Fraud Reporting and Fraud Logs FAQ

You can get information about the fraud cases in your campaigns in several ways:

  1. Aggregated reports: For aggregated fraud data, Singular provides the Rejected Report, Suspicious Report, and Protected Report.
  2. Fraud logs: To view detailed data about every single fraud decision, you can download the raw logs of Singular's fraud prevention system. Go to Attribution > Export Logs and pick the Fraud log type. For more information, see the Export Logs and User-Level Data FAQ.
  3. Fraud postbacks: To be notified in real time about fraud decisions, set up fraud postbacks to be sent to your internal BI dashboard. For more information, see the Fraud Postbacks FAQ.

 

Fraud Aggregated Reports FAQ

What are the Rejected Report and the Suspicious Report?

The Rejected Report page (Fraud Prevention > Rejected Report) shows you how many installs were rejected, the estimated fraud CPI, and the estimated saved costs.

The report can be broken down by the rejection reason (the method or rule that caught the fraud attempt) as well as usual dimensions such as app, OS, campaign, and country.

The Suspicious Report page (Fraud Prevention > Suspicious Report) functions similarly to the Rejected Report, but shows installs that were marked as suspicious instead of being rejected.

Because the installs in this report were allowed to be attributed normally, you can also see cohort metrics about them, such as the revenue.

What is the Protected Report?

The Protected Report page (Fraud Prevention > Protected) gives you information about cases in which you were protected from a fraud attempt by Singular's fraud prevention system.

The installs in this report are legitimate installs. One or more of their associated touchpoints was rejected for fraud, but then Singular went on to find the legitimate touchpoint to which the install could be attributed.

Use this report to get additional information about where and how you are targeted by fraud. For example, you can see how many of your organic users are targeted, or whether a specific network or campaign have been targeted more than others.

What is the "Fraud Reason"?

The Reason dimension in fraud reports shows the name of the fraud method or custom rule that caused the install to be rejected or marked as suspicious.

Use this dimension to gauge the impact and usefulness of different rules.

What are "Estimated Fraud CPI" and "Estimated Saved Cost"?

These metrics are found only in the Rejected report. They are defined as:

  • Estimated Saved Cost - an estimation of the cost of the fraudulent installs, based on the daily cost per source.
  • Estimated Fraud CPI - an estimation of the average CPI per fraudulent install, based on the estimated cost and number of rejected installs per source.
How is "Estimated Suspicious Cost" calculated (in the Suspicious Report)?

To estimate the suspicious cost (total cost for suspicious installs), we first find the CPI (cost per install) for the relevant app + OS + source (network) + date. This is the same CPI you can see in the Reports page, e.g.:

screenshot-docs.google.com-2021.01.20-18_40_16.png

Then we multiply the CPI by the number of suspicious installs:

screenshot-docs.google.com-2021.01.20-18_41_08.png

Fraud Logs FAQ

How do I get information about click IDs that have been marked as suspicious by Singular?

To investigate the click IDs found as suspicious, use the Export Logs page:

  1. In the Singular web app (or partner portal, if you're a Singular partner), go to Attribution > Export Logs.
  2. Select the log type Conversions and select the fields Partner, Click ID, Fraud Status, and Fraud Reason.
  3. Download the log and filter the table by Fraud Status = "Suspicious".

image1.png

How can I learn more about my "untrusted installs"? How do I access more data about them?

An untrusted install in Singular means that the install event itself was found to be fake (as opposed to a real install with fake clicks or impressions). This happens, for example, if the install event comes from a blacklisted IP that is associated with bot activity.

Untrusted Installs in Aggregated Reports

To see aggregated data about untrusted installs:

  1. Go to Fraud Prevention > Suspicious Report.
  2. Filter by Source = "Untrusted".

screenshot-app.singular.net-2021.03.22-18_39_16.png

Untrusted Installs in User-Level Data (Fraud Logs)

To see user-level data about untrusted installs, you can use the fraud logs:

  1. In the Singular web app (or partner portal, if you're a Singular partner), go to Attribution > Export Logs.
  2. Select the log type Fraud and select the fields Partner, Fraud Reason, and Fraud Status.
  3. Filter the report by Attributed Partners = "Organic".
  4. After you download the report, filter the spreadsheet by Fraud Status = "Rejected".

Screen_Shot_2021-03-22_at_18.04.25.png

Was this article helpful?