Jonas Jaanimagi is IAB Australia's technology lead
Another story recently broke regarding ad fraud. It’s not really a surprise as anonymously creating fake URLs and offering browser data for sale is always going to be a lot less risky than robbing banks and waving guns around in public. However, it is no less criminal.
The seriousness of this crime was proven about 18-months ago when the efforts of the global ad-tech industry and the FBI took down the 3ve and Methbot schemes, an endeavour which required extensive specialist technical efforts combined with a spot of literally kicking down doors.
In among the headlines it’s important for both buyers and sellers to understand that the essential and most effective weapon in the fight against ad fraud is vigilance.
We’re all in this together and must be prepared commit to cutting through the noise, understanding the basic requirements and being persistently vigilant in protecting ourselves and our industry partners from ad fraud.
Funding crime, even unknowingly, can never be acceptable and enforcing transparency around where marketers spend is invested remains a core responsibility of the IAB, the industry overall and those ad-tech vendors servicing the industry.
We offer some very simple advice and basic operational disciplines guidelines in terms of ongoing hygiene which will enable best practices for avoiding schemes such as 404bot and other forms of domain spoofing.
• Publishers, of all shapes and sizes, must implement ads.txt and/or app-ads.txt files on their domains. The solution is simple and important for two reasons. Firstly, it protects the domain from spoofing schemes such as 404bot, guaranteeing to buyers that they are only buying from verified domains whilst providing clarity in terms of who is authorised to sell that inventory. Secondly, the ads.txt file acts as a building block upon which the IAB Tech Lab can build further transparency standards such as sellers.json by enabling advertising technology platforms to provide greater transparency across all the transactions within any programmatic buys.
• Ensure that someone competent is responsible for maintaining the ads.txt and/or app-ads.txt files. Yes, the files are fiddly and that’s why you must ensure that someone competent, with an understanding of its importance and high attention to detail is responsible for maintaining the files. This is usually a core responsibility of ad-ops teams and for smaller sites you may need to entrust this to your webmaster or even be prepared to take the time to learn how to manage this yourself (if you’re running a blog).
The files need to be read by robots, so must be properly maintained in terms of structure or you’ll lose revenues - and whoever you include on the list is automatically authorised to sell you in-market, so manage these files very carefully.
Don’t entrust the management of this to your bored part-time intern - and if someone from email@example.com gets in touch insisting that you include them on the file because they can provide global high-yielding quality demand, ignore them. Having tools within ad-servers or WordPress will help automate some of the related processes, which is always useful - but ultimately, you’ll need to ensure a competent human with the technical and commercial awareness of why the details and structure matter is directly involved.
• Ensure that the ads.txt files are regularly reviewed and updated, as a matter of course. Having someone competent, regularly reviewing and updating your files must become a standard regular practice. These files are not a ‘set and forget’ solution and disciplined processes must be adhered to in order to properly maintain them. The same goes for reviewing what the best practices are in terms of any related industry standards and any reports or insights that can be gained from specialist technology vendors in the space. A committed disciplined procedure ensures that we’re taking the fight against fraud seriously - and can collectively ensure minimum levels of hygiene as an industry so as not to make it so easy for the criminals to risk confidence in brands spending online and syphoning money away from publishers who need and deserve every cent they can get.
• Utilise and insist upon ads.txt and ap-ads.txt as a standard. An industry standard is only as good as the level of adoption and consistency of usage, so it’s critical for buyers to play their part and understand the importance of such standards and persistently insist upon their utilisation.
• Ultimately marketers have to be responsible for where they spend their money. The only way to guarantee high levels of safety is through total diligence in terms of the adoption of the latest industry standards and being prepared to invest in working with competent technology and experts whilst collaboratively engaging key publishers. The volumes of fraudulent inventory available today remains enormous and is growing exponentially. The sophistication is extreme and technically it’s a never-ending arms race which requires persistent commitment and vigilance.
• Without the right investment in knowledge and technology you will never know the difference between good and bad inventory - and criminals will profit. If access to inventory simply sounds too good to be true and looks even cheaper, then it probably is too good to be true… and without the appropriate tools, people and processes you will never know the difference. I honestly can’t think of anything less brand safe than exposure to unverified environments and marketing budgets directly funding crime.
• Manage your appetite for risk and be prepared to invest accordingly. It doesn’t really matter how much fake inventory is available for sale online as long as you can be confident that the percentage of fakes that you end up paying for is at a level that you and your brand can accept. If you feel that your marketing spend should be 100% fraud free, then you must invest accordingly. Or else you’ll have to manage your appetite for risk.
As an industry we’ll continue to fight the good fight with technical standards and guidance such as the Australian Digital Advertising Practices which were developed alongside the AANA and MFA, but without everyone being prepared to take this issue seriously it will only continue to grow. So please remember – our watch word and most effective weapon in the war against ad fraud is vigilance.
If you’d like to get into more detail, IAB Tech Lab is an excellent resource and for more information on ads.txt and app-ads.txt from IAB Australia please visit HERE