CTV ad fraud: 5 Questions with ad fraud expert Sam Mansour

Television and the way in which we consume it has changed in recent years. Rising in popularity, connected TV (CTV) is what many consumers know as a Smart TV or any television set used to stream video over the internet. CTV advertising opportunities are massive, but the landscape comes with a host of ad fraud risks. Fortunately, ad fraud expert and senior principle product manager of Oracle Moat, Sam Mansour has all the answers. Learn more below.

Stephanie Trovato:  How does CTV ad fraud differ from other forms of ad fraud that are often spotted in the programmatic ad space? Is it more difficult to detect? Does it cost advertisers more?

Sam Mansour: Ad fraud is a loaded term that denotes malicious intent, which is often difficult to attribute. So, I prefer using the term invalid traffic (IVT) unless we can prove the activity was purposely done to defraud an advertiser, publisher, or both. But back to the question, CTV does differ from desktop and mobile app ad fraud for several reasons.

There are multiple CTV device types. Some are embedded in smart TVs and others are stand-alone. The key consideration is whether the power source is tethered or independent.

Measurement within CTV is more challenging than in other digital channels since we still have lack of transparency and standard technologies. Pixel measurement — the method du jour — has less fidelity than embedded SDK (software development kit) or client-side measurement code.

Server-side ad insertion (SSAI), where ads are joined into a single video stream alongside the content, is ubiquitous in CTV. Information about the device must be correctly passed on by the server component, which creates added complexity and unique challenges related to MRC Video Impression Measurement guidance.

Quality CTV supply is limited, resulting in much higher CPMs. This creates a larger opportunity for those that are trying to scam. Why target desktop impressions with your botnet if you can make +30x the revenue if you are able to fake CTV instead?

Stephanie: What are the top three actions CTV advertisers can take to guard against ad fraud?

Sam: Apply the same rules and best practices used to mitigate fraud on other platforms. Here are some basic suggestions:

• Work with trusted and reputable partners that demonstrate responsible media practices.
• Set clear targets and goals for every campaign that include tolerances for invalid traffic, brand suitability, and overall media quality.
• Verify you are meeting your targets with MRC accredited measurement and interrogate your measurement data to optimize accordingly.

Stephanie: When evaluating an ad measurement platform, what capabilities should an advertiser be on the lookout for to help them avoid CTV ad fraud?

Sam: I’m clearly biased toward the Oracle solution, but I think it’s important to look at several factors when considering your CTV measurement provider. These include:

• Is your partner MRC accredited and specifically for what? Oracle is accredited for impression, quartiles, and sophisticated invalid traffic detection in CTV environments.
• Does your partner provide insight into SSAI? We report an SSAI percent metric that gives our clients transparency to accurately assess their CTV impressions. We are also in the process of auditing a trusted SSAI impression metric that will report on the percent of SSAI impressions that come from a trusted (vetted) source.
• Is the vendor production-ready for Ads.cert 2.0 to secure server-to-server communication? As of June 14, 2022, Oracle is live with Ads.cert 2.0 on all Oracle Moat Analytics endpoints.
• What device attestation and detection methods do they use? From on-glass testing in our device lab to being part of the Roku Ad Watermark program, we have many robust methodologies to ensure CTV ads are loading on real devices.
• Is the measurement provider engaged with institutions that set industry standards such as IAB Open Measurement, Media Rating Council (MRC), Trustworthy Accountability Group (TAG), and the Brand Safety Institute? We are one of the founding members of Open Measurement, which has been a huge success story for mobile in-app measurement and promises to do the same for CTV. This is alongside our other industry bonafides.
• How does the vendor approach invalid traffic detection across all platforms? Is it fear or education-based? We have a robust process around ad fraud disclosures that involves outreach to the appropriate authorities, conveying impact to our clients, and educating the industry by sharing indicators of compromise (IOC’s) and other details via industry threat briefings so others can also identify the fraudulent traffic.
• What’s unique about the vendor’s capabilities? Do their incentives align with yours? Third-party measurement companies must measure with integrity and accuracy while protecting user privacy and security. As a neutral party in the media transaction, our obligation is to measure and verify what transpired with client ad spend. The cost of our service is not impacted by the cost of media or the channel where we measured. Our only incentive is to build trust through accurate measurement and help our clients optimize their outcomes with insights derived from measurement. 

Stephanie: What is the Roku Ad Watermark program and why is it important to CTV advertisers?

Sam: A prevalent fraud mode in CTV is called device spoofing. This is when there is a false claim of impression delivery to a CTV device when it was actually generated by some other means. The other means may be less valuable but real mobile inventory, malware, or most commonly SSAI spoofing. StreamScam was a CTV fraud scheme that illustrated how SSAI was used to spoof devices and apps.

To prevent their devices from being spoofed, Roku devised a device watermark. Roku devices now sign ad impression notifications with a cryptographic key that enables receivers to validate those impressions are from an authentic Roku device. I commend Roku for taking this important step and making it exceedingly difficult to spoof Roku devices. We are happy to be a part of the Roku Ad Watermark program for our clients.

Stephanie: What is the Oracle Moat team doing to lead the industry when it comes to fighting CTV ad fraud? Any new advancements or CTV metrics we can share?

Sam: Our DNA forces us to dig deeper and go further in our understanding of every environment we measure in the pursuit of accuracy. Simply said, accuracy builds trust. In CTV, that means we’ve embraced Ads.cert 2.0 to authenticate SSAI notifications alongside the Oracle Moat tokens we’ve been issuing for years. As of June 2022, Ads.cert 2.0 is a fully functioning production feature on all Oracle Moat measurement endpoints, blazing the way in standards adoption.

It also means our SDK developers are furiously contributing to the Open Measurement SDK for CTV, which is slated to release in Q3 2022. This will mitigate many of the concerns with server-initiated measurement, close the limitations with current pixel measurement, and provide richer metrics such as down-to-the-second completion rates.

It means being proud supporters of the Roku Ad Watermark program and looking forward to continued collaboration with their ad quality team to ensure our clients run on authenticated Roku devices.

Finally, it means we spent the better part of the past year in a deep-dive investigation into the types of SSAI and how they impact measurement considerations related to the MRC Video Impression guidance. We partnered with a broadcast publisher, a video ad server, and a leading SSAI platform to analyze CTV traffic against an eleven-point QA test matrix across Roku, AppleTV, and FireTV, with additional TV/OFF testing done on Samsung TV as well. The effort resulted in a 26-page research paper and is the foundation of a new QA process and a metric called Trusted SSAI %. This new metric is being audited for MRC accreditation. We look forward to sharing more news on Trusted SSAI and the research that went into it soon.

Learn more about connected TV measurement