Follow us on Twitter

Anti-Fraud Metrics: Listing

Voluum uses different metrics to scan incoming traffic. When criteria set in those metrics are matched, such an event, be that either click or visit, is then flagged as suspicious. Those flags represent characteristics that usually accompany the invalid traffic. Read below about metrics used and decide whether this kind of traffic is wanted in your funnels.

Data centers

Voluum identifies if the IP address behind a visit or click originated from known data centers. Data centers, such as Amazon Web Services, have their own batches of IP addresses assigned to them. Some of the data centers might be a source of invalid traffic but not all. For example, VPN users may be routed through data centers. So, a visit that came from an IP address associated with a data center does not necessarily mean that it is invalid, but it makes it more likely.

Badly ranked referrers

Voluum gathers aggregated information from various antivirus engines, website scanners, URL analysis tools, and users' contribution to assess the overall reputation of a referrer.

Fast clickers

This metric is based on the idea that visitors have some delay between viewing an advertisement and clicking on it. Non-human traffic does not have such a restriction so it tends to click faster. Voluum flags visits or clicks with a time window between displaying and clicking the ad shorter than 800 ms.

Frequent events

If a certain IP address generates a lot of events, more than a typical visitor would, it is highly likely that those events are of non-human origin. If the number of events exceeds 60 per minute, such IP is flagged.

Frequent campaign events

Similar to the metric above, this one looks at a frequency of generating events from a single IP address but aimed at one campaign only. If a number of events aimed at particular campaign exceeds 60 per minute, such IP is flagged.

Unrecognized device

Traffic also carries identifiable information about a device or a program that is behind a visit. Voluum with the help of a 3rd party service detects a user agent's class. If a class cannot be recognized, such visit or click is then flagged.

Library robots

In this metric information about a user agent is taken into consideration but contrary to the UA - Unrecognized device metric, it flags traffic when a class of the user agent states it is a library. Library class may refer to PHP, Java or other programs that are behind a visit. They do not necessarily have malicious intent, they might be simply scanning website content for various reasons and generate traffic in this process.

Unsupported OS version

The information about visitor's operating system and its version can be also derived from a user agent. If a system is recognized as old and not supported for a very long time, it is unlikely it has a human origin Such visit is then flagged.

Unrecognized user agent

User agent information should be passed in a proper format and most traffic follows this procedure. If there is a different format used in an event, it will be flagged with this metric.

Voluum cooperates with third-party services to enhance its features. You can view the list of those services in the Voluum Update Policy article.

Track & optimize
your campaigns with ease!