<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=134132097137679&amp;ev=PageView&amp;noscript=1">
Thought Leadership |
4 min read

What You Need to Know About MRC's Interim Guidance for Mobile In-App SIVT

Written by Chris Schwarz
Aug 29, 2018 12:07:31 PM

This serves as an introduction to Pixalate’s MRC thought leadership series specific to Sophisticated Invalid Traffic (“SIVT”) within mobile application (in-app) environments.

SIVT within in-app environments has many varied characteristics — both in structure and detection solutions — compared to web traffic (desktop and mobile web). It is important that entities operating in the mobile in-app digital advertising ecosystem take these differences into consideration when establishing their internal control framework and their SIVT detection/filtration processes.

On June 2, 2017, the Media Rating Council (“MRC”) issued interim guidance specific to SIVT within mobile in-app environments to establish a process for evaluating the different characteristics of SIVT as detected within mobile in-app environments. The guidance serves as a supplement to the MRC Invalid Traffic (“IVT”) Guidelines Addendum (the MRC IVT Guidelines)  issued on October 15, 2015.

The additional guidance provided is specified to the following procedural areas (described in greater detail below):

Executive Summary: Mobile In-App SIVT Considerations (by procedural area)

mrc-mobile-app-sivt-guidelines-invalid-traffic

  • IVT Risk Assessment

    • Detection measures and capabilities at various mobile application stages (downloaded, open, initialized, in-use online or offline);
    • Fraud types, models, risks or incentives not covered in the existing SIVT framework or IVT taxonomy (or different from those in desktop and mobile web environments);
    • Presence of premium pricing for mobile in-app inventory;
    • Relative sophistication of potential IVT schemes required in certain in-app environments;
    • Susceptibility of apps to transmission interception (to be considered in assessing risk at an application level);
    • App store vetting or security policies and protections (should not be relied upon);
    • Compensating controls to cover IVT detection gaps in situations where desktop/mobile web detection assets (JavaScript, flash, cookies, etc.) are unavailable;
    • Presence of proxy traffic or routing artifacts that may obfuscate origination information or limit the granularity of data collected for purposes of IVT determination (such as X-Forwarded-For data);

  • Business Partner Qualification

    • Evaluate mobile applications on a discrete level (as applicable, appropriate)

  • Additional Parameters and Heuristics

    • Different/additional benchmarks or thresholds for SIVT activity-based techniques;
    • Known app behaviors that may be indicative of SIVT;
    • Use of alternative detection assets and data points in evaluation of traffic arising from environments where IVT and measurement detection assets (such as JavaScript, flash or cookies) or other techniques do not function;
    • Presence of proxy traffic or routing artifacts that may obfuscate origination information or limit the granularity of data collected for purposes of IVT determination (such as X-Forwarded-For data);
    • Differentiation of parameters/thresholds/evaluation criteria by device type/operating system and device status (stock/jailbroken);
    • Differentiation of parameters, thresholds, and evaluation criteria by app type/properties (app permissions, app communication protocols, presence of multiple redirects, etc.);
    • Differentiation of parameters, thresholds, and evaluation criteria by user (population or content of collected user information, presence of inconsistent user parameters)

Invalid Traffic (IVT) Risk Assessment

mrc-mobile-app-invalid-traffic-ivt-sivt-risk-assessment-1

What is a risk assessment?

A risk assessment is simply the process of identifying and evaluating the potential hazards that could negatively impact an organization's ability to conduct business. These assessments are designed to identify inherent business risks and provide measures, processes, and controls to reduce the impact of these risks to business operations.

Read our blog for more information on risk assessment.

Business Partner Qualification (BPQ)

mrc-mobile-app-invalid-traffic-ivt-sivt-business-partner-qualification-1

What is business partner qualification (BPQ)?

Business partner qualification is the process by which an entity works to verify the identity, stature, and legitimate intent of the respective entity (or individual) in which they are engaging with. This process is designed to protect the entity from the potential business and operational risks associated to doing business with a party of ill intent; most notably as it pertains to the digital advertising ecosystem, those attempting to perpetuate ad fraud.

Read our blog for more information on business partner qualification (BPQ).

