We constantly publish updates to our documentation, which may not yet be available in your language. For the most current information, use the English version.
Adjust’s Anonymous IP filter maintains the integrity of your app’s data by protecting it from fraudulent install activity coming from VPNs, Tor exit nodes, and data centers. This targets fraudsters using device farms and emulation software to fake installs and place the conversions in high-value markets.
The filter cross-checks all of your app installs and reattributions with MaxMind’s anonymous IP database. Any user affiliated with an anonymizing service, such as a VPN, Tor exit node or with known data centers, is attributed to Untrusted Devices. This helps prevent the majority of fraudulent attributions associated with device farms and emulators before they enter your data set, and reduces the impact of data center manipulation tactics significantly.
Growth solution:
The Fraud Prevention Suite is available as an Adjust Growth Solution. To get Fraud Prevention on your account, contact sales@adjust.com.
Installs rejected by the Anonymous IP filter are assigned to Anonymous IP - a sublink of the network-level link Untrusted Devices. You can also use the following KPIs to view rejected installs and reattributions by traffic source.
VPN stands for virtual private network. One function of a VPN is to allow a user to connect to the internet through an IP address that is not their own. VPNs allow users to circumvent geo-restricted websites and services, as the IP address can come from anywhere in the world. Fraudulent publishers use VPNs to make it seem as though installs are coming from more lucrative countries.
Tor exit nodes
Tor is a service that directs traffic through a global network of servers to anonymize users’ identities. Each server is called a node, and Tor encrypts traffic as it bounces it through the nodes. Encrypted traffic reaches the internet through a Tor exit node. Tor traffic has the IP address of the Tor exit node it left through.
As with VPNs, Tor provides more anonymous access to the internet. Fraudsters take advantage of this to make it seem as though their fake installs are coming from disparate locations.
Data centers
The data centers on MaxMind’s list are not affiliated with an internet service provider (ISP). This means that any user activity originating from these data centers is either artificial or has been rerouted. Typically, fraudsters that run large numbers of emulators rely on these data centers to provide the computing resources for their illegal activities.
What is an emulated device?
An emulated device is any smartphone operating system run on a server and not a smartphone. This emulated software can run apps and generate ad views and clicks through an automated process. The crucial point, however, is that there is no real user behind these engagements and installs. Emulated devices are often run in order to commit ad fraud.