Advertising Guest Columns
7 mins read

The importance of fraud verification: What publishers need to know

In 2017, Uber filed a lawsuit against Fetch Media for allegedly buying fake clicks and taking credit for app installs it didn’t deserve. Fast forward to 2019 and Uber moved up a gear by going after the ad networks used by Fetch to place Uber’s media budget over the same time frame. It was, and still is, a landmark case, and one of the very first examples of a high-profile brand suing its media and ad tech partners over ad fraud.

Uber is not alone. Far from it. Juniper Research forecasts that digital ad spend will hit $520 billion by 2023, but last year alone the fraudulent component of that spend totaled $42 billion. However, managing fraud verification and detection products isn’t easy. Most companies in the media industry simply don’t have the resources to deal with it. But there are steps companies can take – whatever their size – that can minimize their risks.

Below is an overview of how fraud verification companies work and what the real role of accreditation organizations is. My aim is to highlight the current state of the online ad industry, why publishers suffer the most, and what tools and approaches are available to minimize the risks to publishers.

Publishers and Advertisers – An Unbalanced Union

There is a fundamental problem here – the media industry has created a system where publishers provide the inventory but, despite this, have only limited influence. Publishers are also partly culpable – they are not proactive partners against fraudulent activity led by demand-side players. Worse, the communication between them both is limited.

Lack of knowledge or delayed feedback leaves publishers in a vulnerable position. There are no official guidelines, which lead advertisers to choose a strategy of “Race To The Bottom“* on the cost of audience traffic. [*After fraudulent activity is detected, an advertiser will typically demand that a publisher lowers the cost of its traffic rather than cooperating to clean and resolve traffic sources. Google benefits the most from this situation as they are considered to be ‘reliable’ and ‘qualified’ partners.]

Zero Sum Game

The fight against fraudulent activity puts a lot of pressure on publishers. Demand-side players often try to avoid the proactive blocking of fraudulent traffic sources before any official feedback is given. Once results are in (usually months after an event), only then will publishers be able to block the traffic.

Moreover, publishers will not receive any new solutions, tools or advice from the demand side. Instead, publishers will take action against specific sources, based on specific feedback instead of implementing a general solution. This approach creates anomalies in the results. For example, a block of IP addresses will cause a drop of specific traffic which does not necessarily eliminate the fraud source.

When publishers use verification products, they should verify that the product in question is data science-based (a process in which the verification company collects data and updates internal policies and algorithms accordingly). It means that traffic sources can be highlighted as negative sources on an ongoing basis.

Publishers who work with flexible products that are changed frequently have a much better chance of reducing ad fraud whilst also lowering the risks of false blocking.

Don’t forget that professional fraudsters adapt their capabilities faster than most verification companies develop their detection systems. This won’t change anytime soon, and publishers who want to be on the front foot need to recognize this.

Lack of Regulation

As of 2020, there are no official rules or guidelines for digital ads and their users. Or put it this way, any guidelines that do exist don’t offer any protection. It’s somewhat baffling that there are many rules and laws covering users’ privacy, but nothing about handling fraudulent activity. This structural void is taken advantage of by industry tech giants – after all, as there is no effective regulator, whoever has more resources sets the tone.

Today, many leading brands put great emphasis on protecting their reputation (as they should) but they are often too aggressive, heaping even more stress on publishers. The fear of rebuying the same traffic after a fraud issue paralyzes buyers. Their actions are based on fear and the resulting wrong assumptions often lead to irrational decisions.

The Role of Verification Companies

A publisher’s main focus should be about ‘necessity’. What is the reason for verification companies to collaborate with publishers? After all, these companies prioritize the average advertiser higher than a publisher. Verification companies do not provide publishers with scientific tools and solutions that can help them fight fraudulent activities. The only task they do is to uncover the problem.

Publishers have lower chances of successfully negotiating chargebacks with demand players. It’s even more difficult when the results from the verification companies are full of false positives and anomalies.

