Time to call BS on your fraud verification vendor(s)

Advertisers and the media agencies that spend their money all use fraud verification vendors already. The two largest ones are public companies in the U.S. each reporting $100 million in revenue in the latest quarter. These vendors consistently report less than 1% IVT, so everyone thinks fraud is low, and keep spending their digital ad budgets. I've shown for years that ads are still shown on bot infested websites and non-sensical mobile apps like goat feeding simulators, none of which are marked as fraudulent, wasteful or useless by these fraud detection tech vendors. They can't catch the fraud that is there.

I've also shown that bots strip out their detection tags -- called "tag stripping" or "tag evasion." Because bots block their detection tags from loading or executing, these vendors have no data and therefore cannot mark these bots as IVT ("invalid traffic"). But obviously, "no data" does not mean there is "no fraud." It simply means they failed to detect anything wrong with the traffic, impressions, and clicks. So when these vendors report 1% IVT to you, don't assume the other 99% is "no fraud." It could be all fraud that these vendors failed to detect.

These same vendors' tech can't even detect bots that tell them they are bots -- so called "declared bots" (color-coded orange in FouAnalytics). If you want to try the "fartbot" experiment, here are the instructions: Try this "fartbot" experiment yourself. Basically these fraud vendors' tech can't even detect "fartbot" and stop the ads from loading.

Every single one of the six programmatic campaigns in the slide below were supposedly "protected" by fraud verification, but yet virtually ALL of the clicks from these campaigns were orange and red bots (when measured by FouAnalytics). Only 1 - 4% were humans (dark blue slivers). The fraud vendors don't report this to you and they certainly don't appear to be able to detect and stop the bots, even the ones that declare themselves as bots.

You don't have to take my word for it; you don't even need to use FouAnalytics if you don't want to, to measure your sites and your digital media. But you marketers should know how to call BS on the fraud verification vendors you are already paying for, before your CFO or CEO calls BS on you for failing to do the obvious.

How to call BS on fraud verification vendors

1. ask for detailed reports from your fraud verification vendor and look at the details of what they send back to you (typically an excel spreadsheet)
2. if the excel spreadsheet has impressions grouped by your campaign lines and the corresponding fraud rate, send it back; that report is entirely useless because it does not list the sites and apps where your ads went
3. if they send you the right version of the report which lists the sites and apps in each row, along with the number of impressions and fraud rate, do the next steps.
4. sort the spreadsheet by largest number of impressions first. Then look for rows marked [tail aggregate] or [mobile in-app]. Tail aggregate means they did not or cannot break out what sites and apps your ads went to. Same with mobile in-app; they don't show you WHICH apps your ads went to. These are usually the largest buckets of impressions -- where most of your ads and money went.

These vendors did not identify which sites and apps they were measuring but they still report the entire bucket is "99.992% fraud free." Are you going to let them pull the wool over your eyes like that? Is that what you are paying millions of dollars for? Not only are they not stopping your ads from going to fake sites and apps, they are reporting that large buckets of unknown sites [tail aggregate] and unknown apps [mobile in-app] are almost 100% fraud free. That's a slap-in-the-face insult to your intelligence. If you're not calling out that BS, then you deserve to be fired by your CFO and CEO when they see these reports. The kicker? They even mark buckets called "n/a" to be 99.99% fraud free.

"No data" doesn't mean "no fraud"

What if the bots were smart enough to look for fraud verification vendor tags and strip them out, so the bot can avoid getting caught? Not only do bots block those tags, they even return a "status 200" to make it seem like the tag was loaded, when it was not. This way, the verification vendor gets no data and cannot mark the bot as IVT ("invalid traffic"). Now do you see why they are reporting "99.99% fraud free"? Does that mean it is 99.99% fraud free? Or does that mean they failed to detect anything wrong with 99.99% of the impressions. What BS are you paying for then?

Also, bots are just fake visitors that go to webpages. Much of programmatic ad spend has already moved into mobile environments and mobile apps and other channels like CTV. The legacy fraud detection tech companies' tech was originally tuned for detecting bots. It is unclear if those algorithms have been sufficiently updated or updated at all with new detections capable of working in mobile and mobile app environments. It is clear that they still have not differentiated their tags for on-site measurement versus in-ad measurement, a super-basic requirement for accuracy and completeness of detection.

In addition to buying fake traffic (bot traffic), the sites and apps that cheat will undoubtedly use many more techniques to increase their own ill-gotten ad revenues. For example, why just load 1 ad in the ad slot when you can stack 50 on top of each other. Why not refresh the ad slot every 1 second, because it will still meet the MRC definition of viewability. Why not stuff ads into 0x0 or 1x1 pixel iframes, or force reload the page or redirect users to more pages even if they didn't intend to go. If old fraud detection is tuned for looking for bots and are not even detecting any of these other forms of fraud, they are severely under-reporting the levels of fraud. Time to upgrade your tools. With FouAnalytics, "if you can see better, you can do better."

Time to call BS on your fraud verification vendors. Time to upgrade your tools. If you can see better you can do better (digital marketing).

Further reading: Human CPM (hCPM) and Marketing to Humans

How to use FouAnalytics to Scrutinize Clicks from Programmatic Campaigns