Adalytics Report Torches Ad Tech For Touting MFA Prevention While Scarfing MFA Supply
March 11, 2024
As seen on AdExchanger
“We’re not exposed to MFA.” “All our vendors block it, and we mostly buy through private marketplaces.” “Our verification service filters out 99.9% of it.”
Whatever gets you through the night.
Practically every ad tech vendor has put out a press release in recent months full of bluster about cutting out made-for-advertising sites – and yet supply sources remain oversaturated with garbage inventory, according to a new Adalytics report released on Monday.
The report is full of painfully awkward moments for the biggest SSPs and media companies – but these findings are, more than anything, an indictment of the programmatic advertising ecosystem overall, rather than any one specific company.
The industry is stuck in a standoff, Krzysztof Franaszek, founder and CEO of Adalytics, told AdExchanger.
Supply-side platforms that eliminate MFA from their marketplaces aren’t rewarded by the buy side. Instead, their reach goes down, and CPMs go up. DSPs, meanwhile, aren’t incentivized to stop serving on MFA because their clients want more reach and low prices.
The report
Adalytics is an online ad transparency startup, and most of its clients are advertisers.
It built a name for itself by publishing a series of headline-grabbing reports over the past year about sensitive subjects of great concern to ad buyers, including brand safety, transparency and wasted ad spend.
Google, which was the subject of three scathing reports in the space of less than a year, has criticized Adalytics for stoking fears about Google’s products to boost its own business.
But it’s hard to dispute this evidence. For the newly released MFA report, Adalytics used only open-source data sets for its analysis. No log-level information was analyzed. Instead, Adalytics generated fake online identities and observed the ads served to them on a page. This makes the findings even more damning than those in earlier Adalytics reports. And that’s because when Adalytics previously documented, for example, how the Google Search Partners Network is vulnerable to unsuitable placements, it was highlighting more of a hypothetical problem. The report demonstrated that it was possible to generate ads for major well-known brands on US-sanctioned Iranian sites and fetishistic pornography sites by doing on-site searches. But it’s not as if most people are visiting an Italian-language bestiality website and searching for “Gillette” or “Google Pixel 7.”
But the new MFA report doesn’t focus on self-prompted ads – these are ads being served to real humans who visit low-quality websites.
The major channels
The report calls particular attention to the buying tools on offer from Google, Amazon and Microsoft as major carriers of MFA supply. And each, interestingly, has its own unique way of overconsuming MFA.
Microsoft Ads and Xandr, for instance, were observed by Adalytics serving MFA ads to by far the most individual advertisers – more than 9,000 distinct businesses. That’s because tens of thousands of small and local services, such as barber shops, dental practices and other Main Street mom-and-pop shops are on the Microsoft Audience Network and are therefore served via MSN and Bing.
The Google DV360, meanwhile, is the biggest buyer of MFA, according to the report, and not just because it’s the biggest DSP overall. DV360’s relative prevalence of MFA supply in the Adalytics sample was about four times greater than Amazon, the second largest offender.
Amazon’s retail media network is “plastering” MFA inventory with product listing ads, according to Franaszek.
Retail media is ripe for MFA. The main reason is because retail media networks (RMNs), including Amazon’s network, are laser-focused on the user. RMNs follow IDs around the web – including to low-quality MFA sites – and suggest product listing ads based on what a retailer knows that person has previously searched for or added to an online cart.
There is little actual value in these placements, but MFA supply is valid human traffic – and Amazon can take advantage of that fact, because RMNs sell based on post-view conversions. If, at some point down the line, Amazon converts on the sale of, say, Procter & Gamble brand Pampers, it’s easy to overlook what was in the media chain.
(Adalytics did spot the Amazon DSP serving Pampers to MFA, by the way.)
According to one Fortune 100 CPG marketer who saw the Adalytics report before publication and spoke with AdExchanger on background, the amount of Amazon ads served on MFA is extremely troubling. Those product listings don’t actually generate purchases, but by exposing an individual to those placements on an MFA site, Amazon Ads can claim credit for the conversion – which, in some cases, would otherwise be organic.
Big ups
But let’s take a brief break from hammering the offenders to dish out a few kudos.
A gold star goes to Kargo, which is the only well-known third-party programmatic SSP that didn’t appear in the MFA audits performed by Adalytics.
Ozone Project and TrustX also deserve a pat on the back. Both are SSPs that sell media only to specific news publishers, so they’re well insulated from MFA.
The DSP standouts are Basis (formerly Centro) and the biggie: The Trade Desk.
Unlike many of the other companies called out by Adalytics, TTD legitimately filters out MFA and has since before it became a publicized issue. An open question in the industry is why TTD has been so quiet about its success when it could instead be boasting about its commitment.
One theory Franaszek said he’s heard is that TTD doesn’t want to be seen as bashing the open web. If advertisers have a negative association with the programmatic web, that isn’t good for The Trade Desk.
There’s also what you might call the “Please proceed, Governor” rationale. As in, when your opponent is making a mistake, don’t correct or interrupt them – just let them blunder.
The Adalytics report cites a recent AdExchanger newsletter (pardon the meta-reference) that suggests TTD has been able to create a major advantage for itself in bakeoffs with other DSPs because it discreetly doesn’t waste spend on MFA.
Why is this happening?
So, if there are some ad tech companies blocking MFA – why can’t everybody else?
Well, the fact is, they can. They just don’t.
MFA publishers are fairly sophisticated, according to Franaszek.
“I almost respect them,” he said. “They clearly have data scientists and knowledgeable developers.”
But even so, it’s relatively easy to weed out MFA supply.
When an SSP is called out for selling MFA inventory – especially in private marketplaces where it remains almost as rampant as in open exchange buys – there’s nothing stopping the platform from immediately flipping a switch to block MFA, Franaszek said.
The capability exists. The problem – or one of the problems, at least – is that SSPs and DSPs often treat MFA as a check-the-box issue, not as something that needs ongoing maintenance.
Last July, Magnite announced that it was using Jounce Media, Similarweb and others to weed out MFA supply. Many other SSPs and ad exchanges, including Sharethrough and PubMatic, made similar pronouncements.
Yet all three were found by Adalytics to still be serving ads on MFA sites, as were OpenX, Nexxen, Index Exchange, TripleLift and others.
What gives?
MFA publishers typically use zombie domains, meaning that the URLs change frequently. Numerous SSPs have pledged to use Jounce Media MFA tracker, which it updates daily, but it’s possible they’re only incorporating a static version of the list.
The biggest problem, however, is the human element.
Most people think of “programmatic” as a synonym for “automation.” But in practice, different stakeholders have their own – often conflicting – incentive structures.
If, for example, an advertiser incentivizes its agency or DSP to reach as many valid human eyeballs as possible at the cheapest CPMs possible, what they’re really asking for is MFA.
Advertisers accept shoddy ad placements at times because they consider it “cheap reach,” Franaszek said.
But while the CPM may be low, MFA sites also reload ads, sometimes hundreds of times if a user keeps a tab open. The brand is often paying extra, and the only net result is that a walled garden ad platform can claim attribution credit on an upcoming transaction.
Because MFA isn’t fraud. Real people are seeing real ads; it’s just worthless to the brand. And the brand often doesn’t realize this inventory is in the mix.
“If a brand wants to buy MFA, that’s totally their right,” Franaszek said. “But advertisers who believe they’re no longer buying MFA are clearly heavily exposed.”