It seems that fighting fraud by whatever means necessary is the right thing to do. While it’s no secret that certain means are better than the others, did you know that some of them might be rather harmful than useful, namely when you use them as a stand-alone solution? That’s true, and IP blacklisting is as tricky as that.
The usage of IP address blocking as a single anti-fraud technique is associated with hidden risks. As an advertiser, you should be aware of them, so let’s figure out what's what.
What is an IP address?
As a rule, IP addresses are assigned to devices by the Internet providers automatically once they connect to the web. The first step is device connection to the local network and then it reaches the global network with the help of an Internet service provider. In general, we can divide them into the following categories:
- Private – personal IP addresses assigned to certain devices.
- Public – IP addresses assigned to networks, like homes, workspaces, and public places.
- Static – public IP addresses that change per request only.
- Dynamic – also public IP addresses that change automatically from time to time when the network needs that.
Why are IP addresses necessary? Well, they are an integral part of the way the Internet works. The worldwide web needs to distinguish between devices and networks to ensure that each device can receive and send information accurately.
And what is IP blacklisting?
As you can understand from the name, IP blacklisting is all about… IP blacklisting. This is the anti-fraud strategy aimed at blocking particular IP addresses from getting access to your website or network.
To be honest, this security method is known as a pretty ancient one – it was used against massive DDoS (Distributed Denial of Service) attacks some time ago. IP blacklisting allows you to stop the attack by blocking the server that sends harmful traffic to your website.
After blacklisting, the requests from an IP address will be denied and device users won’t be able to visit your network.
Why is IP blocking not the best anti-fraud solution?
The main problem with IP blocking is the risk of tossing the baby out with the bathwater. The method is not all that bad, but using it as the main or even single solution is not the best idea.
We have a quote of our Head of Project, Andrey Ivanov, on this subject:
In numerous countries there is a small number of IP addresses. Therefore, people use a network with a single outside IP address. This might be an entire district or even a town. In such a case, whenever you block an IP like that, you keep a lot of users in the black list.
As you can see, IP blacklisting can lead to a negative result – you risk losing your potential clients in your own hand.
Some users browse with their VPNs on
The modern world is concerned with digital security and anonymity. That is why, many regular Internet users prefer VPNs to stay safe and hide their IP addresses. The problem with IP blocking is that it doesn’t actually analyze every user, but blocks him by a single parameter, which might be VPN usage. And this may end up sadly – you risk eliminating new visitors and potential leads.
Not only you block the fraudsters
IP blocking strategy aims at excluding large chunks of addresses, namely – the entire public address that serves numerous devices connected to it. In case an ad fraudster is using the public IP address (be it a house, institution, or office), blocking him means excluding all the other devices relevant to that network.
The outcome is the same as the one we discussed in the previous paragraph – trying to get rid of one cheater, you may also cut off numerous potential visitors and customers.
IP blocking cannot stop experienced criminals
Another issue about IP blocking is that fraudsters are pretty sophisticated today. This tactic is known as somewhat outdated and it is not strong enough to deal with new fraud schemes. About thirty years ago, the strategy prevented massive attacks done from a single server or computer, but it is not so relevant today.
Modern fraudsters use numerous devices, bot farms, and malware to organize the attacks. They have thousands of IP addresses at their disposal, so blacklisting them all is far from possible. You will run out of slots to exclude malicious traffic sources at some point, but a fraudster will still have a significant amount of IP addresses to use.
IP addresses can be spoofed and changed easily
Fraudsters can change the blocked IP addresses to avoid blacklists and continue terrorizing your website. In a word, they fake their identity and pretend to be legitimate users, bypassing the blocks.
What should advertisers do?
In general, IP blocking is not that bad, but it is not enough to protect your resource from fraudsters. And sometimes, using this strategy as a standalone solution can lead to poor and even confusing results.
The main issue – IP blacklisting relies on limited information. Services that offer this type of anti-fraud solution tend to use third-party IP bases. After checking your traffic this way, service providers may conclude that you actually have a huge percentage of fraud, say, 50% or 60%. Why so? Because they don’t have regard to details.
The verdict delivered by third-party IP bases grounds on narrow data. For example, they perceive any VPN usage as fraud. As we have discussed earlier, this way you may toss numerous legitimate users overboard and lose valuable traffic.
To distinguish fraud smartly, one has to rely on numerous parameters to see if the actions belong to a real person or bot. ADEX believes that fraud detection and fighting must be scrupulous and precise.
That is why, we strive to the highest accuracy level – our platform relies on 45+ parameters to distinguish the browser properties and behaviour patterns of every single user. Choose ADEX as an in-depth solution to analyze your campaign performance on all the layers. This way, you will find and eliminate all dubious traffic sources and avoid any harm done to your budget.