Voluum Documentation

(Beta version) Anti-Fraud Metrics: Listing

Voluum TRK Anti Fraud Kit Beta Version

Voluum uses different metrics to scan incoming traffic. When criteria set in those metrics are matched, such an event, be that either click or visit, is then flagged as suspicious. Those flags represent characteristics that usually accompany the invalid traffic. Read below about metrics used and decide whether this kind of traffic is wanted in your funnels.

Known data centers

Voluum uses Pixalate to identify if the IP address behind a visit or click is originated from known data centers. Data centers, such as Amazon Web Services, have their own batches of IP addresses assigned to them. Some of those data centers might be a source of invalid traffic but not all. For example, VPN users may be routed through data centers. So, a visit that came from an IP address associated with a data center does not necessarily mean that it is invalid, but it makes it more likely. 

Badly ranked referrers

Voluum gathers aggregated information from various antivirus engines, website scanners, URL analysis tools and users' contribution to assess the overall reputation of a referrer. 

Fast clickers

This metric is based on the idea that visitors have some delay between viewing an advertisement and clicking on it. Non-human traffic does not have such a restriction so it tends to click faster. Voluum flags visits or clicks with a time window between displaying and clicking the ad shorter than 800 ms.

Frequent events IP

If a certain IP address generates a lot of events, more than a typical visitor would, it is highly likely that those events are of non-human origin. If a number of events exceeds 60 per minute, such IP is flagged.

Frequent events campaign IP

Similar to the metric above, this one looks at a frequency of generating events from a single IP address but aimed at one campaign only. If a number of events aimed at particular campaign exceeds 60 per minute, such IP is flagged.

User Agent - Unrecognized device

Traffic also carries identifiable information about a device or a program that is behind a visit. With a help of a third-party services, Voluum detects a user agent's class. If a class cannot be recognized, such visit or click is then flagged. Most of legitimate traffic has a recognizable device class of user agents so an unrecognizable class may indicate traffic of an uncertain origin.

User Agent - Library robots

In this metric information about a user agent is taken into consideration but contrary to the UA - Unrecognized device metric, it flags traffic when a class of the user agent states it is a library. Library class may refer to PHP, Java or other programs that are behind a visit. They do not necessarily have malicious intent, they might be simply scanning website content for various reasons and generate traffic in this process.

User Agent - Unsupported OS version

The information about visitor's operating system and its version can be also derived from a user agent. If a system is recognized as old and not supported for a very long time, it is unlikely it has a human origin. Such visit is then flagged.

User Agent unrecognized

User agent information should be passed in a proper format and most of traffic follows it. If there is a different format used in an event, it will be flagged with this metric.

Voluum cooperates with third-party services to enhance its features. You can view the list of those services in the Voluum Update Policy article.

Search results

    No results found