GeoEdge provides ad verification to ensure a safe user experience. Their mission is to protect customers from malware through proactive detection of infected ad campaigns across mobile, online and video advertising. New offerings include custom solutions and the first verification service for video ads. Common misconceptions about malware protection are addressed, highlighting the limitations of manual checks, ad servers, direct campaigns and individual demand partners. A holistic approach is needed to identify the source of attacks and block bad actors across the entire ecosystem.

1. Know Your Malware
Protect Yourself
Amnon Siev
CEO, Geoedge
GEOEDGE CONFIDENTIAL 1

2. GEOEDGE CONFIDENTIAL 2
Online
Ad Verification
Mobile
Ad Verification
Video
Ad Verification
GeoEdge is the leading Ad Verification provider
for the Mobile and Online advertising ecosystem
Our Mission: To ensure a Safe, Clean and Engaging User Experience
New Offer!

3. Customers
• Over 700 customers worldwide
• Partnering with leading Ad Platforms
3GEOEDGE CONFIDENTIAL

4. The Real Cost of Malware
GEOEDGE CONFIDENTIAL 4
Direct CostsPoor User
Experience
Long Term
Impact
Cost to Publisher

5. Impact on User
5
Two levels:
1.User is warned
2.User is infected
GEOEDGE CONFIDENTIAL
Ransom Viruses

6. Bad User Experience Without Malware
6
An holistic view of the user’s experience
GEOEDGE CONFIDENTIAL
Auto-
redirects
Drive By File
downloads
Post click File
Downloads
Java script
errors
Phishing scams
Deceptive
offers

7. Mobile Redirect
GEOEDGE CONFIDENTIAL 7
1 Use App
See Banner2
Automatically Leaves
App…and a new
window is opened!
3

8. Direct Costs
8
GEOEDGE CONFIDENTIAL
Operational challenge to
track & block campaigns
Brand
Reputation &
Bad Publicity
1
2
Demand Partner blocked
Legal exposure
3
4

9. Long Term Impact On Your Business
Ad injections - hijack your traffic
cutting right into your bottom line
Domain spoofing - your name is
used to sell fake traffic - you can
be black listed
Often users are not aware they have
been infected
9

10. Long Term Impact On Your Ecosystem
10
Botnet for traffic and click fraud - malware that allows the
hackers to create “real” traffic/clicks from the user machine
This may happening
on your site!
“Traffic fraud is only a
problem for advertiser …”

11. ANA Report – December 2014
11
Advertisers lose faith in Premium publisher traffic!
1. CPM goes down as Advertisers factor into account fake traffic
(23% of video ads traffic is not human)
2. Complicate contracts with advertisers
BIG
PICTURE

12. 12
I’m not at risk…
Common misconceptions
GEOEDGE CONFIDENTIAL

13. Misconception #1: Manual pre-lunch checks
Hacker buys
ad space on
your site
Campaign is
launched
User accesses
your site
From: France
Browser: IE
Time: 2 PM
Infected: No
User accesses
your site
From: Canada
Browser: Chrome
Time: 1 AM
Infected: Yes
Hacker injects
malicious code
targeting a specific
user segment
Malware attacks are
dynamic and usually starts
after the campaign go live.
Manual check is meaningless as
malware will probably target
specific user segment
Malware!

14. Misconception #2: Ad server protection
14
I’m protected because I’m using my
ad server malware detection
GEOEDGE CONFIDENTIAL

15. MALWARE
Ad server protection limitation
15
3rd Party
Ad servers
Tag
`
Tag
Tag
Tag
Publishers
Ad Server

16. Nuclear Exploit Kit landing page
Ad server protection limitation - example
GEOEDGE CONFIDENTIAL 16
September 2014:
Last.fm & Jerusalem Post
attack via Double Click that called Zedo
Pubads.g.doubleclick.net
d3.zedo.com/jsc/d3/fo.js (compromised)
Static.the-button.com/d2.php
[string].wiab-service.se/geobalance/geo2.php

17. Misconception #3: Direct Campaigns
17
I’m protected because I’m serving campaigns
directly from my in house platform
GEOEDGE CONFIDENTIAL
 Landing page – post click attacks are more common than pre click!
 You are exposed via other 3rd party code on your site
 Your infrastructure could be hacked

18. Misconception #4: Trusted Demand Partners
18
I’m protected because I trust my
demand-partners protection
GEOEDGE CONFIDENTIAL
 Demand-partner’s protection is limited
 Protection systems are based on scans – your traffic is a small portion of
their traffic and scanned accordingly.
 Many malware attacks come through reputable demand partners and SSPs:
Jan 2015 – AOL: Drive-by malware downloads to the Huffington Post,
GameZone, LA Weekly,

19. So What Can Be Done?
19
1. Use proactive protection
2. Understand the implications for users. It’s not enough just to know that
there was an attack
3. Find the infected campaign – HOW?
4. Track the bad player – of all the mediators who could be responsible
5. Block Campaign
GEOEDGE CONFIDENTIAL
 Holistic view of the user’s
experience
 Full transparency
 Detection AND
recommendation
 Pinpoint malicious source
 Multi-format protection
 New VIDEO verification

20. Super exciting NEWs from GeoEdge
20
First ad verification service that will provide TRUE
transparency and verification for Video Ads!
Video Malware Protection
Protect against bad user experience
• Auto play with/out sound
• Ad length / size
Protect Publisher Video Revenues
• Identify player inside banner
GEOEDGE CONFIDENTIAL

21. 21
w w w. geoedge. com
GEOEDGE CONFIDENTIAL