Light

Encrypted

Ad Choice Supported

Non-Intrusive

While global stakeholders are working hard to finalize the details behind LEAN, the industry has already embraced the tenants of the four principles designed to improve the global state of online advertising.

Let’s have a closer look at “E”. Securing the integrity and privacy of information that is exchanged between publishers and consumers has risen to the top of the supply chain’s priority list. It’s not a new subject. Back in 2014, both The New York Times and Google called out the importance of encrypted communication between publishers and consumers.

So concerned with encryption is the US that, the government is implementing a requirement that all accessible Federal websites and online services are delivered in HTTPS.

What is the Function of HTTPS?

HTTPS at its core provides the origin of a resource delivered from server to browser. Every time a server delivers encrypted content, it must acquire a certificate that is “signed” by a trusted authority and issued to their specific domain. HTTPS helps fight against malware by providing consistent sets of identifiers for servers thereby deterring malware distributers from cropping up on HTTPS servers because it makes them faster and easier to identify.

While many ad systems are already supporting HTTPS (a recent US IAB survey indicates 80% of member ad delivery systems), there is still a lot of work to be done. The interconnectedness of the eco-system requires publishers’ every tag on every page to support HTTPS. In addition to their own ad server, the agency ad server, any beacons, scripts from measurement, brand safety and verification tools and any other system connected to the supply chain need to support HTTPS.

Due to all of these dependencies, IAB is globally urging all industry stakeholders to do their part to support securing the supply chain. It only takes one “broken link” to negatively impact a consumer’s experience that leads to publishers initiating an expensive search for the failure point.

As we move towards securing the supply chain globally, we must all take on the responsibility and investment towards doing it right. As with any other program designed to self-regulate or improve the industry, this change requires resources. Acquisition and management of certificates and technical requirements on servers to handle encryption are some costs associated with this shift. Please see this paper by Carnegie Mellon outlining some of the impacts of adopting HTTPS.

As we continue to combat fraud, malware and piracy with the Trustworthy Accountability Group (TAG), IAB Canada stands strongly behind the adoption of HTTPS encryption as an important step towards securing the supply chain.

Please contact IAB Canada with any questions, comments or suggestions on this important issue.