Spike in App Usage Propels an Uptick in Fraud

Living in Vietnam gives us firsthand insight into residents’ everyday customs. And one thing is very evident: We’re living in a mobile-first society where fiat is a rare sight.

In a region where, for most of the population, Internet access is mobile-only, apps are omnipresent. From keeping in touch with loved ones to paying for groceries at the local market, smartphones hold unparalleled importance in the lives of Southeast Asians.

The area’s thirst for mobile connectivity, coupled with a raging digital economy and a tech-savvy population, makes SEA a hotbed for app use. Plus, since roughly half of SEA’s citizens remain unbanked, some form of finance app resides on most everyone’s phone.

But unless apps are secure, they lean more towards hassle than convenience. And because dollars, dong, pesos, ringgit, rupiah, and many more gov’t currencies attract thieves like flies to honey, monetary apps are obvious targets.

But before we address bad actors, let’s dive into the recent explosion of SEA’s app usage.

2019’s Growth Spurts

Here in Southeast Asia, finance apps boast some of the world’s highest download rates.

App analyst, AppsFlyer, recently compiled a marketing report tracking 4.6B installs of over 3k different apps. Conveniently for us, four of the studied countries are in SEA.

Image credit: AppsFlyer

AppsFlyer’s report ranks global app installs throughout 2019. And mixed within the top-15 app-hungry nations are Indonesia, Malaysia, the Philippines, and Vietnam.

Today, the APAC region has the world’s largest overall number of finance apps available for download. Moreover, the percentage of economic apps in digital stores — as opposed to the gaming category, for example — is on the upswing.

In other words, APAC contains the globe’s highest concentration of finance apps.

Image credit: AppsFlyer

From 2018 to 2019, financial apps’ APAC market share rose by 168%. Although the Middle East and Africa grew more year-over-year, APAC wins the app volume metric by a landslide.

Commenting on the impressive figures was Ronen Mense, President & Managing Director, APAC at AppsFlyer:

“Asia Pacific, and Southeast Asia, in particular, are home to a large unbanked population. However, it also has one of the fastest-growing digital and mobile-first populations in the world. People in the region use their mobile phones for a whole range of lifestyle activities, including for their financial needs. This is especially relevant today, as the global COVID-19 pandemic is affecting access to financial services. People across the world are staying at home, and app usage is on the rise, especially with payment, lending, investment, and banking apps.”

But with that growth comes great responsibility. As an organization currently creating five smartphone apps, cybersecurity tops our list of concerns. Each product, in a unique way, acts as a gateway to decentralized finance (DeFi) and digital economies.

Our mobile-only products — crypto wallet, blockchain game, and a series of cashback and rewards ecommerce portals — are under assembly. And it’s up to us, along with certified, contracted experts, to ensure app safety before release into the Internet’s wildlands.

You see, while we want everyone to enjoy our apps, it’s imperative to keep the bad actors out of our ecosystem. Unfortunately, the ways in which conniving cybercrooks crack code continues to increase.

1/3 Are Fake

Yes, SEA’s choices in finance apps are growing. However, fraudulent downloads make up 30% of APAC’s overall install volume. Indonesia’s total reaches a whopping 46%!

While the number of installs is lofty, shady characters still control a substantial chunk of the market. So, how do the tricksters get in? Although scammers use multiple tactics and will undoubtedly invent others, the primary weapon is automation.


One of the greatest threats to the Internet itself is the ubiquitous bot. Bots are automated software agents mimicking human behavior to interact with ads and content.

We can thank bots for these little slices of frustration

You won’t find the same mechanism within our upcoming ecommerce apps, but we’ll deploy similar anti-bot measures.

Imagine a site that rewards its users for watching videos. Advertisers pay for said videos, aiming to convert a small percentage of views into sales. But you know what obliterates ad budgets while never buying anyone’s product? That’s right. Robots.

Bots also take over accounts, commit credit card fraud, and send spam, to name a few styles of mobile malfeasance.

Marketers using a Cost Per Install model — in which they pay for every installation — are hardest hit by fraudbots.

But we can now overcome the tricksters by deploying sophisticated tech. Thankfully, the battlefield is mobile devices — which offer unique measurement opportunities.

Mobile Anti-bot

Software bots can fake multiple data types. However, there are two things software can’t do on your phone: Apply pressure to the screen and put the device in motion.

Mobile measurement and fraud prevention provider, Adjust, uses AI and machine learning against bad actors. Anti-fraud measures help protect app developers from farming, flooding, hijacking, injecting, spoofing, and more.

Now, we’re not confirming the use of Adjust’s Unbotify service. But we can say we’re fully aware of how dangerous bots are to app creators. For us, thwarting bots’ attempts at infiltrating our ecosystem is a high priority.

When Wallet?

We get this question from time to time in the RedFOX Labs Telegram channel. It’s important to note that if we lived in a perfect world, our wallet would’ve seen release months ago. But we challenge you to find absolute perfection in anything.

Last year, we finished most of our mobile crypto wallet’s development. But software’s coding doesn’t always correlate to wallet safety. Plus, we rely on Komodo for our wallet’s build.

Komodo’s new wallet, like ours, is currently in a lab undergoing intense testing.

But until our wallet passes lab scrutiny, something now out of our control, we’re not comfortable with our supporters keeping funds inside. To us, the importance of account security far outweighs an arbitrary release date.

Turns out, one of our new interns agrees with that sentiment. Harshit Puram, currently pursuing his Master’s degree at National University of Singapore, recently wrote a cybersecurity report covering the state of the industry.

Click here to read Harshit Puram’s cybersecurity report.

Security is vital to us here at RedFOX Labs. Furthermore, until cybersecurity experts tell us the wallet is ready, it remains unavailable for download. After all, we’re referring to a mobile, digital receptacle for assets.

And if you’re like us, you’re not in the habit of leaving your valuables vulnerable to criminals.

Wrapping Up

The proliferation of apps gives cybercriminals additional avenues to potentially exploit. Every time a release hits app stores, unscrupulous individuals and groups seek ways of making off with ill-gotten gains.

As The Great Pause continues and economic activity declines, swindlers are emerging in greater numbers. But even without the current trend of global uncertainty, operators of all app categories must be vigilant.

Imagine using a DeFi app for the very first time, only to have your account compromised by a bot. Such an event may forever tarnish one’s opinion of DeFi as a whole.

Our overarching focus remains on digital inclusion — providing easy-to-access onramps to digital economies. However, there’s no point in shaping tech equality with insecure applications.

The recent surge of finance apps in SEA bodes well for us. The figures prove both interest and familiarity are rising — which indicates competition is, too.

So, for now, we’re empowering our apps with the means to keep the bad guys out. Everyone else is free to come inside, have a look around, and make themselves comfortable.

Hit subscribe to get an inside look at how we’re accelerating blockchain adoption in Southeast Asia and beyond!