Enhanced Publisher Security – IAB Tech Lab Releases SafeFrame 2.0 Secure Ad Container
This week, SafeFrame 2.0 was released for public comment for a 60-day period until September 28. SafeFrame is an API specification that was last upgraded in 2014 for communication between a web page and an ad that is enclosed within an iframe on the page. The specification enables safe ad interactions (e.g., ad expansion) without direct access to the publisher’s page data.
It incorporates key improvements that account for advances in browser technology, standards, and business processes, such as header bidding, support for current ad formats, and page security, while respecting user privacy preferences. The SafeFrame 2.0 update aims to:
- Simplify host implementation for easier adoption
- Improve ad function for more flexibility and innovation
- Align with latest advances in browser technologies to serve ad vendors and protect publisher page data
- Support current ad formats and practices
- Improve page security and respect user privacy preferences
- Provide support for header bidding
- Align specifications with MRAID for easier conversion of mobile in-app creatives to web browser creatives
“While SafeFrame has continued to provide benefits to the marketplace, over the last six years there have been significant technological developments, and it was clear that an update was needed,” said Shailley Singh, Vice President, Product & Global Programs, IAB Tech Lab. “SafeFrame is designed to offer publishers a scalable way to insert ads on their sites, without having to risk page security and user privacy when ad scripts and service vendor scripts would otherwise have direct access to the page.”
Publishers are often left to sacrifice security for yield or employ costly operations to certify vendors and partners for third party-scripts placements in order to avoid risk. Adoption of SafeFrame 2.0 provides a highly scalable option for placing rich, interactive ads, without sacrificing page security or risking malicious ad behaviors such as unwanted downloads or page redirects.
SafeFrame co-chairs, Lucas Silva, Software Engineer, Google, and Marian Rusnak, Software Engineer, Verizon, share more details on the updates in the following piece for IAB Tech Lab titled “SafeFrame 2.0: Safer, Simpler and more advanced.”
To review the proposed standard and provide feedback, please go to: https://iabtechlab.com/standards/safeframe-implementation-guidelines
IAB Canada will be sharing this with the Ad Ops Committee as well as the Ad Tech Council to consolidate feedback on the upgrade ahead of the September 28th deadline.
Enhanced Privacy Compliance for GDPR – TCF v2.0 Launches August 15
IAB Europe is getting ready to roll out TCF v2.0, the newly enhanced framework that will replace the Transparency & Consent Framework (TCF) v1.1.
Since IAB Europe in partnership with IAB Tech Lab launched the revised framework in August 2019, nearly 500 vendors have registered to implement TCF v2.0, with over 75% of them also declaring themselves operationally ready to read and act on TCF v2.0 strings. This includes many of the largest Vendors and CMPs in programmatic advertising, including Adobe, Axel Springer, Criteo, Google, GroupM, Integral Ad Science, Magnite, Mediamath, Oracle, OneTrust, The Ozone Project, The Trade Desk, Quantcast, and Xandr, amongst many others. The full list of companies currently registered for TCF v2.0 can be found here.
Over 70 Consent Management Platforms (CMPs) have also been certified for TCF v2.0 and are currently testing the new User Interfaces (UI) with publishing partners. The confirmed scale and support of this effort highlights the industry’s commitment to implement the enhanced functionality available within TCF v2.0 by 15th August.
To support vendors, publishers and CMPs implementing TCF v2.0, IAB Europe has prepared marketing materials and collaterals to provide a clear overview of the framework, its mechanism, and what it entails for all stakeholders involved. From videos to handy guides, you will find everything you need below to get more familiar with TCF v2.0 and its latest updates. You can access all materials here.
IAB Canada is currently in the process of the development of the Canadian TCF string that will address compliance with PIPEDA by leveraging this advanced and well-adopted framework.
IAB Canada and IAB Tech Lab Partner to Support Domestic Media Properties
IAB Canada is in the final stages of developing a Canadian news media allowlist that will be supported as an open source object via the IAB Tech Lab. This list will serve as an important step towards building exceptions around blocking of international news content while getting Canadian media caught in the nets.
Look for an imminent release in the coming weeks that will outline access and future developments around our commitment to support Canadian media.
If you are an IAB Canada member and are interested in getting more involved with the Tech Lab please reach out to firstname.lastname@example.org.