Ad fraud remains one of the most intractable challenges for digital publishers and advertisers, with one forecast suggesting that the cost of advertising fraud worldwide will increase from $19 billion in 2018 to $44 billion in 2022. Ad fraud affects both the web and apps ecosystems. Figures from 2018 suggest that about 28% of website traffic likely comes from bots and other “non-human signals”, and it has been estimated that 21.3% of iOS and 26.9% of Android app installs are fraudulent. Working out how to prevent ad fraud is therefore a top priority for the digital advertising ecosystem.
Types of ad fraud
There are a variety of types of ad fraud including:
- Click fraud: when a pay-per-click online advert is deliberately clicked on by a bot to inflate a company’s advertising bill.
- Domain spoofing: where a fraudster impersonates a company’s domain to sell low quality inventory as high quality. Rather than going to a premium site, a brand’s advertisement is posted on a low-quality website set up by the fraudster.
- Pixel stuffing: where fraudsters embed a normal-looking ad with a fraudulent pixel “stuffed” with multiple ads, meaning that users view multiple ads when the page loads.
- Ad stacking: similar to pixel stuffing, but with multiple ads stacked one on top of the other.
- Cookie stuffing: where a website drops third party cookies onto a visitor’s web browser, causing merchants with affiliate programmes to misattribute traffic to the fraudster.
The role of programmatic
Programmatic advertising has been a boon for fraudsters. Increasingly used to bring greater targeting, speed, and scale to advertising by automating the selling and buying of ad inventory, programmatic has also enabled ad fraud to be automated and committed on an industrial scale. With so many ads being served to so many websites and apps, it has become relatively simple for fraudsters to spoof legitimate publishers to steal advertising dollars.
For instance, mobile apps can be set up to mimic the behaviour of real app users, sending “clicks” to publishers without the user being aware (they need only to have downloaded the app). From the publisher’s point of view these impressions and clicks were real, when in fact they are only running in the background of the app.
The automation of advertising provides a convenient cloak behind which fraudsters can hide. Even now, it is relatively simple to defraud brands through programmatic advertising. Last year a journalist from CNBC set up a fake domain and filled it with plagiarised articles from her own work to test how easy ad fraud is to commit. She was accepted by several ad exchanges and given code to enable ads on her site. Soon after, she could see advertisements from major brands appear on her site.
The impact of ad fraud on brands is clear: they are not getting the advertising reach they think they are getting (i.e., they are often service bots rather than people) and are losing significant amounts of money as a result. For legitimate publishers, ad fraud erodes trust in the programmatic model, which ultimately could reduce profits as advertisers look to more secure methods to reach consumers.
How to stop ad fraud
Understandably, marketers are investing in tools to detect and combat ad fraud including verification filters, publisher blacklists, Domain Name System monitoring and others. However, often these tools fail to stop ad fraud occuring, as is evidenced bythe fact that fraud losses continue to shoot upwards. So, is it possible to prevent ad fraud, or is it something the industry will just have to live with?
While no one solution will end all types of fraud, it’s clear that one big element will be to stop the click fraud and the use of bots to mimic people. The answer to this challenge may lie in a new type of approach to programmatic advertising that blends first party data and customer intelligence from telco operators to create and activate audiences efficiently and at scale.
In this approach, publishers send pseudonymised identifiers (such as Novatiq’s Zenith ID) that represent visitors to their sites to telco operators to verify. The telcos check their network information to verify that the publisher ID corresponds to a known subscriber – in effect enabling a visitor to a website or an app to be confirmed as a living and breathing human being. Brands/advertisers can then use a second, dynamic transaction ID (such as Novatiq’s Hyper ID), verified as a human in exactly the same way, to audience match their targets with first party data from telcos and publishers.
Through the approach the various links of the programmatic chain, including agencies, brands, DSPs and SSPs can be confident that the audiences they are reaching are attributable (i.e., they are real people) and privacy safe. The use of telco-verified IDs in this way enables marketers to protect against ad fraud by leveraging data intelligence that is 100% verified at source and only reaches real audiences.
The days of the bot could well be numbered and that is very good news indeed in the ongoing battle against ad fraud.