low conversion rates when they run online marketing campaigns. Traffic Promotion Fraud Prevention helps advertisers and media identify marketing threats in scenarios such as traffic monetization, channel promotion, and Real-Time Advertising (RTA). The service detects threats in real time based on dimensions such as device, network environment, and behavioral anomalies to improve traffic quality, reduce costs, and increase revenue. This service is used by leading customers in industries such as casual games, social networking, e-commerce, retail, and travel.
Editions
Fraud Detection is available in Basic and Advanced editions. This helps meet the risk control requirements of enterprises from different industries at different stages. The following table describes the differences between the two editions.
Features | Basic Edition | Advanced |
Real-time Analytics | Yes. | Yes. |
Return value | Risk feature tags. | Risk feature tags. |
Device risk monitoring | Yes. The system can check whether a device is an emulator, multi-boxing instance, device in device farms, multi-tasking software, cloud phone, or hook device. | Yes. The system can check whether a device is an emulator, multi-boxing instance, device in device farms, multi-tasking software, cloud phone, or hook device. |
Device fingerprint | No. | Yes. |
Gang analysis | Yes. | Yes. |
Log delivery to Simple Log Service | No. | Yes. You can authorize Fraud Detection to deliver logs to Simple Log Service. Then, Simple Log Service stores the logs free of charge for one year. |
Service event parameters
Service event parameters refer to the request parameters that are passed to the common request parameter
ServiceParameters
in the JSON format. The following table lists the request parameters that you must specify for the Traffic Promotion Fraud Prevention service (including Basic and Advanced editions).
Fraud Detection does not verify the format of strings that are specified for input parameters. This helps maximize the adaptability of input parameters. You need to manually verify the format of your data. For example, you need to check whether the format of the mobile parameter value meets the requirements of mobile phone numbers in the Chinese mainland. This type of mobile phone number must consist of 11 digits and start with 1.
Parameter | Supported version | Description | Data format | Example value | Required |
deliveryMode | Basic and Advanced | The delivery mode. | String | For example, general buying, RTB, RTA, etc. | Optional |
advertisingType | Basic and Advanced | The type of ad placement. | String | For example, information feed, launch screen, etc. | Optional |
operateTime | Basic and Advanced | The timestamp of the operation, which is accurate to the second. The timestamp is in UTC. Note If you scan historical data for risks, you must specify the historical operation time for this parameter to avoid misidentification caused by incorrect calculation time. | Long | For example, the timestamp is 1522555200 at 2018-04-01 12:00:00 GMT. | Optional |
imeiMd5 | Basic and Advanced | The MD5 hash value of the device IMEI. | String | Convert the IMEI device number to lowercase, then perform MD5 encoding, and then convert to lowercase. | Optional |
androidIdMd5 | Basic and Advanced | The MD5 hash value of the device Android Id. | String | Keep the Android ID as its original value, perform MD5 encoding, and then convert to lowercase. | Optional |
oaidMd5 | Basic and Advanced | The MD5 hash value of the device OAID. | String | Keep the OAID as its original value, perform MD5 encoding, and then convert to lowercase. | Optional |
idfaMd5 | Basic and Advanced | The MD5 hash value of the iOS device IDFA. | String | Convert the IDFA device number to uppercase, perform MD5 encoding, and then convert to lowercase. | Optional |
macMd5 | Basic and Advanced | The MD5 hash value of the MAC device number. | String | Keep the MAC device number as its original value, perform MD5 encoding, and then convert to lowercase. | Optional |
operateSource | Basic and Advanced | The source of the operation. Valid values: PC, H5, APP. | String | APP | Optional |
deviceToken | Basic and Advanced | The device token obtained through the Device Risk SDK. | String | MzQvo1d7scyZ3tl_RcJZo_QOytAjy1LWRRLoRKo5oZSoo_JGj1ZoR5JGoRo5jcdn57gV5kxVRcLER5RQoZSvRZZQRcROjcMW5csZR_RGy_55RKJ_oooqZ7dSV5gRnKxOV7eWVQQjRtlRQoAjRcM0 | Required (when integrating the Alibaba Cloud device SDK). |
ip | Basic and Advanced | The originating IP address of the user operation. | String | 42.120.XX.XX | Optional |
mobileMd5 | Basic and Advanced | The MD5 hash value of the user's mobile phone number. | String | e7beea81b7a03b38508428fbeeb3**** | Optional |
Device numbers such as IMEI, IDFA, OAID, ANDROIDID, and MAC must be encrypted strictly according to the encryption standards described above. Otherwise, the identification effectiveness will be greatly affected.
Response parameters
The response parameters for Traffic Promotion Fraud Prevention are risk feature tags.
The business meaning of the tags field value in the returned parameter Data can be referenced in the following table's recommendations (derived from the experience of the Alibaba Cloud risk control team).
Risk level | Tag value | Tag meaning | Recommendations |
High | is_emulator | The device is suspected of being an emulator. This tag can be returned for Android and iOS devices. | Filter out the business. |
High | is_rooted | The device is suspected of being rooted. For iOS systems, this indicates a suspected jailbreak. | Filter out the business. |
High | is_hooked | The device is suspected of being subject to injection attacks. | Filter out the business. |
High | …… | …… | Filter out the business. |
Medium | is_deviceCluster_m | The device is suspected of being part of a device cluster with medium risk. This is specific to Android systems. | Perform security verification or limit high-risk access or operations. |
Medium | …… | …… | Perform security verification or limit high-risk access or operations. |
Low | token_replay | Device SDK replay issue. | Add a tag to the account and monitor the account. |
Low | …… | …… | Add a tag to the account and monitor the account. |
The risk feature tags shown above are only a partial display. For a complete enumeration of tags, you can refer to the access management module in the Fraud Detection console, click to go.
For more information, see Common response parameters.