There was an unexpected error authorizing you. Please try again.

SafeFrame Update: Input Last Call

Ad technologists: Join the working group and influence the development of SafeFrame 2.0

SafeFrames have been quietly, or not so quietly, in use since their release in 2013. With a minor update in 2014, IAB Tech Lab’s SafeFrame has been left alone to function in a rapidly changing marketplace. Since that last release, we’ve seen development in HTML, header bidding, and measurement standards, all factors that conflict with using SafeFrames efficiently. So, seven years later, it’s time for an update and we need your input!

A SafeFrame offers an API for communication between a web page and an iframe, which
enables a safe way for ad interaction without risking direct access to page data. 

Most commonly used as a feature of Google Ad Manager, SafeFrame continues to benefit the market. However, implementation can create friction as a SafeFrame-enabled ad makes its way through the ad supply chain. Complex ad functions combined with services for measurement, brand safety, and other offerings usually result in requests to disable SafeFrames, leaving publishers vulnerable. Without some sort of “sandbox” or lengthy certification process, page data that may include private consumer details is potentially exposed.

Among the complaints for using SafeFrames is that it’s too prescriptive on host implementation; it prevents service vendors from accessing the data they need to function; it breaks ad function; and it doesn’t work with header bidding. The result of diminished SafeFrame adoption is that publishers are left to sacrifice security for yield, or employ costly operations to certify vendors and partners for risky script placement.

We’d like to see a flip in SafeFrame use, where requests to disable SafeFrames is the exception rather than the common mode of operation. 

IAB Tech Lab reassembled the SafeFrame Working Group last year to discuss the next update. Among the new requirements are:

  • Requests for a simplified implementation, especially for the host
  • A separation of ad function and measurement
  • Aligning with latest advances in browser technologies
  • Support new ad formats and ad placements
  • Support for header bidding
  • And smoother alignment with MRAID (Mobile Rich Media Ad Interface Definitions) for easier mobile/web ad conversion

We are quickly approaching the release of a draft document for public comment, but we’d like your input. Do you have any experience working with SafeFrames? What would you change to make it easier to use? Are we addressing all the right issues?

Join us in a final push to prepare the draft update for public comment, but hurry! We’re targeting the end of the month for draft completion. 

Contact by July 1, 2020 to get involved. If you can’t participate now, be sure to watch for the release to public comment later in July so you can provide your feedback.

About the Author

Katie Stroud
Senior Product Manager
IAB Tech Lab