FAQ

Frequently asked questions

Getting started

AdSecure is an automated ad verification system built around a custom-made crawler capable of simulating a wide array of devices and geo’s. It allows you to automatically scan ad tags and landing pages for non-compliance and malware in real-time.

As soon as our system detect a threat in a project, an alert notification is sent to the advertising operation team, giving access to a comprehensive report listing all malicious links, allowing them to take appropriate actions.

AdSecure is primarily for Ad Platforms, Ad operations team and Publishers

For Ad Platforms – by ensuring a continuous compliant and malware-free ad delivery.

For Ad operations teams – by allowing to take actions in real-time on unauthorized ads thanks to forensic evidence.

For Publishers – by protecting their brands and sustaining a secure and safe user experience for their visitors.

Ready to get started with AdSecure?

Create an account now on the AdSecure website:

  1. Open a new tab in your web browser.
  2. Go to https://www.adsecure.com and click on the sign up button, or go directly to https://www.adsecure.com/signup.
  3. Enter your full name, email address and who you are.
  4. Click Sign up for AdSecure.
  5. One of our account manager will contact you to finalize your registration.

 

Note that an email address can only be associated with one AdSecure account at a time.

Basic usage

A scan is the analysis of 1 creative (url, script, smart link…), from 1 device and from 1 geo-location.

A violation corresponds to a type of detection, which can be either non-compliant or malicious. Refer to the section Detection in our FAQ to consult the complete list of violations AdSecure supports.

An alert rule is a set of settings (name + email and/or callback URL + violations) that you configure in your dashboard so that you can receive notifications by email and/or get a callback to a URL when the selected violations are detected during the analysis of a creative or a landing page.

An Ad Tag is the HTML (and possibly JavaScript) code a browser uses to fetch an advertisement from an Ad Server and to display it on a website.

You need to be signed into adsecure.com:

  1. Visit admin.adsecure.com in your web browser.
  2. Click on the “Projects” link in the menu.
  3. Click on the “+” button at the top right hand corner.
  4. Enter a name for your project.
  5. Select the type of content you want to scan “banner iframe /javascript”
  6. Enter your tag in the dedicated field.
  7. Select an alert rule, one or more devices, one or more locations and the interval period you want between two iterations.
  8. Click submit.
  9. Click on the “Alerts” link in the menu to start consulting the results as soon as they will be available, or alternatively wait for an email notification in case AdSecure detects violations during the analysis.

A landing page, sometimes known as “lead capture page” or “lander”, or “destination page”, is a single web page that appears in response to clicking on an online advertisement.You need to be signed into adsecure.com:

  1. Visit admin.adsecure.com in your web browser.
  2. Click on the “Projects” link in the menu
  3. Click on the “+” button at the top right hand corner.
  4. Enter a name for your project.
  5. Select the ad type “Popunder / Landing URL”
  6. Enter the URL in the dedicated field.
  7. Select an alert rule, one or more devices, one or more locations and the interval period you want between two iterations.
  8. Click submit.
  9. Click on the “Alerts” link in the menu to start consulting the results as soon as they will be available, or alternatively wait for an email notification in case AdSecure detects violations during the analysis.

If you need to share a digital evidence of the violation(s) detected during the scan of a creative, you have the possibility to share the public version of a report with the third party of your choice.

Simply click on the icon “share” and copy the public URL of a given report before  sharing it with the third party of your choice.

Detection

  • Landing page error

You would receive an alert when the system identifies a broken/dead link (404 Error, 5xx, timeouts, etc.) in the landing page or when a broken link is identified in the path (intermediate redirect links inside the daisy chain) between the click URL and the landing page.

  • SSL non-compliant

Ad that contains at least one unsecured item in the chain of resources (unsafe, no https, mixed content, ssl version or cipher mismatch)

  • Auto-vibrate

Ads that automatically vibrate the user’s device when reaching a landing page. Malicious use of the HTML5 vibrate API.

  • Auto-sound

Ads that automatically play audio whenever you visit a website.

  • JS Alert on exit

Javascript alert that pops up when the user wants to close the active tab.

  • JS Alert on entry

Javascript alert that pops up without user interaction when entering on a website.

  • Auto-redirect app store

Ads that is automatically redirecting to the App Stores without user interaction.

  • Auto-download

Ads that automatically download a file/executable/application without user interaction.

  • Potentially Unwanted Programs (PUP)

Unwanted software is an executable file or mobile application that engages in behavior that is deceptive, unexpected, or that negatively affects the user’s browsing or computing experience.

