Google Moves to Encrypt Ad Traffic

Encryption by default is a popular goal for internet companies, and Google has done its part to use strong HTTPS encryption, for Search, Gmail, YouTube and Drive. The company is now moving its advertising platforms to HTTPS as well. Most of its ads will be served over encrypted links by the end of June.

“In addition to providing a secure connection on our own products, we’ve been big proponents of the idea of HTTPS everywhere, encouraging webmasters to prevent and fix security breaches on their sites, and using HTTPS as a signal in our search ranking algorithm,” said Neal Mohan, vice president of product management, display and video ads, and Jerry Dischler, vice president of product management for AdWords, in a blog.

The search giant has already moved its YouTube ads to HTTPS as of the end of 2014, and the majority of mobile, video and desktop display ads served to the Google Display Network, AdMob and DoubleClick publishers will be encrypted by June 30.

Also, advertisers using any of the buying platforms, including AdWords and DoubleClick, will be able to serve HTTPS-encrypted display ads to all HTTPS-enabled inventory.

“Of course we’re not alone in this goal. By encrypting ads, the advertising industry can help make the internet a little safer for all users,” Mohan and Dischler added, noting that recently, the Interactive Advertising Bureau (IAB) published a call to action to adopt HTTPS ads.

Many ad systems are already supporting HTTPS—a survey of IAB membership late last year showed nearly 80% of member ad delivery systems supported it. But, there’s still more work to do.

“That’s a good start, but doesn’t reflect the interconnectedness of the industry,” it said. “A publisher moving to HTTPS delivery needs every tag on page, whether included directly or indirectly, to support HTTPS. That means that in addition to their ad server, the agency ad server, beacons from any data partners, scripts from verification and brand safety tools, and any other system required by the supply chain also needs to support HTTPS.”

What’s Hot on Infosecurity Magazine?