CTV Ad Fraud Study IDs Early Warning Signs

A new analysis of connected-TV ad fraud identifies several early warning indicators.

Sabio’s App Science CTV platform was used to cross-reference location, census, traffic, content, device technographics, and third-party app data with more than 150 million IP addresses to identify signs of fraud.

While fraudulent methods like server-side ad insertion (SSAI), platform mismatch and app ID spoofing have been behind high-profile CTV fraud schemes like DiCaprio and Monarch, the study found several suspicious activities that can serve to help head off fraud, including: 

Non-standardized site IDs: For example, according to Sabio, just 12.5% of Roku site IDs were found to meet Interactive Advertising Bureau standards. The rest used their own naming conventions, which “does not necessarily signal fraud, but can open up risks when buying inventory,” says the report. 



(Roku has repeatedly stated that it recommends that OTT ad buyers buy directly from Roku or publishers on its platform, and if buying from other sources — especially open exchanges — use technology to verify the source of ad requests.)  

“One-time” devices: Nearly a quarter (22.4%) of devices analyzed were found to be classified as “one-time,” meaning they have device IDs that have been seen only once in the system. 

“This is suspicious and needs to be investigated further, since people typically use the same connected TV or streaming stick to view video content repeatedly,” says the report. 

Outdated operating systems: Some 5% of CTV devices and operating systems are obsolete, and “should be monitored to ensure that traffic coming from these sources is declining,” Sabio advises. “When traffic from these sources increases in certain weeks, this needs to be evaluated further.” 

The report also stresses the importance of auditing media content that can correspond with spikes in traffic and viewing patterns for different apps — particularly with upfront spending down this year and advertisers using programmatic to allocate larger portions of their budgets. 

For example, data show that news content is streamed more in the afternoon (peaking at 2 p.m.), while movie apps are used in the evening (peaking at 3 a.m.). 

“CTV fraud schemes like Icebucket, DiCaprio and Monarch have already siphoned billions of dollars from advertisers,” said Sudha Reddy, vice president product innovation at App Science. “The industry must learn from these operations, identify the tactics behind them, and proactively put measures in place to weed out this suspicious behavior in the future.”

More specifics about the study are available in a downloadable PDF.

Next story loading loading..