Proof: Framing The Viewable Impression

IAB“Data Driven Thinking” is written by members of the media community and containing fresh ideas on the digital revolution in media.

Today’s column is written by Steve Sullivan, VP, Digital Supply Chain Solutions, IAB.

In the 1991 Australian film Proof, Hugo Weaving plays a blind photographer named Martin, who must rely on his other senses to determine how the world around him appears. In the film, he hires a trusted third party, Andy (played by Russell Crowe), to describe for him the contents of his own photographs so he can have “proof” that what he experienced was actually there.

Marketers seeking to allocate more of their budget to digital advertising are a lot like Martin. They have limited senses that can verify the value of the goods for which they pay. This is less of a problem when the goods are premium and the partnerships are stable and highly trusted. However, the increased use of networks and exchanges has intensified advertisers’ need for their own proofs.

They need Russell Crowe’s Andy.

In order to provide the industry with its own “Andy,” the IAB is assembling an influential working group consisting of member companies with an interest in the ability to safely enable communication between an ad and the page. The goal of this group is to develop and present a set of standard protocols that any agency ad server could implement to address the proofs of viewability advertisers desire, in a manner that protects the contents of the page.

To know the viewable state of an ad, special functionality (served into the browser with the ad) examines the page and determines when the ad becomes viewable to a consumer. This is possible only when that functionality has programmatic access to the contents of the page on which it is rendered (referred to as the Document Object Model or DOM). However, many ads, especially those from blind networks and exchanges, are served into a sealed container called a cross-domain iFrame (in-line Frame). Under these circumstances, the special “viewable” functionality is not able to accurately report to the advertiser if their ad was viewable by a consumer.

It is as if Andy can see the content of some photos, but not others.

The simplest solution to this problem is to remove the barrier represented by the iFrame. This is actually a risky proposition, because, in addition to being a handy container for ads, the iFrame is also responsible for securing a trust boundary. A trust boundary is like the walls of your house. Some people, family members and very close friends or partners, have unrestricted access to your house because they are trusted. However, no matter how much you love pizza, you are never going to give the delivery guy a key to your front door.

Similar to your home, the iFrame can be opened to allow trusted parties access to what is on the other side without opening it indiscriminately to just anyone. A better solution is for the industry to develop a standardized safe iFrame. Safe iFrames use an Application Programming Interface (API) to enable secure communication across the trust boundary of a cross-domain iFrame. What makes this communication secure is the simple fact that it is limited. The API exposes a specific set of properties or functions the ad can use to determine its viewable state without providing unfettered access to the page content.

In order to achieve broad industry adoption, the safe iFrame API must be implemented by trusted third parties who have already a relationship with the site on which ads are served. This would be any outfit playing the role of agency ad server (sometimes referred to as Third Party Ad Server). Despite the name, these organizations act as neutral agents when it comes to the implementation of the safe iFrame API. Their role is to maintain a secure pathway (the API) through which the ad can gather only the information needed by the advertiser to determine viewability.

Broad industry adoption of safe iFrames is an important step for the interactive media landscape and one we plan on exploring even further at the upcoming IAB Ad Operations Summit on November 7 in New York City.

Safe iFrames are the online advertising industry’s Russell Crowe. With a trusted partner, like Russell’s Andy, safely describing the state of the world around their ads, advertisers will have the chance to see new metrics, obtain new insights and more accurately measure an ad campaign’s success. Without safe iFrames, advertisers will be left blind, most often guessing whether their ad was actually viewed by the consumer.

Follow Steve Sullivan (@stevesullivan32), IAB (@iab) and (@adexchanger) on Twitter.

Enjoying this content?

Sign up to be an AdExchanger Member today and get unlimited access to articles like this, plus proprietary data and research, conference discounts, on-demand access to event content, and more!

Join Today!


  1. Steve,

    I love the analogies here, entertaining read. But I have to take issue with your blithe assertion that 3rd party ad servers can or will act as neutral agents. Google will act on Google’s behalf, as will AOL, MSFT et al. I also disagree strongly that “Safe iFrames” are anything near the panacea you claim; when API limits access to DOM/page content/referring URL, the same bad actors, mistakes, and content gotchas that have plagued display for years just get a new lease on life. Validation of the impression is what matters, far beyond simple viewability. Validation takes into account fraud, geo, brand safety, UGC et al, eventually resulting in a “validated GRP” (or vGRP) metric that can be used across media. And it should go without saying, the only true disinterested 3rd parties who can provide validation are those who do not have a stake in the buying and selling of media.


    • Steve Sullivan

      Kirby, thanks for reading and commenting. We may not be as far apart on this as it seems.
      Blithe, maybe, but it is important to note that I was not referring to just the big “3rd party” or agency ad servers. The landscape is constantly changing to accommodate the migration of the consumer across all kinds of devices and media. A solution of this sort would be used heavily by rich media vendors of all size as well as large ad servers.
      I agree that companies will do what is in their best interest, but when they adopt a standard developed by an industry trade association with members from across the advertising ecosystem, they are making a statement that growth of the whole industry is in their best interest.
      Lastly I would point out that the safe iFrame is a mechanism that will use an industry agreed upon protocol. The protocol, done properly, would allow for all communications required to safely perform tests of viewability as well as verification and certainly fraud detection. These of course are in addition to the functionality that would allow standard rich media activity such as expansion, contraction etc.
      None of what I the safe iFrame will enable has anything to do with who makes use of that functionality.

  2. I’m glad to see more industry attention being paid here. This problem is exactly why ad engagement is such a valuable metric for marketers. At mediaFORGE, we have engagement built into our dynamic ad platform which gives marketers confidence that their ad was viewed by the consumer. Once there’s an industry shift away from view-based models and moves toward engagement-based, we’ll be much better off.

  3. Cross domain iframes make visibility measurement more difficult, but not impossible.
    Alenty has invested years or R&D to find other ways to measure the actual visibility from iFrames.
    I don’t think that an API would be a real solution for the market, because ad-buyers would depend on publishers’ efforts to comply with these APIs, and there is no reason why they would make these efforts. Remember that they use iframes to protect themselves.
    IFrames are usefull to protect the publisher’s identity in blind networks, and to protect the content from banner scripts that could either mess up the layout or worse. So, publishers will continue to use them.
    But iFrames don’t prevent buyers to know that their ads have been seen.

    • Steve Sullivan

      Thanks for the comment. I would like to point out that the value of a rich media placement to a publisher is very high compared to that of a standard banner. Their motivation to embrace safe iFrames would be the opportunity for higher CPMs on what is now remnant inventory.