BuzzFeed News has recently reported that over eight apps on the Google Play Store are using under-handed ad techniques to generate revenue. The apps in question come from famous app developers Cheetah Mobile and Kika Tech and account for a total of over 2 billion downloads. App Analytics company, Kochava noticed the fraud ad scheme used by these apps while misusing user permissions to generate fake traffic. The companies owning the apps have recently registered a total of 700 million active users per month.
Google has not removed these apps from the Play Store yet. The fraudulent ad practices cost the developers and publishers billions of dollars. The shady tactics used by these apps to steal money from advertisers is not exactly a secret, but both the companies deny all the allegations.
Cheetah Mobile Was Accused of Such Allegations in the Past
Of the eight apps, seven belong to the Chinese company Cheetah Mobile, which is infamous for indulging in ad malpractices. The company was accused of shady business conduct by an investment firm, last year. The Chinese company denied all the claims and continues to perform fraud and tactics and steal advertisers’ money. Kika Tech, on the other hand, is responsible for one of the apps in the scenario, that goes by the name ‘Kika Keyboard’. It is a popular communication tool app that allows the user to send an extensive range of emojis. The app has reported over 60 million active users per month. In a period of one month, the apps from both the companies managed to get 20 million new installations. The affected apps are CM File Manager, Battery Doctor, Security Master, Clean Master, CM Locker, Cheetah Keyboard, Kika Keyboard and CM Launcher 3D. Interestingly, Cheetah Mobile is one of the investors of Kika Tech, which is now based in Silicon Valley.
As per Cheetah Mobile’s earnings from last quarter, the revenue of over $196 million was generated from the “utility products and related services”. The implicated apps are the key highlight of these services, contributing to half of the total revenue generated.
Kika and Cheetah Apps Exploit User Permissions
Praneet Sharma of Method Media Intelligence mentions that the apps involved in ad malpractices ask for extensive user permissions, which makes the amount of data collected questionable. They even ask for permission to keep a track on the other app downloads. This allows them to look for installation bounties available for the said apps. In the process of chasing these apps, Cheetah mobile and Kika Tech push the clicks with admissible attribution information to make sure they get the bounty. This process is known as click injection. Additionally, the Cheetah apps are also slated to launch the recently installed app without user’s permission or knowledge to get credit for its installation.
In addition to click injections, Kika Keyboard is also programmed to perform click flooding. Since the user allows the Kika Keyboard app to check what’s typed, the app keeps track of the searches made on the Play Store and then hunts for bounties. What’s more troubling is that it is also in action even when nothing is being typed, that is when the keyboard is inactive. In this case, it fires display ads for recommended apps instead of sending clicks. If the user ends up downloading these apps as part of the scheme, Kika gets the installation bounty.
Google has been notified of Kochava’s findings and the tech giant has assured of an ongoing investigation. As of now, you will find all these apps on the Play Store.
