Making sense of CTV ad fraud | Sponsored Content

This article was contributed and sponsored by Verizon Media.


The growth of connected TV (CTV) has been a rousing success story; unfortunately, fraudsters have noticed. As advertising budgets shift to CTV, alleviating safety concerns becomes increasingly paramount.

Dr. Michael Moran, senior data scientist at HUMAN SECURITY (formerly White Ops) and Emma Fenlon, senior manager, exchange quality at Verizon Media, have an honest discussion about CTV fraud and why buyers should feel secure going forward.

Is the CTV fraud issue overstated? How prevalent is it today?

Dr. Michael Moran (MM): Any amount of fraud is bad. Generally, fraud schemes try to make the most money with the least effort, and the CTV ecosystem is a lucrative target because of the lower amount of available signals and the higher potential payoff.

Emma Fenlon (EF): Fraud follows ad spend, and CTV is a “shiny new ad object” with less controls in place than other traditional digital advertising formats. CTV growth exploded in 2020, but efforts to keep the ecosystem clean are playing catch up.

What's unique about CTV fraud?

MM: Higher cost per thousand (CPMs) mean bad actors can get more bang for their buck within the CTV ecosystem. And the technical challenges inherent to CTV mean there are fewer things fraudsters have to “get right” to earn as many dollars as they can.

EF: CTV fraud is easier. It’s easy to grow and monetize low-quality apps using fake traffic at higher CPMs. Measurement is difficult, and transparency standards like app-ads.txt are still nascent and not widely adopted. CTV also often has more complex monetization rights and inventory sharing agreements, so you need to be extra diligent in connecting the dots across the supply chain.

Recent CTV fraud schemes like PARETO rely on spoofing. Why is spoofing so common?

MM: Historically, server-side ad insertion (SSAI) spoofing is highly scalable, and benefits from an overall lack of transparency. Increased transparency standards such as app-ads.txt should help. However, we’re seeing CTV fraud schemes evolve and become more complex. It’s not just about the SSAI—bad actors can spoof everything.

Most recently, the behaviors we observed with PARETO showed increasing sophistication: realistic pingbacks to evade detection, dynamically configurable to assume different identities, even writing wrote code specifically to attempt to bypass multiple fraud verification providers.

EF: One way SSAI providers protect against spoofing is to implement secure server-to-server connections with primary video ad servers. By correlating playback and monetization data, it's also possible to ensure ads are only being delivered and recorded for real viewers with valid sessions. Because SSAIs and ad servers use secure connections, anyone trying to spoof a legitimate SSAI wouldn't have the credentials needed to communicate with the ad server and get responses.

How can the industry continue to improve transparency within the CTV ecosystem?

MM: A standard similar to ads.cert, which cryptographically signs requests coming out of ad servers, at the SSAI and/or device level would help. We also cannot stress enough the importance of direct publisher relationships, adopting app-ads.txt and sellers.json, and consistent appID/bundleID declarations to provide stronger links from app to publisher.

EF: Supply-side platforms (SSPs) play a crucial role in reducing CTV fraud. Processes like monitoring data to make sure volume estimates and actual traffic align, enforcing app-ads.txt requirements, and using internal and third-party invalid traffic detection technology make a big difference. The impact on our buyers from any of the recent ad fraud schemes has been nearly non-existent. CTV fraud is a significant problem, but buyers can continue to minimize their risk by buying direct supply, transacting through deal IDs, and not bidding on open exchange inventory from ad networks.