Fraud farms take advantage of location spoofing to swindle mobile gaming apps
Location spoofing detection is now essential for stopping mobile gaming fraud at scale
Fraud schemes that leverage “Device Farms” to scam skilled-based gaming apps are surging. Using many mobile devices at the same physical location makes it easier for fraudsters to mechanize and scale up their fraud scams to exploit players, and location spoofing is one of the key success factors in fraudsters' schemes.
Device Farms are locations where lots of different devices are connected. Developers use these device farms to test out their mobile apps across many mobile devices. For example, Amazon provides this useful and legitimate service for app developers: https://aws.amazon.com/device-farm/?nc1=h_ls
However, there are cases where fraudsters set up their own Device Farm to commit fraud at scale. These are called “Fraud Farms” and they usually host hundreds or thousands of devices in the same location with the goal of committing fraud. Fraud Farms can be of 2 types, either automated or manual.
- Fully automated fraud farms: all the mobile phones are connected in an automated network and fraud is orchestrated on an industrialized scale
- Human-operated fraud farms: human operators are in charge of manually clicking on screens to perform illegal actions.
And several types of fraud are common to Fraud Farms including:
- Enabling collusion between players in Mobile gaming apps
- Creating fake engagements and fake profiles for Social Media apps
- Defrauding marketing Ad Networks with fake clicks and fake app installs.
How do fraudsters spoof location?
In order to conceal the location of devices and obscure that they are all in the same location, fraudsters spoof the location of each one of the phones in the fraud farm, so that they look like they are physically located in different places. The location spoofing techniques used by fraudsters include use of:
- Proxy servers
- Fake IP address
- use of emulators to appear like legitimate devices
By implementing these techniques, fraudsters are able to disguise the location of fraud farms and can typically evade basic security controls that only check GPS or IP addresses that can be easily spoofed.
How fraud farms conceal their location
Stopping location spoofing used for player collusion
In mobile skill games, one of the most widespread fraud schemes involving fraud farms is “collusion” between players: fraudsters use hundreds of mobile devices to collude together, sharing cards and sharing game information to defraud other players and mobile gaming apps. In our mobile gaming case study, you can read more about how Incognia detected and blocked this type of collusion fraud affecting a major mobile gaming app with over 70 million users. In an analysis of 3.1 million users. Incognia detected 100+ suspicious locations indicating potential fraud farms, and more than 50K+ suspicious accounts.
The Incognia Location Spoofing Detection solution is highly effective at detecting location spoofing and enables mobile apps to block the fraud perpetrated by fraud farms. These are a few of the ways it works:
- Block Fake IP Addresses, VPN & Proxies: Incognia does not rely on IP addresses to determine device location. Instead, Incognia location detection is based on intelligence from device sensors including GPS, WiFi, and Cellular Networks.
- Block Emulators: Incognia analyzes hundreds of device features and can easily detect the use of emulators.
The Incognia solution acts silently in the background, so there is no additional friction for legitimate users, and works on both iOS and Android devices. To learn more about Incognia location spoofing detection please read our Location Spoofing Solution Brief.