An Open Letter to the Gods of CTV

To Whom it May Concern:

First of all, let us say that we’re big fans of your work. That thing you did earlier this spring with the WandaVision ending? Awesome. And we’re still talking about Orange is the New Black, and that’s been over for ages (at least in TV terms, that is). So, know that this comes from a place of love.

But we wanted to ask if you could, y’know, help us out a little bit here. As cool as CTV has turned out to be for TV watching, it came up so fast that it’s been hard at times to keep it safe from sophisticated bots for the ad folks that help to power it.

Just a few weeks ago, we released research on one of the most complex CTV botnet operations us mortals have ever uncovered: PARETO. The botnet used phones to masquerade as CTV devices to fake ad views and verification signals. And this wasn’t some small operation, this was a million nodes registering more than 650 million bid requests every day.

And then just over a year ago, there was the ICEBUCKET situation. That one was even bigger than PARETO (three times bigger to be exact). At its peak, it accounted for almost 28% of all the CTV traffic measured by HUMAN.

Lots of devilish behavior from the non-divine, huh?

All that is to say, we are doing everything we can to help the ad tech industry through this cybersecurity problem, we really are. We’re working with our friends at Roku and Google to stop fraudulent activity when we see that it’s causing problems. We’re imploring everyone across the industry to adopt the standards that the IAB Tech Lab and TAG have developed. We’ve even created a whole program to try to bring everyone together – but it remains an uphill battle.

So here’s where you come in: what we really need from you is just a small blessing. If we’re in the “growing pains” phase of CTV right now, could you spare us the awkward bits? Okay, that’s a clumsy metaphor. What we really mean is we need your help in getting everyone together to talk about what we can do as producers and facilitators who are also consumers. It takes everyone working together to fight off fraud. We saw that in real time with 3ve and we just saw that with PARETO. Those are examples of when we work together, and when we work together our defense is unstoppable. But it’s time to get on the scoring side. Bot-based fraud isn’t a measurement issue, it’s a cybersecurity one. It needs a cybersecurity solution, and that’s what we do best. Would you join us in that fight?

This is collective protection at work. If we can all get together, we can share the information we need to share to be better at making sure that it’s only humans who are watching the next episode of The Handmaid’s Tale. We can talk about the challenges of detecting and preventing SSAI spoofing and what it would take to make that more feasible. We can share what we’re seeing in our own data and maybe find patterns in others’ data so we can build new protections. That’s what our Human Collective is for – real humans working together to prevent fraud.

If you could do that for us, that’d be wonderful. ‘Cause we hear Bosch might be coming back soon and we don’t want to miss that because of bots.

Thank you – and love your work!


Concerned Humans

(This article first appeared in AdExchanger.)