Double Verification Optimal for Ad Fraud Detection: Q&A with Coull & Forensiq
by Lindsay Rowntree on 2nd Jun 2016 in News
Ad fraud is huge. The ANA estimates that ad fraud is a USD$7.2bn (£4.9bn) problem for the ad industry. ExchangeWire spoke with Ben Sonnex, product manager, Coull and Julia Smith, director of communications, Forensiq (both pictured), about the growth of ad fraud, how it needs to be tackled as an industry, and the steps that the video ad tech platform have put in place to reduce the impact of fraud for their business.
Ad fraud can mean all things to all people. According to Julia Smith, Forensiq, in-app fraud is gaining scale, as more brands are looking more seriously into mobile, with not many ad-fraud specialists looking into tackling the issue. Forensiq themselves have done much due diligence into mobile app fraud, but it is still a largely undetectable source of fraud.
“A scarier prospect of fraud is with data”, says Smith, “with bots looking at how they can use data to gather relevant information and sell that on. Audience data has such a high premium against it, so it was only a matter of time before bots started going after that.” Smith says that, as an advertiser, you think you are protecting yourself through buying audiences, as opposed to CPM models, but that’s not the case anymore: “We are tackling that, but buyers beware, when they think they’re buying an audience, bots can make themselves look like a computer, user, human eyeball, but also a 28-year-old woman interested in buying toiletries on a Wednesday and a Friday.”
Smith also heeded against ghost sites – sites masquerading as official domains – and boiler room sites – legitimate-looking sites that exist one day and have disappeared the next – as ones for buyers to be on the lookout for: “I believe people should go back to buying against context again. Luckily, premium sites won’t have bot traffic, as it goes hand-in-hand with ghost sites, or boiler room sites. Make sure you know from whom you’re buying – especially when trading in an open-auction situation. If you haven’t detected masked URLs, and are buying based on users, you are at risk.”
When referring to video fraud specifically, Smith cited a recent Videology report, which showed they had blocked more than 28 billion bot requests: “Criminals are looking for new ways to protect their revenue. CPMs are much higher, so if you are delivering ads to bot inventory, and it’s fraudulent, you will pay much higher CPMs to do so.”
So, ad fraud can manifest itself in many different forms and across many different channels. How does fraud detection take place? Ben Sonnex, Coull, said that Forensiq work with them on three different levels. Firstly, for desktop, Forensiq analyse all VPAID ad requests that lead to impressions. Coull themselves only serve VPAID on desktop, as it gives them more detection capabilities and confidence.
Both Smith and Sonnex were keen to point out that Forensiq only run analysis on the data from ad requests and provide feedback on it – Forensiq doesn’t tell Coull what they should do with it, but instead give transparency to allow Coull to face the challenges themselves. The second and third levels are a mixture of VPAID and VAST on mobile, where Forensiq run reputation analysis on all ad requests and impressions on IPs, URLs, and bundle IDs of apps that Coull serve impressions to.
When asked how big a problem ad fraud was for Coull, Sonnex replied that the issues they face are the same issues faced by the wider industry: “For a company like ours it’s difficult, as we only have access to our own traffic. Our data footprint is not as wide as a vendor like Forensiq, which can connect to multiple partners. It requires large amount of dedicated resource.”
As well as partnering with Forensiq, Coull have their own in-house compliance team, responsible for working closely with Forensiq to interpret the data provided and parse it back into the Coull stack to weed out the ‘bad actors’. They feed those bad IPs into their stack and their block list. They have a semi-automated process where their clients infuse data from those domains and understand the sources of bad traffic. “If suppliers don’t show interest in cleaning up that traffic, we won’t work with them.”
Forensiq provide Coull valuable third-party trust and help them to keep up with ad-fraud trends, contributing to a level of trust in the wider ecosystem. “If you’re a publisher with nothing to hide”, said Smith, “using Forensiq should be a good thing, as it proves you’re an ethical trader”.
“Forensiq offer us the technological back-up we need to detect fraud and viewability for paid traffic. It’s up to us to define how we use that data and technological protection, as well as how we use that data and vet our policy in-house.”, confirmed Sonnex.
The benefit of the additional protective layer of the internal compliance team is a form of double verification, to detect the forms of ad fraud that still aren’t picked up through technological means. Sonnex qualified, “In a number of cases, Forensiq data is enough for us to immediately have confidence to block IPs, domains, and sever certain supply connections. That provides us a very wide-spanning dragnet that looks for types of ad fraud that are detectable using tech. But, when it comes to types of ad fraud that are still difficult to detect, such as mobile, our compliance team follow a rigorous process, manually auditing our top grossing domains and apps, to look for things such as ghost sites, which pass through lots of automated detection techniques, but to the trained eye, are easy to spot.”
Sonnex also highlighted the difficulties in investigating VAST requests using technology, through which most mobile traffic comes, meaning that such investigation must also be handled by Coull’s compliance team, to make sure video ads are viewable.
When asked where the responsibility of tackling ad fraud within the industry should sit, she referred to the fact that PIPCU (Police Intellectual Property Crime Unit) have no money to fund the prevention of digital ad fraud, but that they would set up such a division, if the industry were to fund it. “In my opinion the players that can affect fraud and the players trading open auction inventory must fund it”, said Smith. She qualified that certification is only one step: “Criminals stop when they get no money, so stop them at the source.” Smith went on to say that bad actors are stopping buyers spending money on humans, but that the buyers should ensure they are preventing this: “If you advertise on a pirate site, its only source of revenue is advertising, so [buyers] are funding it. If you stop advertising, they have no source of revenue, as they are trading on downloads.”
Sonnex also believed that players, such as Coull, in the ad-delivery industry have a strong position of responsibility and they must make the most of it: “There are issues in terms of lack of education with the public using their computers. However, people who work in this industry know how complicated it is and, at the end of the day, we are the companies that benefit and suffer at the hands of the fraudsters. We need to do as much as we can. We can’t wait around for legislation to catch up and for the world to change around us.”
Sonnex believes that Coull are doing all they can in the current circumstances and have a good balance of working with Forensiq as a trusted industry partner, coupled with their own internal compliance team: “We’ve found it a powerful way of detecting all types of fraud going on and blocking them. But there needs to be a change in legislation and in law enforcement.”
Follow ExchangeWire