There was an unexpected error authorizing you. Please try again.

The Time for Buy-side Transparency is Now

Buyers.json and DemandChain Object are ready for implementation to help address challenges around malvertising and nefarious ads.

There are few standards in ad tech that have had as incredible an adoption curve as the IAB Tech Lab’s sell-side transparency standards ads.txt (authorized digital sellers’ list), sellers.json, and SupplyChain Object. This adoption was driven by the need to address a major problem in the industry: ad fraud. Media buyers saw the benefits of transparency and pushed hard for the adoption of these standards. 

We now are looking at a separate set of problems that need to be addressed, which also requires transparency: malvertising, scam ads, and “bad quality” ads. This time the transparency is needed from buy-side entities.

FIrst, some definitions to make sure we are aligned: 

  • Malvertising is the practice of incorporating malicious code (malware) into ad creatives. This could result in leakage of users’ private information & passwords, installation of viruses, etc.
  • Scam ads could be considered as a subset of malvertising, but deserve a mention of their own given their impact and current relevance. These are ads that trick people into giving out their personal information by using clickbait, false information, fake content or by appearing to be an entity they are not. Examples of these are ads that claim to be giving out bitcoins or a great deal on a product, or providing fake services.
  • Bad quality ads: these are not necessarily malicious ads, but ads that are heavy weight or have bad code in them that result in the webpage or the app slowing down, or they incorporate bad behavior like auto redirect or do not comply with IAB Tech Lab’s Ad Portfolio recommendations or the Coalition for Better Ads’ (CBA) recommendations for user experience. 

Consumers are the most impacted by these and therefore the publishers (sell side) are the most concerned with solving these problems at the moment. But we (the ad tech industry) should all be united in trying to solve these problems. These “bad” ad issues impact everyone:

  1. At a minimum, these ads can result in a negative brand impact, especially in the cases where the fraudulent ads appear to be from major brands (termed “brand hijacking”). 
  2. Users are also likely to associate bad experiences, like slow loading pages or apps, with not just the publishers but also the brands they see at that point in time. 
  3. Finally, in the case of malvertising and scam ads, the impact on the user (financial or privacy) could lead to regulators stepping in to mandate better vetting processes. If the call for a better ecosystem is not sufficient, the idea of getting ahead of any regulatory bodies pushing unwieldy requirements should get us all together in solving these problems with some self-regulation.

With all this in mind, we would like to call for both the sell-side and buy-side entities to come together in adopting the recent release of two buy-side transparency specifications from the IAB Tech Lab: buyers.json and DemandChain Object. These specifications are essentially a mirror of the sell-side transparency specs (sellers.json and SupplyChain Object). Buyers.json provides transparency around all the buy side entities any advertising system is working with. DemandChain Object provides transparency around all the entities involved in the bid response for a particular ad impression. With these specs in place, it will improve the likelihood of tracing the source of “bad” ad creatives across platforms and of taking action to stop them.

This is not to say it will be an easy effort. First, there are challenges in publishing data. From the ads.txt and sellers.json experience, we know that there may be many contractual discussions that may need to be had. There will also be concern from the buy side (just as there was on the sell side) that publicly exposing the business relationships might be problematic. Second, (and probably the bigger challenge) is a lack of consistency in identifying buyers. Buy-side platforms will likely need to be more rigorous in the processes they follow when onboarding new advertisers, so that they can be consistently identified across platforms.

While the specs call for broad adoption in order to get as granular a level of transparency as possible, we recommend the following roadmap for the industry: 

  1. Buy-side platforms should start with discipline into their onboarding processes: ensuring that there are checks in place for verifying the identity of the advertisers who want to use their platforms, and checking their domains and their business identity (and perhaps TAG IDs, if available) during the onboarding process. 
  2. Demand Side Platforms (DSPs) should implement buyers.json. DSPs, SSPs and other intermediaries should all implement DemandChain Object.
  3. Supply Side Platforms (SSPs) and other intermediaries should implement buyers.json.
  4. The “DSP managed services” use case described in the buy side transparency implementation guide, and agencies support for buyers.json can come last.

We have provided a great level of detail in the implementation guide to help with adoption, but we would appreciate any feedback you may have in improving these specifications. 


Amit Shetty
Vice President, Programmatic & Partnerships
IAB Tech Lab