The recent “Methbot” scheme spoofed more than 6,000 premium publisher domains and generated as much as $5 million in fraudulent revenue each day. If that sounds like a big number, consider that Methbot is just one fraud operation that gained mainstream attention, there are many other similar ones that are still going undetected.
Domain spoofing is an advertising malpractice where a fraud seller pretends to represents premium publishers like, let’s say, CNN or BBC — so the advertiser thinks their ads are going to be displayed on reputablewebsite.com, but in reality, they’re buying inventory from a completely unrelated disreputablewebsite.com. Obviously, this is bad news for both publishers, who lose their brand value and credibility, and advertisers, who end up sinking their advertising dollars.
What is ads.txt?
A standard proposed by IAB and being supported by leading ad networks and exchanges, ads.txt is a text file that resides on the publisher’s ad server.
How does it work?
The ads.txt file contains a list of all the companies authorised to sell a publisher’s inventory. Programmatic platforms keep another copy of ads.txt that lists the publishers that they are authorised to represent in ad sales. This way, buyers have a standardised way of authenticating the inventory that they are bidding on.
How can buyers verify inventory?
There are a few ways to do this. If the both publisher and exchange have adopt ads.txt, buyers can check the ad tags to make sure that they have a legitimate connection. Buyers can also go to the publisher’s website, pull the ads.txt file and manually check if the exchange that they are working with is listed.
IAB has also launched a crawler that can quickly query publisher websites for the ads.txt file, this is great if for buyers who need to quickly verify multiple publishers.
What will ads.txt accomplish?
If the standards gains widespread adoption, the revenue leakage caused by domain spoofing could be curbed to a great extent. This is because no matter how advanced domain spoofing hacks become, the only way to still get the fraudulent operation to work after ads.txt implementation would need the fraudsters to hack into the publisher’s server and manually alter the text file — which is a whole another operation. This extra layer of protection has so far been missing in programmatic ad delivery.
Arbitrage, however, may not be going away anytime soon. The exchange-provided ads.txt file often lists ad networks and platforms other than itself. These will be resellers who bump up their supply by sourcing it from other networks/exchanges. It’s up to publishers to include or remove them, but exchange may insist on it, saying it could cost you fill rate and revenue otherwise.
According to AdOps Insider’s Ben Kneen, the practice is largely frowned upon and prohibited on exchanges like Appnexus, since it’s against APN policy to allow networks to source supply from other networks.
What are the challenges?
The implementation of ads.txt is simple — it doesn’t need any special technical skills, and after the initial setup, the only maintenance work required is periodically updating the list with addition or removal of authorised ad networks and exchanges.
The challenge that ads.txt faces at the moment is market adoption. Since peer-verification is the principle that ads.txt works on, both the buy and the sell side need to adopt it en masse for it to truly be useful.
According to a report on AdOpsInsider, the current adoption of ads.txt among publishers is 12.8%. While an analysis by MarTech Today reported that of the 500 most-trafficked sites in the U.S., only 34 use ads.txt.
While those may not be big numbers, the push for ads.txt is still underway and adoption may pick up as more publishers, networks, and exchanges become aware of the solution and join the bandwagon.