Posts

Google announced recently that it is requiring advertisers to provide documentation of their identity and geographic location to be eligible to run ads on the platform.

The new policy is an expansion of similar restrictions put in place in 2018 requiring the advertisers behind political ads to provide identification verification.

How Advertisers Verify Their Identity

Google is rolling out the new policy in phases and will be selecting certain advertisers to verify themselves first. Specifically, Google says it will prioritize those who do the following across its Ad Network:

  • Promotion of products, goods, and services.
    • Examples: Retail, media and entertainment, travel, B2B, technology, etc.
  • Promotion of informational, advisory, or educational content.
    • Examples: Content promoting educational resources, research and statistics, free health or financial advice, charitable or social causes, etc.
  • Promotion of content related to regulated industries.
    • Examples: Gambling and games, financial products or services, healthcare products or services etc.

If selected, an advertiser will be required to provide documentation to verify their identity within 30 days. Accepted documentation will include:

  • Personal identification methods
  • Business incorporation documents
  • Possibly other items to verify who they are
  • Operating geography

If documentation is not provided within the 30 day limit, all ads will be stopped until the issue is resolved.

Google also says it will begin the program in the United States before rolling out globally. The new requirements will apply to every aspect of Google’s multi-faceted advertising platform, including Search, Display, and YouTube ads.

Currently, the company expects that it will take a few years to fully implement the program.

Notably, the information currently available suggests that Google is specifically focusing on the individuals or companies running the ads, not necessarily the individual managing the ads. This means your ad agency will likely be asked to verify your identity on your behalf.

New Disclosures For Ads

Part of the reason Google is requiring this information, is that it is beginning to add new disclosures about the identity of advertisers when displaying paid ads.

The disclosures are available below the “Why this ad?” option when clicking for more details.

The disclosure will include information about the advertisers’ name, country location, and will provide an option to stop showing ads from that advertiser.

Why Is Google Doing This?

As the company explained in its announcement, the new program is part of a larger effort to “provide greater transparency and equip users with more information about who is advertising to them.”

Director of Product Management for Ads Integrity, Jack Canfield, elaborated by saying:

“This change will make it easier for people to understand who the advertiser is behind the ads they see from Google and help them make more informed decisions when using our advertising controls. It will also help support the health of the digital advertising ecosystem by detecting bad actors and limiting their attempts to misrepresent themselves.”

For more information, read Google’s announcement here or explore their additional guidance on the program here.

Examples of injected ads ‘in the wild'

Examples of injected ads ‘in the wild’

A new study from Google and the University of California, Berkeley and Santa Barbara has found that over 3,000 advertisers have been the victims of ad injection software, including major brands such as Sears, Walmart, Target, and eBay.

Ad injectors have long been a boon for webmasters, as the troublesome and occasionally malicious programs insert unwanted ads into web pages costing publishers in ad revenue and causing advertisers to pay for traffic from ads they never intended to buy.

The study exposes a network of companies that profit from and facilitate these unwanted ads and to show just how widespread the issue is. Google says it has received more than 100,000 complaints from users about ad injectors since just the start of this year.

Ginny Marvin from Marketing Land thoroughly breaks down how ad injection works:

The ad injectors comes in the form of browser extensions and software applications that infect a user’s browser. Google found more than 50,000 browser extensions and 34,000 software applications that had hijacked user’s browsers to inject ads. In nearly 30 percent cases, the software bundles were “outright malicious”, not only injecting ads but stealing account credentials, hijacking users’ search queries and reporting user activity to third parties for tracking purposes.

Google found the ad injector software being distributed onto users computers by 1,000 affiliate businesses, including known adware browser extensions, Crossrider, Shopper Pro and Netcrawl. These companies aim to spread as many ad injector software downloads as possible in a number of ways, including bundling their applications with popular downloads (who hasn’t fallen victim to the pre-checked box for an add-on during a software download?), blatant malware distribution and extensive social media campaigns. They then collect affiliate fees when users click on injected ads.

The ad injectors get the ads from about 25 ad injection library companies such as Superfish and Jollywallet, which in turn source and target ads from relationships with a handful of ad networks and shopping programs. It’s these libraries that pass on a fraction of the profits to the affiliates.

Google found that 77 percent of all injected ads originated from just one of these three ad networks: Dealtime.com, Pricegrabber.com and Bizrate.com.

This network is massive for even the most sophisticated spam and shady marketing systems. Google used a custom-built ad injection detector on Google sites and found that 5.5 percent of unique IP addresses (representing millions of users) accessed Google sites that had some form of injected ads.

Don’t think your Mac is safe either. Google also saw that 3.4 percent of page views on Apple machines and 5.1 percent on Windows machines showed clear signs of ad injection software.

To combat the problem, Google says it has taken down 192 deceptive Chrome browser extensions from the Chrome Web Store and instituted new user protections to prevent similar extensions from making it into the store in the future.

The full report will be presented later this month at the IEEE Symposium on Security & Privacy, but you can read Google’s announcement of the study results here.