It’s no secret that programmatic advertising has its fair share of fraud. Lurking in the supply chain, fraudsters carry out acts of domain spoofing and inventory arbitrage, ripping off buyers and damaging publishers’ reputations.
Ideally, publishers want control over, or at least want to know, where their inventory is sold. On the flip side, buyers need reassurance that they’re purchasing legitimate inventory from reputable sites. To keep everyone on the same page, back in May 2017, the IAB Tech Lab launched an industry-wide initiative called ads.txt.
What Is ads.txt?
Programmatic advertisers and publishers need to be vigilant in looking for ways to prevent ad fraud. One tool that can help is the ads.txt (short for Authorized Digital Sellers) project, which is meant to improve transparency among programmatic players. Using a system of plain text files accessible by distributors and buyers, publishers can easily disclose which companies have permission to sell their inventory.
Publishers may simply reveal which businesses have permission to sell their goods using a set of simple text files accessible by both sellers and purchasers. Programmatic buyers will be more confident in purchasing authentic products from authorized vendors as a result of this.
For security purposes, a publisher hosts their ads.txt file at the root level of their site domain. That way, it’s harder for anyone besides the publisher’s webmaster to edit it, giving the publisher complete control over what content appears on the file.
The root level location also makes it convenient for programmatic buyers to find an ads.txt file by simply typing in a URL or using a bot, such as IAB’s free ads.txt crawler.
How It Works
Opening an ads.txt file brings up a data list, with each line corresponding to a specific authorized seller. Every entry includes three mandatory data fields and an optional fourth:
1. Advertising System Domain Name. The first field lists the domain name of the exchange, SSP, or other ad-serving platform that buyers can use to purchase the publisher’s inventory.
2. Account ID. The second field shows the publisher’s account ID associated with the advertising system listed in Field #1.
3. Type of Account. The third field states the publisher’s control level of the account listed in Field #2. If this field says “Direct,” it means that the publisher controls the account. If it says “Reseller,” then the publisher has given permission for another party to control the account and sell their inventory in the system listed in Field #1.
4. Certification Authority ID. The fourth field lists the TAG-ID of the advertising system (Field #1) within the Trustworthy Accountability Group (TAG) certification database. Because not every advertising system is TAG certified, this field is optional.
What It Looks Like in Action
Let’s check out a real example. The image below shows part of BBC’s ads.txt file. Based on what we see, we know that BBC sells their inventory on Google’s ad platform through four different publisher accounts, each of which they control directly. The TAG-ID in Field #4 matches Google’s verification information listed in the TAG Registry.
If we’re a buyer looking at BBC’s ads.txt file, then we can conclude that it’s probably safe to purchase BBC’s inventory listed through Google’s ad exchange.
What’s Next for ads.txt
As of now, participating in the ads.txt project isn’t mandatory, but the IAB highly recommends putting the tool in place (or a version of it), especially now that big platforms like Google are pushing for industry-wide implementation.
In January 2018, TAG announced that, starting on July 1, 2018, publishers will be required to adopt and implement the ads.txt specification in order to receive the TAG Certified Against Fraud seal.
Fraudsters have discovered flaws and other methods to tamper with content and deceive advertisers in the time that ads.txt has been in use. IAB released an updated variant of ads.txt, dubbed ads.cert, in order to combat this. Ads.cert verifies the supply routes at each stage and ensures that inventory information is not changed. The most recent version of ads.cert released in 2021, and continues to defend against programmatic ad fraud.
The actual impact of ads.txt remains to be seen, but in the ongoing—and seemingly never ending—fight against ad fraud, it’s a step in the right direction.