LOYAL banner

Eliminating Online Ad Fraud: There’s a New Sheriff in Town

October 4, 2016

// By Jane Weber Brubaker //

If you have money to burn on digital advertising, then pay no attention to this article. But if you’re like most health systems, you’re scrambling to prove that the ad dollars you’ve been allotted are netting great results that warrant bigger budgets. So what happens if a big chunk of your online ads is never even seen by human beings?

TAG-logoAd fraud is a growing problem that a newly formed industry advocacy group, TAG (Trustworthy Accountability Group), wants to make go away—for good. TAG is a cross-industry collaborative founded in 2015 by three of the ad industry’s largest trade associations: ANA (Association of National Advertisers), IAB (Interactive Advertising Bureau), and the 4A’s (American Association of Advertising Agencies).

“TAG was formed to tackle some of the endemic challenges facing the digital advertising supply chain, and in particular to fight the criminals who are trying to extract money from the supply chain through fraud, malware, and piracy,” says Andrew Weinstein, TAG Spokesperson.

What’s at Stake

Advertisers have the most at stake, but the entire digital advertising ecosystem is at risk if advertisers lose faith. The projected financial impact is staggering:

  • ANA estimates that advertisers will lose $7.2 billion globally to bots in 2016.
  • Ernst & Young and the IAB estimate that ad fraud accounts for $4.6 billion in losses in the U.S. alone.

How They Do It

Cyber criminals have devised multiple ways to exploit vulnerabilities in the system, including:

  • Impression (CPM) Ad Fraud
    • Hidden ad impressions
    • Fake sites
    • Video ad fraud
    • Paid traffic fraud
    • Ad re-targeting fraud
  • Search (CPC) Ad Fraud
  • Affiliate (CPA) Ad Fraud (Cookie Stuffing)
  • Lead (CPL) Ad Fraud (Conversion Fraud)
  • Ad Injection and AdWare Fraud
  • Domain Spoofing or Laundered Ad Impression Fraud
  • CMS Fraud
  • Re-Targeting Fraud
  • Traffic Fraud or Audience Extension Fraud

Source: FIPP

“What we’re talking about is a client’s ad being served to an actual human being that’s clicking on it, not a server somewhere that’s just registering fake clicks of fake video views,” says Boz Boschen, Director of Digital at ndp, an advertising agency in Richmond, Virginia, and a member of TAG’s antifraud work group.

Prime Targets

Boz Boschen, Director of Digital at ndp

Boz Boschen, Director of Digital at ndp

In the quest to maximize their fraudulent activities, cyber criminals target high CPM (cost per thousand) media buys. “You are going to steal a Ferrari, not a Camry, given the chance,” says Boschen.

Programmatic ad buying, which uses software, not people to buy advertising, has been an attractive target for criminals. Its efficiency makes it attractive to media buyers, but there’s a potential downside. “I think to some degree there’s an inherent trust in digital and black-box programmatic buying,” says Boschen. “That’s a little bit scary.”

The supply chain that delivers advertising has become complex, with multiple intermediaries. At each juncture, nefarious actors have the opportunity to exploit vulnerabilities. “Think of it as if you are going to the grocery store. How many hands did your lettuce go through to get to the produce shelf?” says Boschen. “Same thing when an ad is served. What was the process from the publisher? How many exchanges did it go through?”

Industry Collaborates to Eliminate Vulnerabilities

The goal of TAG and its member companies is to eliminate vulnerabilities by joining forces to clean up the entire supply chain, with full participation from all stakeholders.

“The central pillars of TAG’s efforts are antifraud work, anti-piracy, anti-malware, and transparency programs,” says Weinstein. “All four are tied together because the same people who put malware on people’s computers often use that malware to drive fraudulent advertising impressions, and when you visit a pirate site, you will not only have fraudulent advertising running on that site, you will often have malware from that site downloaded on your computer.”

“Certified Against Fraud” Seal

Certified Against FraudTAG’s first major initiative is its TAG “Certified Against Fraud” program, launched in May. To obtain a TAG “Certified Against Fraud” seal, companies must comply with a set of guidelines related to their specific roles in the digital advertising supply chain:

  • Direct buyers such as advertisers and authorized advertiser agents (AAAs) must complete the TAG Registration process, have a designated TAG compliance officer, and comply with the Media Rating Council’s Invalid Traffic (IVT) Detection and Filtration Guidelines.
  • Direct sellers such as publishers and authorized publisher agents (APAs) must comply with all of the steps required of buyers, as well as domain list filtering, data center IP list filtering, and publisher sourcing disclosure requirements.
  • Intermediaries such as ad networks and other indirect buyers and sellers must comply with all of the steps required of buyers, as well as domain list filtering, data center IP list filtering, and TAG’s Payment ID protocol.

ndp is working to gain “Certified Against Fraud” status. “We as an agency have a unique payment number. When we put a buy in place, it validates that these dollars are for this client coming from this agency,” says Boschen. “The publishers that work with TAG have their own supply-side number that matches ad inventories for reconciliation. We see a direct correlation on both sides.”

Building a Network of Trust

Registration is the first step in the process, and so far 100 companies have registered for the program. These companies were vetted by Dun & Bradstreet to confirm their legitimacy. To attain full “Certified Against Fraud” status, members must prove they have the proper protocols in place, and participate in the larger community. “You would potentially use blacklists that are contributed to by the industry. TAG maintains them and shares them to help block fraudulent data centers as well as websites that are major sources of fraud,” says Weinstein. Google shared one of its blacklists as the seed list for TAG to use and build off in preventing fraudulent data center traffic; other companies have also contributed.

Shared Accountability

Accountability for combatting fraud is an industry-wide concern, but advertising executives view ad agencies as having a key role in maintaining safeguards, according to an ANA and WhiteOps study.

combatting-ad-fraud

Advertisers Should Demand Transparency

Advertisers that retain agencies for their online media buys would be well advised to seek partners who have committed to keeping the supply chain free of fraud. “If you are not equipped internally to understand the supply chain, then you need to at least request transparency from your agency partners,” says Boschen. “If you are not prepared to take all of this work on yourself, make sure that you work with a partner that is TAG certified.”

As TAG gains traction, the move to create and maintain a clean supply chain will put pressure on publishers as well. “Publishers will start to see their budgets shifting,” says Boschen. “If there are certified partners and non-certified, and more budgets are going to the whitelisted clean marketplace, I think that will put some pressure on the others to figure out their own solutions and join that cleaner marketplace.”

TAG membership is open to all stakeholders in the industry, including advertisers, publishers, technology companies, and advertising agencies.

Jane Weber Brubaker is Editor of eHealthcare Strategy & Trends.

Related Articles

The Worm That Turned Hostage Taker: Protect Your Data to Protect Your Healthcare Brand

Open Source or Proprietary? 5 Key Issues to Consider

Can You Crack the Google Code?