Login is restricted to DCN Publisher Members. If you are a DCN Member and don't have an account, register here.

Digital Content Next


InContext / An inside look at the business of digital content

Is your website at risk for ad fraud?

September 10, 2019 | By Steve Guenther, Vice President, Digital Auditing—Alliance for Audited Media @SteveGuenther13

The amount of money marketers waste on digital ad fraud is enormous, with one estimate reaching as high as $42 billion worldwide this year. But advertisers aren’t the only ones losing. Publishers also lose when ad fraud diverts revenue from quality websites to fraudulent ones.

Legitimate publishers might think they are protected, but even quality sites can fall victim to ad fraud. Here are four questions that will help you evaluate your risk:

1. Do you purchase traffic?

Many publishers use third-party sources to drive traffic to their sites. Not all traffic sourcing is harmful. Marketing practices such as email campaigns, sponsored social media posts and search engine marketing are legitimate ways to bring quality audiences to your website. However, the risk of introducing invalid traffic increases when publishers purchase traffic. Traffic sellers may guarantee a certain number of human visitors at a low price. That said, bot traffic can be engineered to look human enough to pass through fraud detection software.

While bots may increase your numbers, they don’t make purchases or offer any real value to advertisers. If advertisers aren’t getting any conversions from their ad placements and campaign ROI isn’t meeting expectations, they’ll invest elsewhere. The best way to keep bots off your site and deliver real audiences to advertisers is to engage in legitimate marketing practices and avoid purchasing traffic.

2. Have you implemented industry solutions?

As ad fraud becomes more widespread, industry organizations are creating solutions to address areas where publishers may be vulnerable. One example is domain spoofing. Fraudsters create fake sites to look like real ones and divert ad revenue intended for real publishers. In response to this tactic, IAB developed ads.txt and app-ads.txt to help demand-side platforms detect unauthorized digital sellers in programmatic buys. In these files, publishers list all authorized sellers of their inventory and upload these lists to their websites. DSPs then crawl these files to make sure that they are buying from legitimate SSPs.  

The industry is taking the next step to improve security in programmatic buying and selling with signed bid requests, which is part of the IAB’s OpenRTB 3.0 Framework and complements the ads.txt protocol. This allows a buyer to validate that a bid request is from the intended publisher and that key elements have not been altered.

Another recent development is sellers.json and OpenRTB SupplyChain object. With sellers.json, SSPs and exchanges list all authorized sellers and resellers within the supply chain along with seller IDs. Buyers check both ads.txt and sellers.json files to make sure the IDs match. If they do, then they know that those entities are authorized to sell the inventory. The SupplyChain object allows buyers to see all vendors participating in a bid request. Since multiple resellers are often involved in the sale of one impression, these tools help buyers keep track of all of them including the final seller, whereas ads.txt only lists direct authorized vendors of a publisher’s inventory. These initiatives work in tandem with ads.txt, which is why it’s important for publishers to keep their ads.txt files up-to-date and accurate.

3. Do you have third-party oversight?

Using ad fraud detection software is an important step for publishers to detect and measure invalid traffic on their sites. But since different vendors use different methodologies, relying only on one solution can allow some fraudulent activity to slip through the cracks.

While technology is vital to employ in the fight against ad fraud, human oversight is just as essential. An independent, third-party website audit identifies areas of risk that technology alone might not detect. An audit takes a deep dive into all aspects of website monetization including the processes, procedures and controls that the publisher has in place to reduce the risk of fraud. If an anomaly or suspicious traffic source is identified, the auditor brings these concerns to the publisher’s attention with suggestions for improvement. Third-party audits provide an extra layer of protection against fraud and help publishers stand out to advertisers by demonstrating that they provide transparency and maintain a high-quality advertising platform.

4. Are you taking a holistic approach?

While there are many tools available to minimize ad fraud, one solution alone cannot solve the entire problem. It’s important for publishers to take a multi-layered approach to widen their net. Make sure the vendors you partner with are accredited and adopt industry initiatives like those mentioned above.

Most importantly, establish good business practices for sourcing traffic and traffic monitoring. Communicating these best practices to your staff will help them understand their responsibility to combat fraud. Lastly, partner with a reputable auditor to add an extra layer of protection and demonstrate your commitment to transparency. By incorporating a variety of tools into your fraud arsenal, you’ll have a greater chance of preventing fraud while developing a reputation for being a safe place for advertisers.

Want to learn more about how fraud occurs on legitimate websites? Download our white paper Three Truths That Help Confront the Digital Ad Fraud Crisis.

Liked this article?

Subscribe to the InContext newsletter to get insights like this delivered to your inbox every week.