Your Next Audience: IOT Light Bulbs
What are the odds that, tomorrow, you wake up to read in Digiday of an IOT-based botnet that's been defrauding advertisers of tens of millions of dollars? Pretty low.
The chances we'll see that article in the next 365 days? I believe it approaches 100% and, further, that it's probably happening today.
With a forecasted 20-30 billion Internet-connected devices projected by 2020 and perhaps 6-9 billion IOT devices today, not including smartphones and tablets, the raw material for criminals is growing by leaps and bounds. Security for IOT devices has not been a priority, nor do I think that will change in the future. A manufacturer can't afford to put much into the firmware of a toaster selling for $50 and even less into patching and upgrading the installed base. (I've got an expensive 5-year-old TV on my wall that no longer gets updates. Is it DDoSing your company today? Who knows.)
Stealing PII, DDoS, and ransomware attacks are good business for the bad guys. But criminals are fundamentally lazy and will find the easiest route to profit. I believe that one of easiest and safest routes to criminal profit is in the digital advertising space.
Much of the Internet traffic we buy ads against is outright fake and everybody seems to know it. Dr. Augustine Fou has numerous presentations on the many flaws in the digital advertising ecosystem. It's laughably easy to fool the systems that purport to keep our digital ecosystem clean.
Advertisers and their agencies, in a misguided quest for "reach" and "scale" using cheap media, are neglecting the basic marketing concepts of segmentation and targeting. The ad tech and martech ecosystem is glad to facilitate lazy marketing and lazy marketers while hiving off 60-70% of every ad dollar spent.
And there's the opportunity for the criminal. If a marketer is content to let 70% of their ad spend be frittered away, what's another few points? And if the marketer is obsessed with "reach," that need can be filled by compromising a few billion things connected to the Internet and creating more traffic, cookies, impressions and retargeting opportunities.
Think more (expensive) ad tech and martech will catch it? Think again. The criminals have just as many PhDs as we do and have better technology. The can just steal what they need--they're criminals, after all.
What to do
In my opinion, IOT ad fraud is here already and it's going to be big. To counter it, as advertisers we can do a few things:
- Start practicing proper marketing, beginning with segmentation and targeting, and stop "digital" marketing. A great guide is here by Mark Ritson. He's right and your young marketers would do well to study all three of his lectures. Caution: NSFW language and this will upset your digital folks.
- TANSTAAFL. If you believe that somebody has a unique audience that's never been available before, you're a fool. Be skeptical of every claim of new audiences. The top 50 U.S. digital properties total several billion uniques. Reach and scale are not a problem.
- Focus on people. Don't start with cookies, device IDs or other "signals." Yes, that signal might well give you some valuable contextual information about what the person might buy. But are you sure the signal is attached a real person? And, if so, is it attached to a person in your target audience?
- Not all M's are alike. Stop buying media because it's cheap. The New York Times or ESPN cost more than somelongtailwebsite.com for a reason. You won't find beheading videos on quality websites. Buy media because it's viewable and good.
Finally, always ask the following of every impression and every member of every audience: Prove to me that impression was served to a member of the target audience I'm intending to reach.
Maybe you'll see a few less light bulbs in your audiences.