Mobile App Protection
Detect and block mobile ad fraud by connecting your MMP and tracking clicks through Tapper.
Tapper's Mobile App Protection works alongside your MMP (Adjust, Branch, etc.) to detect fraudulent installs, sessions, and in-app events — without requiring an SDK in your app.
How It Works
Tapper uses two data sources to identify fraud:
1. Click Tracking
When a user clicks your ad, the click passes through Tapper before reaching your MMP tracking link. Tapper records click details like IP address, device ID, and campaign parameters for fraud analysis.
2. MMP Postbacks
When your MMP attributes an install or event, it sends a postback to Tapper. Tapper matches it against the original click data to detect fraud patterns such as abnormal click-to-install times, device farms, geographic mismatches, and click flooding.
Ad click → Tapper tracker → MMP tracking link → App Store
↓
MMP attributes install → Tapper webhook → Fraud detection
Setup Overview
Create a Protection Script
In Tapper, create a Mobile App Protection script for your app. This gives you a public API key (pk) used to identify all clicks and events for that app.
Connect Your MMP
Create an MMP integration inside the protection script. Choose your MMP (Adjust or Branch), set a webhook secret, and copy the generated webhook URL.
Configure Webhooks in Your MMP
Paste the Tapper webhook URL into your MMP dashboard. Tapper starts receiving attribution postbacks immediately.
Set Up Click Tracking (Optional)
Replace your ad destination URL with Tapper's click tracker URL. This enables click-level fraud analysis and device ID capture before the MMP redirect.
Supported MMPs
| MMP | Status |
|---|---|
| Adjust | ✅ Supported |
| Branch | ✅ Supported |
| AppsFlyer | Coming soon |
| Kochava | Coming soon |
| Singular | Coming soon |
What Tapper Analyzes
From MMP postbacks (attribution data):
- Network, campaign, ad group, and creative.
- Device IDs (IDFA, GAID).
- Activity type — install, session, or in-app event.
- Revenue and currency.
From the click tracker (click-time data):
- IP address and geolocation.
- User agent and device info.
- Campaign, ad group, and ad IDs from the tracking URL.
- Publisher and sub-publisher IDs.