This is the ninth in a series of interviews with vendors combating the problem of ad fraud. Other companies participating in this series include Moat, Sizmek and Asia RTB. Read previous interviews with DoubleVerify, Dstillery, Forensiq, Integral Ad Science, PubChecker, Telemetry, Videology and White Ops.
Digital ad fraud isn’t anything new.
comScore has been picking up on instances of non-human traffic dating all the way back to 2001, when it launched its audience measurement and media planning tool Media Metrix.
“Of course, it’s changed dramatically over the years and it continues to evolve,” said Brian Pugh, comScore’s SVP of audience.
In an effort to keep up with that change, comScore acquired Mdotlabs at the beginning of August, a company with roots in the cybersecurity space.
“We’re data scientists,” said Timur Yarnall, co-founder of MdotLabs and SVP and anti-fraud evangelist at comScore.
And data scientists are what comScore needs if it’s going to “build trust across the whole comScore system,” said Pugh.
“comScore is a third-party neutral currency and it’s our responsibility to only report people,” he said. “We’ve been dealing with non-human traffic for a long time, and we simply cannot report those ‘audiences’ with our measurement tools. That’s the cost of doing business for comScore.”
Pugh’s and Yarnall’s teams are working on integrating the MdotLabs tech into comScore’s various offerings, including validated Campaign Essentials (vCE) and validated Media Essentials (vME). Although there’s no specific date set, Pugh said integration will be complete “very soon.”
“We want to help publishers and advertisers feel confident about their inventory,” Pugh said.
AdExchanger spoke with Pugh and Yarnall.
ADEXCHANGER: What’s comScore’s approach to online ad fraud?
BRIAN PUGH: comScore’s goal is to help our partners reduce ad waste, and fraud is just one element in this. There are a lot of ways a campaign can go sideways – anything from an ad not being in view, to an advertiser being unable to reach their target audience. All of that adds up to wasted time and spend. We want to help clients optimize against all of those things with a package solution. If you’re not getting the results you want as an advertiser, it could be fraud or it could be that your ads aren’t being seen even though they’re being served to real people. In order to optimize, you need to know exactly what they problem is.
How does comScore define fraud?
TIMUR YARNALL: It’s very broad, which is something I like. It could be traditional fraud or it could be waste, which goes beyond how people normally define it. Often, fraud can be a configuration issue or something to do with brand safety or viewability. In other words, anything that’s off the media plan and not benefiting the campaign. It’s a standpoint that’s pretty much in line with how the IAB defines fraud right now.
BP: But we actually try to stay away from the word ‘fraud’ because of the implications. The word assumes some type of intent. At comScore, we call it “non-human traffic.” Fraud implies that someone is purposely committing it, and in many cases there’s actually quite a lot of plausible deniability around the subject.
You make a clear distinction between intentional and nonintentional fraud?
BP: In some cases there might be intent. There is definitely traffic arbitrage by certain publishers. But then again, there are others who are just out there trying new things. They might have had a traffic acquisition strategy that brought about something unexpected. Maybe it wasn’t their intention to commit fraud, and when they find out, they stop using that strategy or working with the vendor that provided the traffic.
The industry needs to police itself, and we help by providing measurement that enables both the buy side and the sell side to clean things up.
How does comScore’s background in measurement inform its perspective on combating fraud?
BP: comScore is a currency in this space. We have the ability to measure and help clients understand what’s happening, whether they’re on the buy side or the sell side, and to provide tools and build trust with advertisers so they feel like they’re getting exactly what they paid for. The goal is to have solutions for everyone in the ecosystem.
TY: comScore also has unparalleled scale. They see a massive amount of data and trillions of impressions, and they have panel data that shows human activity, all with additional analytics layered on top through MdotLabs. That’s a perspective that no one else in the industry really has.
How does the MdotLabs technology work?
TY: Mdot integrates through a tag-based implementation similar to how comScore tags a campaign running through a publisher, so it’s virtually seamless from that standpoint. We’re laser-focused on bringing cybersecurity type analytics to the problem of ad fraud detection. We gather tags, just like comScore does through vCE or Media Metrix.
Why did comScore choose Mdot?
BP: Mdot and its data science team is philosophically and technically aligned with the direction comScore is going in. We both believe in heuristics and the analysis of data at scale. That informs a lot of our insight.
What else informs your insight?
Not every type of bot behaves the same. You need a lot of data science to be able to identify and measure it. That’s one of our main services, measuring how much non-human traffic is in a campaign or on a site.
What’s been happening with the Mdot integration?
TY: Regarding the integration, we’re not mentioning dates, but we’re moving quickly.
BP: We’re building the Mdot technology into all of the comScore products, including our campaign measurement tool vCE on the buy side, and vME on the sell side, which publishers can use to better understand their traffic sources and ad networks could use to make sure the sites they’re partnering with are clean. comScore has a lot of legacy products. We know we have to stay on top of the fraud issue forever, which is why we invested in a company we think can really help us.
What is the Mdot Publisher Certification Program?
TY: We launched it just before the acquisition. For publishers to get certified in our platform, we need to know that their level of non-human traffic is below a certain acceptable threshold. We don’t publicize what the threshold is, but I will say it has got to be in the very low single-digit range. Some fraud is unintentional, which is why we think a certification process for publishers is something the industry needs. It’s something our partners have asked for, and it’s a key part of the integration.
What are the biggest fraud threats facing the industry right now?
BP: Bots are pretty cheap to use. If just one or two percent of machines in the entire US are infected with some type of malware, that’s quite a lot. Most of the extreme cases of traffic laundering or CPM fraud have been through botnets.
Viewability is also an issue, and we do see publishers that do things like stacking or sending bots to a site to build their inventory. But it’s important to note that these are things that tend to overlap quite a bit. At the end of the day, good content wins. If your website has poor content, the only way to drive traffic is to buy it, and it’s likely that traffic is going to be littered with bots – so really, it’s all mixed together.
What about mobile?
BP: Mobile is going to be a challenge because measurement in mobile is a challenge anyway. iOs and Android behave differently and, of course, cookie-based measurement is flawed. The application environment is especially ripe for fraud. We don’t see a lot of it right now, but that could be because we need to do a lot of work to build out our measurement capability to make sure it’s even catching fraud in the mobile space. It could also be because the money hasn’t followed it just yet, but when it does, we’re going to have a lot of work to do.
There’s been a lot of talk about the growth in video ad fraud due to higher CPMs. Do you see that, too?
TY: It’s cropping up all over the map. This past April, TubeMogul put out a report that found a massive amount of fraud in the pre-roll space, which is something we see, as well. [Note: TubeMogul uncovered three botnets that had generated roughly 60 million fake video impressions.] It was great that TubeMogul outed it and helped the industry clean it up, but there’s much more out there.
It’s hard to estimate exactly how much fraud there is in total, but comScore probably has a better chance than most. What are you seeing?
BP: Context is so important. You see a lot more in the way of non-human traffic in the long tail than you do through direct buys with premium publishers, but there are some pockets there, as well. It varies a lot campaign by campaign. But even if the amount of fraud was closer to 10% than the 30% or 50% that some would like us to believe, that’s a lot of money. We’ve seen campaign that have more than 90% of its traffic associated with bots, but most campaigns have far less; more in the 2% to 3% range, which you’re more likely to see with direct buys and premium publishers.
comScore has a pretty good view because we measure almost all of the ecosystem, which some other vendors don’t have access. But we also know that it varies so much between publishers. An average is not the way to do it.