Pixalate — High Risk Apps Pre-Bid Blocklist for Mobile
Now Available

High Risk Apps Pre-Bid Blocklist for Mobile

Daily updated blocklist of iOS and Android apps flagged across 9 risk dimensions — combining persistent IVT signals, app store compliance, app-ads.txt authorization, and privacy risk into a single unified feed.

Contact Sales
Risk Reason Codes
highGivt highSivt missingPrivacyPolicy abandonedApp noAdsTxt developerAnonymity vpcBypass delistedApp mfaApp
9
Risk reason codes
2
Platforms: iOS & Android
Update Frequency: Daily
Format: CSV
Access Methods: FTP, API, S3, AWS RTB Fabric
Beyond Impression-Level Detection

Historical ad fraud detection started from scratch on every impression, with each bid evaluated in isolation and disconnected from historical signals. The blocklist aligns with Media Rating Council (MRC) guidance to use lists of "known dangerous or fraudulent sources" in addition to impression-level IVT classifications.

Persistent IVT & Fraud Signals

Apps with sustained high GIVT or SIVT rates over a 3-month rolling window are flagged — not just individual impressions with anomalies.

Compliance & Privacy Risk

Apps missing privacy policies, COPPA-risk apps transmitting data without verifiable parental consent, and apps with unverifiable developer identities are identified at the app level.

Granular, Multi-Code Flagging

An app can carry multiple risk codes simultaneously. Buyers can build selective blocking logic — for example, blocking High SIVT while permitting apps flagged only for abandonment.

App-level risk and impression-level IVT are reported independently. Being on the High Risk Apps list does not automatically classify impressions as IVT — buyers retain separate controls for each.

9 Risk Reason Codes

Every app on the blocklist is flagged based on defined thresholds. Apps can be tagged with one or more codes — all applicable codes are visible.

highGivt

High GIVT

Apps with General Invalid Traffic rates exceeding defined thresholds over a 3-month rolling window.

Threshold: >5% over 3 months
highSivt

High SIVT

Apps with Sophisticated Invalid Traffic rates exceeding defined thresholds over a 3-month rolling window.

Threshold: >15% over 3 months
missingPrivacyPolicy

Missing Privacy Policy

Apps missing mandatory privacy policies required by global privacy laws and app store guidelines.

abandonedApp

Abandoned App

Apps not updated by developers for 3+ years; may be unmaintained, insecure, or non-compliant with current app store requirements.

Threshold: No update in 3+ years
noAdsTxt

Missing app-ads.txt

Apps generating ad impressions without a valid app-ads.txt file, indicating potentially unauthorized inventory.

developerAnonymity

Developer Anonymity

Apps where the developer has missing or unverifiable contact information.

vpcBypass

VPC Bypass Risk

Likely child-directed apps transmitting IP or location data without Verifiable Parental Consent, risking COPPA non-compliance exposure.

delistedApp

Delisted App

Apps removed from app stores that continue to generate ad traffic.

mfaApp

Made for Advertising

Apps designed primarily to generate ad impressions rather than deliver genuine user value, including apps exhibiting ad stacking and manipulative ad placement tactics.

Use Cases
SSPs & Exchanges

Remove High-IVT Apps

Remove apps where IVT is material, persistent, and inseparable from legitimate traffic based on rolling 3-month signals.

Selective Blocking by Risk Code

Use risk reason codes to apply targeted blocking based on risk tolerance and publisher relationships — without over-blocking.

Preserve Measurement Accuracy

Surface app-level risk independently from impression-level IVT reporting so measurement integrity is not compromised.

DSPs & Agencies

Pre-Bid Filtering

Automatically exclude flagged App IDs from campaign targeting before a bid is placed.

Compliance & Regulatory Risk

Block apps flagged for Missing Privacy Policy, VPC Bypass Risk, or Delisted status to reduce exposure to privacy regulations.

Brand Safety

Prevent ad spend from reaching MFA apps, abandoned apps, and developers with unverifiable identities.

Data Schema

The High Risk Apps daily feed is delivered as a CSV with the following columns.

Column Name Type Description
appId STRING The identifier for the mobile app (e.g., "310633997" for iOS or "com.whatsapp" for Android).
bundleId STRING The bundle ID associated with the app, if available.
osName STRING Operating system of the app (iOS or Android).
riskType STRING Comma-separated list of all applicable risk reason codes (e.g., highSivt,abandonedApp,missingPrivacyPolicy).
appStoreUrl STRING URL to the app's app store listing.
appStoreName STRING Name of the app store (Google Play or Apple App Store).
Availability

High Risk Apps data is accessible as a daily CSV feed through multiple channels via Pixalate's Pre-Bid Blocking Data Feeds.

FTP Data Feeds

Daily CSV blocklists delivered via FTP

API Access

Programmatic access via Pixalate APIs

S3 Bucket

Direct delivery to your AWS S3 bucket

AWS RTB Fabric

Module for high-risk app pre-bid filtering

Schedule a Demo

Interested in learning more about Pixalate’s ad fraud prevention solutions? Let’s connect. Share your challenges, and our team will be in touch shortly. Thank you for reaching out.
pixalate-logo-red-small
By entering your email address and clicking Subscribe, you are agreeing to our Terms of Use and Privacy Policy

Products

Analytics Blocking Media Rating Terminal Publisher Trust Indexes Seller Trust Indexes IoT Device Rankings

Resources

Blog Press Careers Team

Contact

Email
sales@pixalate.com
privacy@pixalate.com
US:
+1 888 749 2528
EU:
+44 (0)800 011 2050
Slack:
Join ATSAPI Slack Channel

Offices

Global Offices
US
1775 Greensboro Station Place, Suite 425, McLean, VA 22102
UK
20 North Audley Street
London, W1K 6WE, United Kingdom
EU
10 Earlsfort Terrace
Dublin 2, D02 T380, Ireland
Singapore
10 Anson Road, #22-02 International Plaza, Singapore 079903
Terms of Use Privacy Policy GDPR Compliance Disclaimer
Copyright © 2025 Pixalate