What are Invalid Traffic Types?

fraud0 clusters different types of invalid traffic into the following categories:

Automation Tools: Software designed to automate actions in a browser detected as bot traffic. We can detect a multitude of such automation tools using a variety of APIs that are exposed in the browser, such as Headless Chrome, PhantomJS, Selenium, Rhino, CouchJS and others.

Discrepancies: Users with inconsistent attributes indicating fake users generated by bots. This can involve a number of attributes, such as:

• Hardware features, e.g. a browser claims to run on a mobile device but the amount of memory and number of CPUs indicate a dedicated server.

• HTTP header inconsistencies: the User-Agent header is empty, missing, or doesn’t match the declared User-Agent on the client side, the HTTP headers are sent in an unusual order, etc.

• Inconsistent browser data, such as no accepted languages, a mismatch between the claimed operating system and the expected pre-installed fonts on that system, a mismatch between the claimed operating system and the APIs available on the client side, etc.

• Abnormal screen sizes, resolution or color depth, e.g. an iPhone with an unusually large screen.

Self-declared Crawlers: Bots that identify themselves with specific user agent strings, usually linked to entities like search engines (e.g. Google or Bing) or can be operated by other online services for   indexing or data retrieval purposes.

(Search Engine Crawler is one of them which can be excluded from the fraud0 statistics! To activate the exclusion please go to the Settings - Data Analytics tab in the fraud0 Interface.)

Fraudulent Apps, Datacenter: visits that originate from well-known fraudulent apps, have been redirected from websites known to be fraudulent, or whose IP address can be found on lists of known IP addresses that are known to be the source of bot traffic, HTTP proxies, or VPN and anonymizing services. 

Behavioral Abnormality: some bots can be detected through their behavior, such as too many page views of a user within a certain time frame (which would indicate an unpaced browser automation), or too many new sessions that are created per IP address within a certain time frame.