The full-service media agency Essence has published a paper outlining the dangers of fraud in the connected TV environment and providing advice on how the ecosystem can work together to minimise it. Authored by Mike Fisher, VP, Advanced TV & Audio at Essence and Eric Kirtcheff, SVP, Ad Operations at the company, Essence says bad actors are ready to exploit CTV hardware or software to effectively steal money from publishers, advertisers and agencies – “ultimately hurting the very ability of brands to reach and break through to their customers.”
“A majority of CTV devices function just like larger phones when it comes to their core operating systems, which allows fraudsters to replicate methods honed over years of targeting mobile devices and use similar vulnerabilities to commit ad fraud on CTV,” the paper declares. “At the time of writing [early 2021], the number of developers and people checking or testing the devices is much smaller than for phones and desktops.”
One example of the ways fraudsters target CTV hardware is ‘spoofing’ where a programme or device successfully identifies as another by falsifying data. “A criminal could spoof CTV hardware using a low-cost mobile framework, sending ‘bad’ impressions into the ecosystem which to the untrained eye look like CTV (and command CTV premiums and ad dollars), but are in reality mobile impressions—or in some cases, not real impressions anywhere,” the authors explain. They paint a picture of TV farms (like phone farms) where rooms are filled with streaming devices including Smart TVs using different IP addresses.
On the software side, the rise of the open-source developer kits – enabling anyone to build their own applications on these platforms – provides a doorway to fraud, the paper states. “On some platforms, the testing code, the tools, and the documentation are all available for free without any identification or security.
“We know hackers will embed code that will facilitate ad fraud in the application themselves through backdoors. This leaves undetectable ways for the fraudsters to access the software and modify it at their convenience or based on set intervals of time. Most commonly, this is done via the apps downloaded onto these devices. They know that the majority of CTV apps in the long-tail ecosystem do not require discreet user registration, which makes it easy to create systems that either leverage software, or even hardware, to spoof ad calls and increase buyable opportunities.
“While platforms do have rigorous QA processes for featured apps, there is a long-tail that slips through the cracks, and that’s where most bad actors make their first entry into the ecosystem.”
A further threat is social engineering, which uses deception to manipulate individuals into divulging confidential or personal information (such as passwords) that can then be used for fraud. There is no evidence of this happening on a large scale, the authors admit, but they want to raise awareness now to ensure it is never a viable or scalable CTV ad fraud tactic.
“Just as criminals have used social engineering tactics to commit fraud against individuals, this is another potential vulnerability in a system that employs thousands of people to sell, execute and QA CTV ad buys,” the authors reckon.
The paper warns that the tools and investment methodologies used today are not adequate to combat multi-pronged attacks and ad fraud schemes targeting the entire ecosystem, but it outlines several actions the industry can take to help mitigate the CTV fraud threat. It says CTV distribution companies need to open devices to third-party verification software (IAS, DV, MOAT, etc.) to enable auditing of their results.
Platforms need to make it more difficult to deploy fraudulent apps and code by increasing QA rigour and limited app development, and publishing tools to pre-approved good actors. The authors advise everyone to beware of VPN usage, “which wreaks havoc in CTV advertising—skewing location and audience targeting and opening the door for bot farms and bad actors to spoof device and location signals.”
Essence advises: “Don’t buy into democratisation of supply—having direct relationships with key media sellers is vital to navigate the changing space and protect your brand and your brand image.” The media agency wants everyone to embrace the ecosystem push to secured seller tools like sellers.json and ads.txt to ensure transparency and trust through the supply chain.
The company also believes we need greater accountability of the ecosystem. “Buyers and sellers cannot be the only police. DSPs and SSPs need to better manage supply flowing into their system and validate that the seller is who they claim to be, and that the impressions are what they claim to be.”
The authors say buyers should also be asking if something is too good to be true. According to Essence, “If you think you are able to buy CTV supply on premium TV networks from sellers or platforms that charge below standard market rates, it is a red flag that the supply is likely not legitimate.”
You can find out more about Essence here.