In order to understand how lopsided the industry has become, I collected several examples:

  • A Rigid Approach: I received a request from a potential client who had a premium portfolio of publishers. He suffered from growing false positive rates on his traffic. The demand players who, back then, worked with aggressive verification policies, labeled and blocked the traffic sources without understanding them. The product itself lacked a flexibility level which advanced customization products provide. We discovered that the product’s logic favored the protection of the advertiser’s side. We assembled a new set of rules that protected the publisher’s traffic sources prior to getting blocked on the demand side.
  • Complex Relations: Following a successful implementation of our product and pilot test with a video company, I had a meeting with a CEO who informed me that even though our results were great, they would not be able to use our product unless our results correlated with 90% of the client’s own results. The CEO admitted that they didn’t really care about fighting fraud activities. They just wanted to avoid exposing their clients to major risks. Many companies don’t have any real intention to fight fraudulent activity.
  • Go Cheap, Lose Money: Companies often use products and services that promise to clean and eliminate all risks but in reality, the products are full of technical errors and false positives. For example, you might be able to review flagged traffic, but you will never understand which part of the traffic triggered the system – client reports might present fraud categories vaguely. Verification companies that don’t share full reports with clients are simply a wasted exercise. They might open new opportunities thanks to having their hallmarked rubber stamp on your website, but in reality, you will be left without adequate protection.
  • The Sampling Phenomenon: Verification companies have realized that publishers, advertisers and trading platforms like to be associated with the reputation of their security products. The verification companies will offer a sample package that will scan only 2%-10% of your traffic and base their strategy around this.
  • Brand Safety: Many verification companies don’t offer sufficient flexibility in their products. A good example is when publishers contact their vendors due to unusual high fraud rates on their traffic, triggered by certain keywords (such as CORONA) in their content which causes automatic blocks and a decrease in revenue.

Accreditation Companies Are Not The Solution, They Are The Problem.

The problem with accreditation companies like MRC (Media Rating Council) or TAG (Trustworthy Accountability Group) is that the application process is expensive, overly long and lacks transparency. In addition, once you are a member, you can choose who will become a member. See the problem? TAG promotes three levels of membership. Why not one standard for all?

MRC’s evaluation process costs over $100,000 and hundreds of man-hours across departments and teams. Ernst & Young monitor the process. Having worked with accredited products and companies, I witnessed at first hand how we created policies that often didn’t help and processes that few people truly believed in. The goal was the status and not the process.

Private accreditation companies often don’t know the latest fraud strategies, nor the latest technologies and techniques to fight them. They care more about the work process that led to the detection, not how you detected the problem.

What can publishers do? Here are some key tips:

  1. Set a working method with your advertisers – expectations, whitelists and blacklists, Inventory and quality and deadline to receive feedback.
  2. Ask your advertisers and partners what feedback they can give in advance and when you can expect to receive this feedback.
  3. You know your traffic better than anyone else. Don’t promise something you can’t provide. It’s that simple and can save you problems in the future.
  4. Partner with companies that provide full reports in real-time.
  5. Choose verification products that update regularly and collaborate with you to protect your business. How do you know? Ask companies that already work with different products and get reports. If you don’t have anyone you can trust, contact me or sign up for my next webinar on an introduction to verification products.
  6. Review the T&Cs of each company and make sure you don’t have unbalanced terms.
  7. Set a ‘Crisis Process’ with your partners to make sure that you don’t lose the relationship.
  8. Check that your fraud verification product is flexible and can adapt to the industry on a weekly basis. Ask for proof.
  9. Ask yourself if you really need external products? You can create internal logic that will work just fine!
  10. Never buy cheap products (see point no. 3)
  11. If you do want to test/screen a sample of your traffic, make sure to sample relevant traffic rather than just waste all the tests on the first traffic you receive.
  12. Consider accreditation products as part of your business development goals. A membership to their clubs will not necessarily save you from fraudulent activities, but it will admittedly open doors.

Yehonatan Reut
Fraud Detection & Digital Marketing Consultant

About: Yehonatan Reut has a decade’s experience in tackling ad fraud. In 2011, he led the anti-fraud efforts of Matomy Media Group. In 2015 he joined Protected Media, building their customer support team, creating their integration processes, and opening their office in New York. During this time, he worked on nearly all of the various authentication products available. He has worked with Taboola, RevContent, Facebook, SpringSer, Smaato and others, and is now one of the leading ad fraud specialists worldwide. You can register for his next webinar on ‘Fraud Authentication Products – Overview’ or schedule an initial free 45-minute consultation using this link.