The Three Deadly Sins of ads.txt and How Publishers Can Avoid Them

In this blog post, we will address some misconceptions and attempt to clarify how publishers should go about deploying and managing ads.txt.

Why only three sins and not seven? ads.txt is not complicated enough for seven!

ads.txt was never intended to solve every fraud problem in ad tech; it was meant to solve a specific form of publisher and intermediary fraud called “domain spoofing”. IAS (Integral Ad Science) has an excellent summary (though it predates ads.txt, and thus does not mention it) of this type of attack — please go read that, then come back to this post.

?Although ads.txt does not solve for in-app environments, our new specification app-ads.txt is intended to address mobile and OTT in the same manner. The guidance in this post applies to both ads.txt for browser inventory and app-ads.txt for in-app inventory.

ads.txt is used by DSPs (Demand Side Platforms) and exchanges to validate programmatic sales channels. That is, when a programmatic platform receives a bid request, there are three key pieces of information:

  1. The sending exchange (let’s say PubMatic)
  2. The page URL, such as https://bleacherreport.com/articles/2833602-should-harden-rockets-change-approach-after-no-calls-vs-warriors-in-game-1
  3. The publisher ID on the given exchange (“156599”)

Given this set of information, an exchange can attempt to match these data points to the contents of https://bleacherreport.com/ads.txt, which contains this line

pubmatic.com, 156599, DIRECT, 5d62403b186f2ace # banner

So the owner of the bleacherreport.com domain authorizes the sale of ad inventory through PubMatic with the account ID 156599, and the impression is considered authorized.

In contrast, suppose an impression instead is observed coming from:

  1. SketchyExchange.com (this domain is available, for anyone paying attention!)
  2. With the URL https://bleacherreport.com/articles/2833602-should-harden-rockets-change-approach-after-no-calls-vs-warriors-in-game-1
  3. And publisher ID 843185

A DSP will know not to bid on it because Bleacher has not authorized SketchyExchange.com.

You might think of it as if including a platform in an ads.txt file grants a “license” to sell ads through programmatic channels. That license is a statement of trust and should (a) not be given out lightly, and (b) be earned and re-earned every month as revenue comes in the front door.

1. Gluttony

I think the worst mistake we see on the publisher side of ads.txt is the sin of gluttony, exemplified well by hubpages.com. Coming in at 24,163 lines, over 23,000 data rows, and 43 unique partners, congrats HubPages!

Giant ads.txt files such as this one result in a number of problems, the most important of which is probably that demand side participants are likely to ignore it.

In a world of excesses of supply, DSPs would like an answer to the question “in which channel would you like me to spend money?”, and an ads.txt file with 24,163 lines is a failure to answer this question. In the best case, demand platforms will respect a few hundred lines of ads.txt and ignore the rest. In the worst case, demand platforms will ignore the file entirely and disallow any programmatic channels for the domain.

Disclaimer: I understand that the vast majority of entries there are AdSense related and perhaps unique to the HubPages business model. Don’t @ me!

The first rule of ads.txt is:

❗ Any DIRECT relationship should be sending you checks, preferably large ones.

What about Resellers?

2. Sloth

The next mistake we see is the sin of sloth, perhaps exemplified best by arcamax.com. Arcamax has 3,274 RESELLER relationships listed with 118 unique partners. Are all of these reseller relationships bringing in revenue under all of those publisher IDs? I doubt it!

If a direct exchange asks for a RESELLER line with one of their partners, publishers should first evaluate the (reselling) partner for trustworthiness, then continually re-evaluate that entry on a routine basis for the revenue contribution it provides.

We’re not saying “no resellers”, but the suggestion is that since ads.txt helps legitimate value-add sellers, publishers should do their part in due diligence evaluation. DSPs tend to be more suspicious about second-level reselling, a topic which Ian Trider wrote about in AdExchanger.

The second rule of ads.txt is:

❗Any RESELLER relationship should be traceable to a line item of money flowing through an existing DIRECT relationship.

3. Pride

It may come as a surprise to learn that the contents of ads.txt files are read by robots, not people. These robots may be smart in many ways, but likely do not know what to do with two lines like this, courtesy of https://dianfarmer.com/:

rubiconproject.com <http://rubiconproject.com>;, 20052, RESELLER,
0bfd66d529a55807

Don’t expect a human to review your ads.txt, expect a robot to do it.

Publishers should understand how ads.txt will be used on the buy side and what the implications are for managing the entries within the file.

The last and hopefully easiest rule of ads.txt is:

❗Don’t make syntax errors. Remember the robots!

When in doubt, run your file through a trustworthy validator like https://adstxt.guru/validator/ or https://www.adstxtvalidator.com.

Takeaway: buyers AND publishers need to be diligent to make ads.txt work. We needYOU to help stop ad fraud!