BETA
This is a BETA experience. You may opt-out by clicking here

More From Forbes

Edit Story

DoubleVerify Detects New Ad Fraud Scheme On Connected TV Devices That’s Costing Advertisers Millions

This article is more than 3 years old.

As viewers spend more time streaming shows and marketers spend more money to reach them through connected TV devices, ad fraud schemes following the money are becoming a more complex—and more expensive—problem.

The ad verification company DoubleVerify has uncovered a complex ad fraud scheme involving more than 2 million devices a day and costing advertisers more than $5 million a month. The scheme, revealed today, has already been used on well-known devices including Roku, Amazon Fire and Apple TV, according to DoubleVerify.

Here’s how it works: Advertisers bid on and win fake ad inventory while fraudsters save data from the winning bids. The fraudsters then bid on and win real ad inventory while using multiple fake ad transactions and paying for just one slot, thereby cashing out on the uncounted impressions.

DoubleVerify researchers have nicknamed the scheme “SneakyTerra” because of how “sneaky” it is when it comes to hijacking real television sessions using connected television devices (CTV) to mask fraudulent behavior, making it more difficult to detect. (Previously, fraudsters have made the mistake of using fake data, such as a fake IP address or fake app, that’s identifiable.) DoubleVerify—which began tracking the scheme in October—has seen the scheme become more confident in its abilities since earlier this year and scale its reach to even more devices.

“So if initially, we were mostly seeing Roku devices being abused, we now also see Apple TV devices and Fire TV devices being used and some smart TVs as well,” according to Roy Rosenfeld, DoubleVerify’s head of fraud lab. “So with the bad actors in this case, we're talking about millions of ad requests a day.”

Part of the problem is that CTV has plenty of ad inventory demand from the massive uptick in streaming. However, ad supply doesn’t fully match the needed inventory, and because of that, there’s a supply-demand gap, which ad fraudsters are looking to fill. And while ad fraud has been a problem within digital advertising for years—and increasingly a problem win the CTV space—the newly uncovered scheme is more complex than its predecessors. 

According to DoubleVerify Chief Marketing Officer Dan Slivjanovski, marketers spent around $8 billion on CTV advertising in 2020, and that sum is expected to grow another 40% this year. Technologies unique and specific to the CTV environment, such as server side ad insertion, creates another intermediary point for fraud to occur. And because of the way video filtering occurs, it makes fraud more difficult to detect.

“From a pure macro channel standpoint, it is the fastest growing channel,” he says. “CTV inventory is in the stratosphere in terms of premium value. Supply is constrained relative to demand—meaning you have a lot of advertisers who are interested in this premium high engagement medium, and as a result, it's lucrative for fraudsters to pretend that they're representing that inventory.”

One of the ways DoubleVerify has been able to identify SneakyTera is the time difference between when ads are fetched and when they’re rendered: While that’s typically just a few seconds, DoubleVerify has found that the new scheme sometimes has a delay of 240 minutes.

Fraudsters behind SneakyTerra are also going a step further and investing what DoubleVerify estimates is millions of dollars into the marketplace by buying real ad inventory. This illustrates how they see even more potential for ROI if it’s worth the cost. When asked from where the fraud might be originating, Rosenfeld declined to comment, but added that the level of sophistication signals that it’s “not necessarily from some dark corner of the globe.”

“If you think about that, it means the fraudsters are now spending more money to try and ensure they are able to defraud the marketplace in advertising,” he says. “And I think it's really interesting, both from a technology state of mind because they're really building something quite sophisticated here in their attempt to evade detection. But also, just from a business perspective, you can see just how much this is a business: buying inventory in order to execute the fraudulent ad of code, and it's paying off. Unless we stop them, of course.”

Follow me on Twitter or LinkedInSend me a secure tip