Ad-serving standard could be supporting malvertising

The global standard for ad-supported video could soon make it easier for malvertisers to abuse smartphones and PC video players, according to one of the world’s largest providers of the ad-serving technology.

Mark Stanton, head of Brightcove Australia and New Zealand said that the standard gives the video players too much freedom to permit ads access to web pages.

That, he argued, could allow a malicious advertiser to re-write advertising links or make other unauthorised changes to web pages on devices.

“There is a new industry standard that I feel makes it easier for malvertising or malicious ads. The conversation I’m having with customers is how can we implement that standard in a way that is still safe for users and for them,” Mr Staton said.

He said that the problem would primarily impact desktop but could apply to “anything that renders HTML”.

Quite a lot of Smart TVs and other devices do run web browsers then in theory they are potential targets.

The standard developed by the Interactive Advertising Bureau (IAB), known as VPAID 2.0 (or HTML5 VPAID), has been around for about four years.

The problem, Mr Stanton said, was that there was a rapid trend away from consumers watching catch-up TV services on desktops to smartphones as mobile data prices fell.

However, he said that “in the wild” he was only aware of it affecting browsers on desktops.

“The way that we have implemented in our player is to only allow the ads limited access to the page. That locks any ads into a sandbox that they can’t do go things re-write links or make other changes to the page,” he said.

Mr Stanton’s comments coincided with the company’s announcement that Brightcove had struck a deal to supply Network Ten with new ad-serving technology that circumvents ad-blockers for its tenplay catch-up TV service.

The new technology weaves ads into tenplay streams rather than calling on the device’s video player to make a call to a secondary ad server.

Mr Stanton said that the company was also working with other television networks on an initiative to address what he called “viewability” – to reveal how frequently ads were being blocked or obscured during viewer sessions.

Brightcove estimated that, in some cases, up to 50 per cent of ads were not being viewed, however, that varied with age demographics and gender.

“For content that is targeting males in the 15 to 30 age demographic there’s very high ad-blocking rates. For content that is targeting an older audience or more female skewed, the rate can be a lot lower – they can be single digits. So, there’s not a global rule,” he said.

Participate in this short survey on IT security strategies across the Australian market and go in the draw to WIN a 360Fly camera vailued at $689.

Start survey NOW

Join the CSO newsletter!

Error: Please check your email address.

Tags smartphonesmart TVsriskmalvertisingattacksvpaidadvertising softwareBrightcove Communicationsmalwarecyber securitythreatmalicious adsabusehtml codephishingPC video playersadvertising

More about BrightcoveInteractiveInteractive Advertising BureauInteractive Advertising Bureau (IAB)Network TenSmart

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Andrew Colley

Latest Videos

More videos

Blog Posts