From A to C: What You Need to Know About Ads.cert

Richard Kahn - April 19, 2018

Although the ads.txt initiative seems to be off to a good start, there’s still room for improvement.  

Ads.txt was created to address authorization issues within the digital advertising ecosystem. In theory, before making a purchase, distributors and buyers may reference a publisher’s ads.txt file to make sure they’re buying authorized, legitimate inventory.

But of course, fraudsters are finding ways to work around the ads.txt system. Illegitimate publishers can easily copy ads.txt files from reputable sites and pass them off as their own. Unsuspecting buyers might not verify the information in the ads.txt file for accuracy and go ahead with purchases, only to find out they wasted their money on phony inventory.

Related Post: 5 Ad Fraud Questions All Media Buyers Need to Ask

Even worse, ads.txt files don’t have to specify what types of inventory vendors can sell. Fraudsters can repackage inventory without prior authorization, going as far as falsifying domain names, IP addresses, and media types.

To combat this shady practice, in September 2017, the IAB Tech Lab released a draft of OpenRTB 3.0, the latest update to the OpenRTB protocol which sets the industry standards for real-time automated bidding. Version 3.0 introduces an upgrade to ads.txt named “ads.cert.”

Ads.cert in Action

Acting as a complement to ads.txt, the ads.cert process is designed to authenticate inventory as it moves through the digital supply chain during real-time bidding.

Neal Richter, co-chair of the OpenRTB working group, uses the analogy of buying a Rolex to illustrate the need for both ads.txt and ads.cert: you need to confirm you’re dealing with an authorized reseller, then make sure you’re buying a certified Rolex watch instead of a cheap knock-off.

Related Post: Why You Need to be Testing Your Demand Side Platforms

In theory, publishers and exchanges can mark inventory with digital signatures, recording notable data points like domain, publisher ID, and bid request timestamps. The signatures act as traceable paths and can’t be altered by anyone other than the original “signer.” Buyers can then reference a publicly accessible key to confirm that the inventory they’re buying is indeed coming from a valid, verified source.

Because the ads.cert process is only compatible with the newly drafted OpenRTB 3.0 protocol, not many industry players have adopted the tool. But as more shift from Version 2.5 to 3.0, expect to see ads.cert grow in popularity.

 

Subscribe to the Anura Blog

Richard Kahn

Rich Kahn is the Founder and CEO of eZanga.com, a digital advertising firm and purveyor of the ad fraud traffic management platform Anura. He has more than 23 years of global experience in internet technology, digital advertising, and ad fraud management, and is often revered for his implementation of fraud elimination techniques and client growth. Previously, Rich founded his own internet service provider, First Street Corporation and co-founded Paid for Surf, an advertising software company, before joining the pay per click advertising network AdOrigin as its COO. Rich has held management roles at Verizon Wireless and Bloomberg.