Defending Ad Integrity

All practitioners have patron saints: For investors, it’s Graham and Dodd; for programmers, it’s Donald Knuth; and for advertisers, it’s none other than the late, great David Oglivy. His passion for advertising was conveyed so beautifully through his writings, especially the 1983 classic, Oglivy on Advertising. I often wonder what the Master would have thought about the on-line advertising revolution that began shortly after his death in 1999.

Anyway, Oglivy’s teachings focused on maximizing the effectiveness of ads in selling products. His research on attracting eyeballs was groundbreaking and surprisingly relevant today. Here are some examples: Ads with news are recalled by 22% more people; the average readership of copy is only 5%; leading drop-initials increase readership by 13%; and on and on. This is fascinating guidance for any type of writer trying to attract attention.

One artifact of modern advertising that Oglivy could never have predicted involves something called an impression. This countable entity is incremented whenever an ad is fetched from its source. By basing the fees paid by advertisers on the magnitude of impression counts, the entire on-line industry becomes reliant on an underlying transaction model that is less dependent on well-conceived advertising as it is on high fetch rates.

Botnets exemplify the fraud opportunities here. We all know that botnets harvest zombies which can be commanded to attack. If the goal is DDOS, then some targeted victim will see increased traffic. But if the goal is impressions, then some targeted ads with see increased clicks. The result of this fraud is that victims will pay increased advertising bills, even if their sales teams are sitting around playing poker in the showroom.

I recently had the great fortune to meet with a cyber security company called White Opswhose stated mission is to verify the humanity of every online transaction. Their charismatic co-founder and CEO Tamer Hassan spent an afternoon taking me through his team’s bot fraud mitigation technology and how it’s making a meaningful difference raising the integrity of on-line advertising. Let me try to summarize what I learned from Tamer:

“We apply bot mitigation, detection, and prevention methods to address the integrity problems in on-line transactions,” he explained. “We’ve applied our platform and expertise to some of the largest botnet takedowns in our industry.” (Shortly after our discussion, while sitting at Newark Airport, I happened to notice the 100 most creative people in businessarticle in Fast Company describing Hassan’s role in such a takedown. Impressive.)

The White Ops platform was built by its co-founders on several design principles (and it certainly didn’t hurt to have the great Dan Kaminsky as a co-founder): First, reduction of fraud requires accurate bot detection technology; second, the platform must have the ability to prevent fraud, versus just responding after it occurs; and third, the solution must include the ability to perform data-driven analysis to support investigations and takedowns.

The White Ops bot fraud mitigation platform is built on a component called MediaGuard. This is a predictive machine-learning based technology that learns via operations to accurately identify automated botnet activity. “Our algorithms use context within impressions to make our predictions,” Hassan said. “This is in contrast to over-reliance on blacklists, which have their role, but are easily side-stepped by a capable fraudster.”

MediaGuard resides in the familiar access path used by unknown users who are visiting your website or hosted applications. The overarching security goal is to inspect impressions to make the ultimate Turing determination about visitors. That is, MediaGuard is focused on predicting whether that unknown user connecting to your site is a bot or a human – and this process loop is supported by a White Ops global detection cloud.

The White Ops prediction algorithms are implemented in a component called FraudSensor, which integrates multiple contextual inputs to make determinations about unknown users. These inputs include technical evidence from devices, networks, apps, and software – and the probing is changed periodically. The inputs also include machine learning from deployed data points, as well as context from a global threat intelligence system.

“An important part of our solution approach,” Hassan explained, “is that we continually adapt and change our algorithms and approach. We’ve worked enough investigations, cases, and takedowns to know that advanced fraudsters are getting good at adapting to known anti-fraud solutions. We therefore do everything we can to prevent this type of evasion, and the resultant uncertainty makes our solution more effective in practice.”

The White Ops platform is deployed via JavaScript tag, SDK, or environment pixel (if JavaScript is not an option). The platform can detect transaction payloads across desktops, mobile web, and mobile app environments – which is important because so much of the advertising ecosystem is shifting to these modern domains. A dashboard is provided to administrators to offer real-time visibility and reporting during operations.

From an industry analysis perspective, it’s hard to find much downside to enhanced ad integrity and to the White Ops solution. Yes – one might wonder whether ad brokers will move slowly for fear that advertising bills will drop. But this fear seems offset by the growth opportunities that will inevitably occur when more buyers view on-lines ads as a more fair marketplace. Higher integrity for on-line ads seems win-win across the board.

As for the late David Oglivy – I suspect that he would approve of the work White Ops is doing – and I say this because of Oglivy’s passion for data-driven research. If ads are being clicked on because bots are committing fraud, then poorly conceived, badly organized, and miserably written ads might appear to be super successful. I think that nothing would have enraged the Master more than this impediment to accurate research.

If you work in on-line advertising or suspect that your company is experiencing some sort of bot fraud in your online interactions, then please pay attention to this area of cyber security. Perhaps give Tamer Hassan a call. He’ll be delighted to serve as your tour guide to how advertising integrity can be improved. And as always, please share with us what you learn. I look forward to hearing from you.