The Double-Edged Sword of Server-Side Ad Insertion

(Image credit: The View Point)

The OTT and CTV landscape has gone through a lot of changes during the last few years, and there has been a particularly significant growth in supply.   

According to the recent figures by Pixalate, the industry has seen a 232% rise in the number of OTT apps supporting programmatic. Also, there's been an increase in ad volume: between Q1 2019 and Q4 2019, the number of OTT/CTV ad impressions increased 4.3 fold, or by 330%. 

The figures look impressive, and they are expected to only increase, partially due to the rising CTV and OTT overall viewership during the COVID-19 pandemic. For instance, based on Nielsen estimations for January, CTV usage in the U.S. alone accounted for 12.5 billion hours monthly. Shortly after the lockdown began, total hours spent with CTV devices were up 81%, equating to nearly 4 billion hours of CTV use per week.

What else is drawing attention is the growing importance of SSAI—Server-side ad integration technology. Back to Pixalate's report, in Q1 2020, 40% of all programmatic OTT/CTV was delivered via SSAI. 

Yet, along with the interest, buyers and sellers across ad tech, look at SSAI technology with caution. Being one of the most crucial innovations since 2017 that has allowed OTT video to become a viable industry, SSAI, at the same time, is fraught with the risk of ad fraud. 

But, before taking a closer look at issues SSAI brings in, let's first figure out what makes it so attractive.

USING SSAI ACROSS THE CTV LANDSCAPE

Unlike traditional video ad serving, where ad requests originate on the client-side and ad content is delivered separately via a third-party ad server, SSAI allows the delivery of ads and the video content in a stitched stream.

SSAI is common for OTT/CTV video advertising. With the growth of personalization and ad insertion opportunities, SSAI has become a resolution for CTV and OTT publishers. Specifically, it helps to eliminate video latency and significantly improve the viewer experience, which is essential for increasingly sophisticated audiences. 

WHAT SSAI BRINGS TO THE TABLE

SSAI was originally created to help publishers bypass ad-blocking measures and provide users with a better viewer experience, eliminating any latency issues and buffering. Though, these are not the only benefits SSAI implementation brings to the table. The other advancements are: 

  • Transparency: It's one of the core benefits to the industry, bringing trust to a formerly opaque way of transaction. This is where SSAI provides publishers with metrics and insights into the supply chain, and ensures transparency. 
  • Measurement: SSAI can take care of most of the data management and measurement attribution across OTT and CTV environments, which is essential for platforms like Roku or PlayStation. Besides, with SSAI, publishers don't need to get too sophisticated with client-side code. 
  • Fraud analysis: So far, there's still no one-size-fits-all solution, but efforts made by the ad tech flagmen allow to identify untrustworthy servers, as well as whitelist and blacklist the activities more efficiently. 

THE DARK SIDE OF SSAI

On the other hand, SSAI integrations are extremely sensitive to ad fraud schemes. Moreover, as the ad spends shift to OTT and CTV channels, SSAI gets exploited on a large scale. Partially, it's due to the tendency to whitelist all SSAI servers. This security gap in SSAI allows fraudsters to spoof the user request by faking all the associated HTTP header fields, and other actions and interactions with ads.

There are also some risk factors across the CTV and OTT landscape in general, not just related to SSAI. Recently the ad tech industry has witnessed two OTT cases in point: Monarch and DiCaprio. 

Put briefly, DiCaprio scheme spoofed ad requests, imitating real users interaction with an app (accessing it via real users devices). This resulted in a violation of 114 unique Roku store URLs, 98 unique app Bundle IDs and at least 134 unique app names.

While the DiCaprio scheme was implemented mainly through users' mobile devices, the more recent case, Monarch, performed spoofing on actual OTT/CTV devices and apps.

These cases have different mechanisms behind them, but both show how easily scammers can abuse security loopholes that exist in OTT and CTV. 

Apparently, the premium brands like Lexus, Uber, Chipotle and others like them, are the main target of fraudsters. And, well, they do that through the exploitation of SSAI.

COMBATING INVALID SSAI TRANSACTIONS

For every action, there is a reaction. This is where the vocal supporters of high ad tech standards in the industry come in. 

For instance, IAB Tech Lab works closely with the Advanced TV committee to craft the guidelines for improving measurement in SSAI and, more broadly, across OTT/CTV advertising.

Also, the work towards accreditation of SSAI measurement metrics is under way. These metrics include the OTT and CTV environment, display tracked ads and impressions, plus SIVT detection and filtration across display and video traffic within the desktop and mobile environments.

Besides, there are the critical points implemented by Pixalate—the opportunity to evaluate both individual IP addresses and the overall reputation of the proxy without going "all-in" (whitelist) or "all-out" (blacklist) on proxy servers. 

FINAL THOUGHTS

Similar to a double-edge sword, SSAI can both power up CTV and OTT publishers with a new and more profitable way of ad serving, and at the same time, leave space for fraudulent activities.

The good news is that technologies aimed to fight ad fraud also evolve. By working together on standards, guidelines and metrics, as well as their further adoption, the ad tech industry will find ways to go through and stay ahead of bad actors. 

Daniel Elad is the chief strategy officer for The View Point.

Daniel Elad