  • Scareware

Ads claiming that you have a virus and you are in need of anti-virus software may, ironically, actually contain a virus that could harm your computer, cause costly repairs or, even worse, lead to identity theft. Scammers often use the names of well-known companies that specialise in computer software to gain your trust. The pop-up advertisements aim to mimic genuine warning alerts generated by computer security software.

  • Back Button Hijack

Ads containing a script that allows an advertiser to manipulate the browser history. Usually it consists in inserting one or several pages in the browser history, which would prevent the user to go back to the previous page he was coming from.

  • Auto-redirect

Ad that contains a script causing a web page to break out of any frames “framing” it, resulting in redirecting the visitor to another website/page

  • Adware

Adware is software that downloads or displays unwanted ads when a user is online, collects marketing data and other information without the user’s knowledge, or redirects search requests to certain advertising websites.

  • Drive-by mining

Ads that consists in using a piece of javascript code to mine different cryptocurrencies directly through the visitor’s browser.

  • Browser Locker

The script runs in the web browser and its main purpose is to disable any form of action that can close the browser – such as clicking the close button and pressing certain shortcut keys. All attempts to close the browser will result in a warning message box (Javascript alerts)

  • Ransomware

Ransomware is a form of malware that essentially holds a computer system captive while demanding a ransom. The malware restricts user access to the computer either by encrypting files on the hard drive or locking down the system and displaying messages.

  • Phishing URL

A phishing site might trick users into revealing their personal information (for example, passwords, phone numbers, or credit cards). The content pretends to act, or looks and feels, like a trusted entity — for example, a browser, operating system, bank, or government.

  • Malware

Malware is a general category of malicious code that includes viruses, worms and Trojan horse programs. It is used to disrupt computer operations, gather sensitive information, gain access to private computer systems, or display unwanted advertising

  • Malicious URL

Malicious URLs host unsolicited content (spam, phishing, drive-by exploits, etc.) and lure unsuspecting users to become victims of scams (monetary loss, theft of private information, and malware installation)

Advanced usage

In addition to get notified by email when AdSecure detects violations in one of your projects, you now also have the possibility to get notified by a Callback URL notification.

On your side, you need to set a URL to your endpoint that can process notifications when a violation is matching your alert policy.

Currently, you can set your callback URL through the GUI, in the Detection & Notification policy section of the Projects page .

All notifications will be sent as POST requests and include a JSON payload (request timeout is set at 10 seconds). The payload is a JSON list containing one object per each device and location combination.

 

Here is an example result posted to the Callback URL: 

[
   {
      "analysis":"a06fbc31-ee6f-4318-83d1-1c2e67743ccd",
      "report": "e397c8d6-3619-4a2f-93c3-e815a90e7324",
      "project_name":"Analysis of our website landing page",
      "content":"http://foo.com",
      "location":"alb-main-data_center-any",
      "device":"8c5ba8ed-cb9e-4dd4-bc53-f94a4ee63504",
      "score":10,
      "violations":[
         "auto_sound"
      ]
   },
   {
      "analysis":"a06fbc31-ee6f-4318-83d1-1c2e67743ccd",
      "report": "85eb2c80-e18e-49d6-bf21-bb49d7ab9a50",
      "project_name":"Analysis of our website landing page",
      "content":"http://foo.com",
      "location":"alb-main-data_center-any",
      "device":"6d666505-563c-486f-8bd6-dd8c1daa66b9",
      "score":20,
      "violations":[
         "js_alert"
      ]
   },
   {
      "analysis":"a06fbc31-ee6f-4318-83d1-1c2e67743ccd",
      "report": "7343d8ba-4a84-48a1-9c9a-eb34b2711539",
      "project_name":"Analysis of our website landing page",
      "content":"http://foo.com",
      "location":"esp-main-residential-any",
      "device":"8c5ba8ed-cb9e-4dd4-bc53-f94a4ee63504",
      "score":20,
      "violations":[
         "js_alert_on_exit"
      ]
   },
   {
      "analysis":"a06fbc31-ee6f-4318-83d1-1c2e67743ccd",
      "report": "58a34e86-6c0f-4933-b2a6-434d4714ef08",
      "project_name":"Analysis of our website landing page",
      "content":"http://foo.com",
      "location":"esp-main-residential-any",
      "device":"6d666505-563c-486f-8bd6-dd8c1daa66b9",
      "score":20,
      "violations":[
         "js_alert_on_exit"
      ]
   }
]

Miscellaneous

Less than you think! Just drop us a quick message with your needs, and we will send you a non-binding offer.