Home Online Advertising Will Ads.cert Be The IAB’s Next Big Inventory Clean-Up Play?

Will Ads.cert Be The IAB’s Next Big Inventory Clean-Up Play?


Both the adoption of Ads.txt and commercialization of blockchain solutions have the IAB optimistic about the prospects for Ads.cert, a follow-up to Ads.txt that uses cryptographic security measures to authenticate inventory.

While Ads.txt helps authorize inventory sources, it doesn’t solve the authentication problem, said Neal Richter, CTO of Rakuten Marketing and co-chair of the IAB’s openRTB working group.

There’s a subtle but important difference between authorization and authentication. Authorization grants permission to enter a designated area, but if an entity isn’t properly authenticated, it might gain entrance when it shouldn’t.

Ads.txt is a good tool to authorize inventory and avoid domain spoofing, but its loopholes have already been exploited by ad tech and media companies.

Some tech vendors have pressed publishers to add them to Ads.txt files to continue reselling inventory. And ad fraud researcher Augustine Fou said he’s seen networks of scam publishers add their own Ads.txt files or duplicate the Ads.txt page of reputable players to continue selling garbage inventory on lax DSPs.

“Just because there’s an Ads.txt file doesn’t mean it’s valid as intended or that it’s actually enforced,” Fou said.

Ads.cert would address this problem by creating a “signature process” that would certify whether a unit of inventory came from a verified publisher, Richter said.

The openRTB stream can’t currently guarantee the validity of inventory as its passed from server to server because, according to Richter, there’s “no way to sign inventory so that it can’t be changed.”

With Ads.cert, publishers could include an encrypted signature on inventory that would match to a public key used by buyers to confirm the inventory source.

“The roots are similar to blockchain,” Richter said, but instead of using a distributed ledger – which guarantees security on a blockchain – the IAB’s solution poaches only the idea of public and private encrypted keys to transmit bids along the supply chain.

“I’m skeptical of some of the claimed usages of blockchain in real-time advertising,” Richter said. “But the question is, would it be useful in other ways to validate content?”


AdExchanger Daily

Get our editors’ roundup delivered to your inbox every weekday.

Richter compared Ads.cert to the successful effort to stamp out email fraud in 2004 when signature confirmations were instituted between email servers. Before that protocol change, known as domain keys identified mail, fraudsters could disguise the source of emails.

“If you operate a spam server and now have to sign the headers, bad guys won’t do that because it tracks back to them,” Fou said.

There’s still a good deal of time and effort before Ads.cert is a viable product, however. Later this month, Ads.cert will enter its second phase of public comment and review, and next year the group hopefully will begin coding and validating the technology, Richter said.

“Many of us in ad tech have spent years building systems to look for bad activity, and it’s a game of whack-a-mole where you solve a problem and create a problem,” he said. “After a few cycles of that, you have to try and engineer a better solution.”

Must Read

Scott’s Miracle-Gro Is Seeing Green With Retail Media

It’s lawn season – and you know what that means. Scott’s Miracle-Gro commercials, of course. Except this time, spots for Scott’s will be brought to you by The Home Depot’s retail media network.

Walled Garden Platforms Are Drowning Marketers In Self-Attributed Sales

Sales are way up; ROAS is through the roof across search, social and ecommerce. At least, that’s what the ad platforms say.

Comic: Working Hard or Hardly Working?

Shadier Than Forbes? Premium Publishers Are Partnering With Content Farms To Make A Quick Programmatic Buck

The practice involves monetizing resold subdomains jammed with recycled MFA articles produced by notorious content farms.

Privacy! Commerce! Connected TV! Read all about it. Subscribe to AdExchanger Newsletters

Adalytics Claims Colossus SSP Is Misdeclaring IDs In Its Bid Requests

Colossus SSP, a DEI-focused supply-side platform owned by Direct Digital Holdings (DDH), is the subject of Adalytics’ latest report released Friday. It’s a doozy.

The Trade Desk Reframes Its Open Internet Vision As ‘The Premium Internet’

The Trade Desk is focusing beyond the overall “open internet” and on what CEO Jeff Green calls the “premium internet.”

Comic: Welcome Aboard

Google Search’s Core Updates Are Crushing Sites And Reshaping The Web

Google Search, the web’s largest traffic and revenue generator for two decades, is in the midst of sweeping overhauls that have already altered how users are funneled around the internet.