Simplifying Ad Tech Security: IAB Unveils SafeFrame 2.0 Update

IAB Tech Lab releases SafeFrame update after a six year gap

Yesterday, the IAB Tech Lab released SafeFrame 2.0 for public comment for a 60-day period until September 28. SafeFrame is an API specification for communication between a web page and an ad that is enclosed within an iframe on the page, enabling safe ad interactions ( ad copy ad expansion) without direct access to the publisher’s page data.

Also Read: What the Worldwide Rollout of YouTube’s Newest Ad Format Means for Marketers

SafeFrame 2.0 is an upgrade over the current version that was last updated in 2014. It features new improvements that cater to the latest browser technology, standards, and business processes, such as header bidding, support for current ad formats, and page security, while honoring user privacy preferences. The new update aims to:

• Simplify host implementation for easier adoption
• Improve ad function for more flexibility and innovation
• Align with latest advances in browser technologies to serve ad vendors and protect publisher page data
• Support current ad formats and practices
• Improve page security and respect user privacy preferences
• Provide support for header bidding
• Align specifications with MRAID for easier conversion of mobile in-app creatives to web browser creatives

“While SafeFrame has continued to provide benefits to the marketplace, over the last six years there have been significant technological developments, and it was clear that an update was needed,” said Shailley Singh, vice president, Product and Global Programs, IAB Tech Lab. “SafeFrame is designed to offer publishers a scalable way to insert ads on their sites, without having to risk page security and user privacy when ad scripts and service vendor scripts would otherwise have direct access to the page.”

Typically publishers are expected to forgo security in the interest or yield or conduct expensive certification processes for vendors and partners for third-party scripts placements to avoid risk. SafeFrame 20 offers a highly scalable option for placing rich, interactive ads, without sacrificing page security or risking malicious ad behaviors such as unwanted downloads or page redirects.

Also Read: How Programmatic OOH Will Finally Take Center Stage in a Post-COVID World

Gareth Glaser, chair, PreBid.js Project Management Group added: “When it comes to header bidding, vendors often ask publishers to disable SafeFrames because of restrictions that complicate an already complex process—forcing a choice between revenue and page security. The SafeFrame Working Group is working with organizations like PreBid.orgOpens a new window  to simplify the inclusion of SafeFrame ads in header bidding. We anticipate that with the adoption of SafeFrame 2.0 we’ll see that trend reverse, and we look forward to vendors asking publishers to make sure that SafeFrames are enabled and supported.”

The update also simplifies mobile-to-web conversion for creative developers and provides a safer ad placement environment.

What Does This Mean for Marketers?

The internet browser game has come a long way over the past few years. As a result, ad tech has witnessed rapid advancements in technology, creativity, and services. However, this growth has also led to a high-risk environment.

With IAB’s SafeFrame 2.0 update, marketers and advertisers can breathe easier knowing that user data is safe. Additionally, standardized page security also provides the ability to place ads at scale, which in turn, streamline operations and reduce costs.

IAB also aims to simplify implementation for advertisers through SafeFrame2.0. For instance, previously, ad expansion meant setting new coordinates for the new ad dimensions, and knowing the dimensions of the browser window to set a fullscreen expansion. However, with this update, advertisers can simply put in expand() to expand the ad to the maximum size.

The 60-day comment period also means that IAB is offering double the time it usually offers due to the six year gap between the updates. SafeFrame co-chairs, Lucas Silva, software engineer, Google, and Marian Rusnak,sSoftware engineer, Verizon, write in their blog “While the latest update is a large step up from the last update, wide adoption is needed to achieve all the benefits that SafeFrame 2.0 brings to the table.”