Additional Parameters and Heuristics across SIVT detection solutions

SIVT detection and filtration techniques, by design, incorporate various parameters, thresholds, and evaluation criteria in identifying invalid traffic. Pertaining to the parameters and heuristics considered with respect to SIVT techniques employed in mobile in-app environments, the MRC interim guidance states the following:

“Measurement vendors applying SIVT detection and filtration techniques must consider mobile applications discreetly in setting parameters or determining heuristics used should they represent a material portion of measured and filtered traffic.”

These additional considerations, as broken down in the executive summary above, are intended to address the major differences in the evaluation of mobile in-app traffic (on the basis of IVT/SIVT).

Additional consideration regarding General Invalid Traffic (‘GIVT’) within Mobile In-App

The MRC mobile in-app SIVT interim guidance also explicitly addresses measurement vendors’ responsibility to apply a similar level of discernment and rigor in evaluating General Invalid Traffic (“GIVT”) within mobile in-app environments. While many GIVT techniques are parameter- or list-based, such procedures are required to be evaluated and assessed by the service on the basis of the coverage on a discrete application level. The MRC interim guidance also encourages the development of incremental procedures to address any coverage gaps identified, especially in situations where mobile in-app constitutes a material portion of measured and filtered traffic.

Search Blog

Follow Pixalate

Subscribe to our blog

*By entering your email address and clicking Subscribe, you are agreeing to our Terms of Use and Privacy Policy.

Previous Story
← 65% of today’s top mobile app ad sellers are different compared to 1 year ago
Next Story
MRC Guidelines: What is risk assessment? →

You May Also Like

These Stories on Thought Leadership

Case Studies

Q&A with Steven Slaughter, Head of Ad Ops & Yield at Krush Media, on managing a clean CTV and Mobile Ad Supply Chain

Jun 27, 2023 12:00:00 PM |
4 min read
Case Studies

Q&A with Jess Okan, Co-founder and CEO of Screencore, on strategies for minimizing ad fraud in the connected TV ecosystem

May 30, 2023 7:00:00 AM |
6 min read
Case Studies

Q&A with Oleksandra Kazantseva, Head of Programmatic at BizzClick, on transparency, trust, and security

Apr 17, 2023 2:00:00 PM |
4 min read

Subscribe to our blog

*By entering your email address and clicking Subscribe, you are agreeing to our Terms of Use and Privacy Policy.
pixalate-logo-red-small
Copyright © 2024 Pixalate
US: 1775 Greensboro Station Place, Suite 425 McLean, Virginia 22102
EU: 10 Earlsfort Terrace Dublin 2 D02 T380, Ireland
SG: 10 Anson Road, #22-02 International Plaza, Singapore 079903
UK Phone: +44 (0)800 011 2050
US Phone: +1 888 749 2528
*By clicking Download and entering your email address, you are agreeing to our Terms of Use and have read and acknowledge our Privacy Policy.
Terms of Use  Privacy Policy  Cookie Policy  Join ATSAPI Slack Channel

Disclaimer: The content of this page reflects Pixalate’s opinions with respect to the factors that Pixalate believes can be useful to the digital media industry. Any proprietary data shared is grounded in Pixalate’s proprietary technology and analytics, which Pixalate is continuously evaluating and updating. Any references to outside sources should not be construed as endorsements. Pixalate’s opinions are just that - opinion, not facts or guarantees.

Per the MRC, “'Fraud' is not intended to represent fraud as defined in various laws, statutes and ordinances or as conventionally used in U.S. Court or other legal proceedings, but rather a custom definition strictly for advertising measurement purposes. Also per the MRC, “‘Invalid Traffic’ is defined generally as traffic that does not meet certain ad serving quality or completeness criteria, or otherwise does not represent legitimate ad traffic that should be included in measurement counts. Among the reasons why ad traffic may be deemed invalid is it is a result of non-human traffic (spiders, bots, etc.), or activity designed to produce fraudulent traffic.”

Subscribe to the Pixalate Blog.
The first step in ad fraud prevention.
Loading...
pixalate-logo-white
Contact Us12
Loading...
pixalate-logo-white
Download GSTI
Loading...
Schedule your demo today
Loading...