Connected TV may be the media industry’s shiniest new toy, but it’s not squeaky clean. And CTV is certainly not immune to ad fraud.
Because there is such limited streaming TV inventory and the supply is harder to break into than mobile and desktop media – fraudsters can slip malicious mobile apps onto phones more easily than they can get CTV apps into Roku accounts – media buyers assume CTV is a relatively fraud-free environment.
But that assumption just isn’t true, said Oleg Korenfeld, chief technology officer of the agency CMI Media Group, at IAB Tech Lab’s Transcend summit this week. The sky-high CPMs in streaming media are also an attractive target for fraudsters.
Not only is CTV ad fraud a risk – it’s exploding. Ad fraud schemes spiked 70% year-over-year from 2020 to 2021, according to DoubleVerify, and cost advertisers an estimated $140 million – and an “unprecedented amount” of those schemes were caught in streaming video.
Part of the problem with CTV ad fraud is that publishers don’t have sufficient technological guardrails in place to detect and weed out illegitimate traffic (i.e., bots), similar to how publishers need better tools to fight ad fraud. On the other side of the supply chain, advertisers aren’t getting the transparency into impressions they’re actually buying.
Advertisers are left to outsource the task to third-party ad fraud and verification tech partners to reduce the risk of finding themselves buying fraudulent supply and thus paying criminals. But even then there’s no guarantee. All too often, buyers don’t even know they’ve lost ad dollars to a fraud scheme until it’s too late – if they ever find out at all, Korenfeld said.
Luckily, the industry could learn a thing or two from the last wide-scale user device transition: the desktop-to-mobile migration.
“The ‘year of mobile’ was [actually] about a decade,” Korenfeld said. Now, it seems every year will be heralded as the year of CTV for the foreseeable future.
When it comes to fraud, he said, “we can take what we learned from the transition from desktop to mobile and apply that to the [shift from] mobile to CTV.”
New channel, same ol’ problem.
But detecting CTV ad fraud requires a more sophisticated approach than mobile and desktop, since fraudsters step up their game to infiltrate CTV and there are no cookies or Ads.txt specs to identify bad actors.
“We should look at the problems of the past, but not adopt exactly the [same] solutions we used for desktop and mobile,” said Kristine Lopez, senior product manager at cybersecurity company HUMAN, referring to the IAB Tech Lab spec Ads.txt launched in 2017 to help detect ad fraud. “App-ads.txt helped solve some of the low-hanging fruit in mobile app fraud, but [now] that it’s been shoehorned into CTV, it misses some of the more complex monetization relationships inherent to CTV.”
For one, there are technical differences between mobile and CTV ad serving. CTV relies more heavily on server-side ad insertion (SSAI) technology to stitch video ads into content. Also, TV screens are inherently less interactive than other devices, and the lack of engagement signals severely limits viewability, including whether or not a detected “viewer” is a real person or a bot.
With fewer data signals and little transparency into the media, advertisers struggle to disentangle fraud from legit CTV impressions.
“The light isn’t very bright” right now because of signal loss, Lopez said. “But if we can make that light brighter [somehow], we can really shine a spotlight on where fraud is coming from and help stop it faster.”
Publishers are the vanguard
The industry’s best shot at fighting fraud is to increase transparency as much as possible across the bid stream.
A wider adoption of Sellers.json “can make open programmatic a safer environment,” said Rocky Moss, CEO and co-founder of the automation tech company DeepSee, referring to the IAB Tech Lab spec released in 2019.
Sellers.json is intended to help detect fraud, similar to Ads.txt, but works on behalf of the buy side by delineating the programmatic and direct supply-side partners in a campaign.
“Ad spoofing is not gone. Make sure you have Sellers.json in every bid request,” Moss advised publishers. “A lot of players are using private marketplaces (PMPs) as a band-aid, but it’s not enough.”
And when it comes to CTV, “SSAI partners need to be taking an active role in this situation,” Moss said. While fraud involves the entire supply chain, publishers are the last line of defense before an ad is served, and they have an obligation to sell legitimate impressions.
Otherwise, traffic validation often comes in the form of user prompts, like when Netflix or another streaming service asks you periodically whether you’re still watching.
It may be annoying and even embarrassing, but it is up to publishers to validate traffic. “I think we can be doing more,” Moss said.
Besides, there are attractive carrots to incentivize publishers to get started on the hard, annoying work of fraud protection, Lopez said. “Buyers with suitcases filled with money are demanding it.”