The Video Ad Serving Template (VAST) standard is a widely used protocol for serving video ads on the internet. It provides a common format for ad servers and video players to communicate, allowing for the seamless delivery of video ads. However, as with any technology, the VAST standard is not immune to vulnerabilities and exploits. In recent years, changes in the standard have led to new opportunities for ad fraud.
One of the most significant changes in the VAST standard is the introduction of VAST 4.0, which allows for the use of “wrappers.” Wrappers allow multiple ad servers to be chained together, allowing for more sophisticated targeting and delivery of ads. However, this also creates new opportunities for fraud. Ad fraudsters can use wrappers to insert rogue ads into the ad chain, or to redirect legitimate ads to fraudulent sites.
Another vulnerability in the VAST standard is the ability to use “redirects” to send users to fraudulent sites. Redirects are a legitimate feature of the VAST standard, but they can be abused by fraudsters. They can use redirects to send users to fake sites that mimic the look and feel of the original site, to trick users into providing personal information or installing malware.
The rise of programmatic advertising has also led to new vulnerabilities in the VAST standard. Programmatic advertising allows for the automated buying and selling of ad inventory, but it also allows for the use of bots to inflate ad impressions and click-through rates. This can lead to advertisers paying for ad impressions that were never seen by real users, resulting in significant financial losses.
To combat these vulnerabilities, the advertising industry has developed several solutions. The Interactive Advertising Bureau (IAB) has developed the “VAST Anti-Fraud Suite,” which is a set of guidelines and best practices for preventing fraud in the VAST standard. Additionally, companies such as Fraudlogix have developed technologies that can detect and prevent bot-based ad fraud.