An emulated device (also known as a simulated device) is a program that enables a computer system to behave like another device. This system is used by developers to test the functionality of their app, but can also be abused by fraudsters to attempt to steal marketers’ ad spend.
Emulated devices are used for many purposes, both positive and negative. Let’s take a look at how app developers and fraudsters can use emulated devices for entirely different purposes.
An emulated device can be used to test how an app would function on different devices (this is not exclusive to mobile). Emulating various devices informs app developers of any necessary changes to the functionality of their app, as well as improving UX and highlight other areas for improvement. For example, an app developer could use an emulated device to test their product on iOS, and then on Android. They can also test their app on different manufacturers, ensuring that the product functions just as well on iPhones as it does on Samsungs.
The use of emulated devices ultimately prevents developers from needing to obtain multiple devices, allowing them to test their app’s functionality efficiently. However, in other cases, emulated devices are used to perform mobile fraud schemes.
Emulated devices can be programmed to perform repetitive, automated tasks such as engaging in advertising to download applications. For fraudsters, this makes emulated devices a powerful tool which allows them to falsify installs and in-app activities. By adding this to their arsenal, fraudsters can use emulated devices to target an advertiser's app with the end goal of stealing a marketer’s ad spend.
Data centers thrive off simulated device fraud controlled by server-side software. We know that this kind of operation is usually run out of a data center because it requires a facility able to house and power these servers. Data centers are mostly used by fraudsters in combination with Tor or VPNs to fake the geolocation of installs. However, it is possible to identify the IP addresses associated with this traffic. By rejecting the clicks and installs associated with that data center’s server, Adjust can protect marketers from these fraudulent claims – which would otherwise steal from your ad spend and compromise your data.
To learn more about ad fraud in the mobile industry, as well as the different types of mobile fraud, take a look at the Adjust Guide to Ad Fraud. As leaders in fraud prevention, we provide various resources about the different types of ad fraud, what they are, and how fraud prevention works. For example, our glossary includes definitions for click spam, SDK spoofing and click injection. Going one step further, we have also detailed the difference between click spam and click injection, and shared our current solution to SDK spoofing.