« June 2008 | Main | August 2008 »

July 30, 2008

Check out the new adCenter Analytics

Even though I'm no longer working on adCenter Analytics, it still gives me great pleasure to be able to tell you that the product (formerly known as Gatineau) has had a significant upgrade and now boasts a bunch of fancy new features:


Path analysis

CropperCapture[7] Ever wondered how people navigate through your site from your homepage, or how they reach a particular point? The path report shows an interactive, graphical view of navigational paths from or to a particular page, helping you to understand where folks are getting lost, and giving you ideas on how to make your site more effective in getting people to do what you want them to do.



Every good web analytics product needs a dashboard to give an at-a-glance view of essential site statistics, and now adCenter Analytics has one. The dashboard is customizable via drag-and-drop, and you can also add new dashboard "gadgets" from the gadget library.



CropperCapture[2]Improved Treemap

The treemap report, which we introduced in the last refresh of the adCenter Analytics beta, has some great enhancements in this refresh, most notably the ability to segment the treemap view by age and gender, so you can get the benefit of the treemap's easy-to-digest visualization when looking at this segmentation data, and cross-reference that with site page usage.


CropperCapture[3]Time trends

You can now trend many items from reports by time, such as a particular page or referrer, seeing how traffic for this item has changed over time. Great for understanding when it was that that item started to contribute (or stopped contributing) traffic to your site.


CropperCapture[4]More segmentation

In addition to being able to segment your reports by age or gender, you can now segment reports by age/gender composites - so you can see whether men aged 25-34 are really into your cat photos, or not.


Enhanced plumbing

There are also a bunch of changes we've made behind the scenes to improve the reliability and performance of adCenter Analytics. You should see a snappier, more responsive UI, and far fewer of those annoying "Microsoft adCenter is experiencing problems" messages.


If you already have an adCenter Analytics account, you merely have to log into your account to see the new features. If you don't, you can request an account here. My colleague Mel will be posting more about the new features over on the official adCenter Analytics blog, so stay tuned.

del.icio.usdel.icio.us diggDigg RedditReddit StumbleUponStumbleUpon

July 25, 2008

iPerceptions' web analytics blog analysis

image The good folk over at iPerceptions (creators of the 4Q survey tool with Avinash Kaushik, and - to my mind - hands-down winners of the vendor beauty parade at E-metrics San Francisco) have put out a report into the concepts that are getting the most airplay on the "top" web analytics blogs (which includes this one, to my ego's delight). You can read a blog post about the report here, or download the report (in PDF format) here.

The report uses iPerceptions' proprietary text analysis technology to extract and correlate the concepts (essentially, key words collapsed into groups - so "convert", "conversion" and "converted" all collapse to the "convert" concept) that are appearing on blogs. They've picked 30 web analytics blogs to run this on, though the list isn't public (feel free to share in the comments if your blog was included in the test - I think iPerceptions have e-mail everyone whose blog they analyzed).

The main conclusion of the report is that "social" measurement is one of the key concepts (paired with "metrics") that is found on the blogs, but that conversion measurement is still a popular topic, whilst "engagement" seems to have receded a bit since the furore around this a year or so ago.

It's a nice piece of work, but I have to say it does seem a little... well, thin. Only a few of the concepts appeared enough times to really sustain any kind of statistical analysis (for example, the "Engagement" concept only appeared about 20 times, it would seem), and some of the correlations are working with samples as low as 8. So it's hard to read very much into the findings below the highest level.

iPerceptions say they're going to continue to measure on a bimonthly basis (this report is for May-June) to show trends, but with the core numbers this low, they will be hard-pressed to filter out the noise.

My recommendation for improving this study would be to widen the net. There is much discussion of web analytics going on these days across blogs and news sites (for example, both ClickZ and MediaPost have web-analytics focused articles & newsletters). A better approach might be to devise some kind of way of reliably identifying an article as relating to web analytics, and take the analysis from there. And this would have the advantage of showing what the "mainstream" of the web analytics industry is talking about, rather than us more rarified "expert" bloggers (and besides, I haven't really posted about web analytics since April).

del.icio.usdel.icio.us diggDigg RedditReddit StumbleUponStumbleUpon

July 18, 2008

Online Ad Business 101, Part III - Ad Networks

So far in my nascent Online Ad Business 101 series, I've covered the overall advertising value chain, and looked at a superficial level at how an ad 'call' is actually handled. This installment brings together themes from those two first posts, by taking a look at ad networks.

As I have mentioned before, ad networks are in the media representation business. Even the biggest publishers don't typically have the resources to sell every last scrap of their available inventory day in, day out, so they hand over a portion of their inventory - the remnant inventory - to ad networks. Small publishers, on the other hand, have no resources of their own to sell their inventory, so they have to go to the market via networks. The networks aggregate all the inventory that they have available and then sell this inventory to advertisers.

Ad networks make money by selling the inventory for a higher price than they buy it. They can achieve this in a number of ways, which I shall list in broad order of sophistication/difficulty (with the easiest first):

  • Simple arbitrage: The network buys from the publisher at a rock-bottom price (because the publisher would literally make nothing from the inventory otherwise) and sells the inventory on in larger aggregated blocks at a slightly higher price. The "value add" is small - the network is simply allowing the advertiser to soak up some remaining part of their budget without having to go to lots of individual publishers.
  • Vertical aggregation: The network buys lots of small parcels of inventory in specific verticals (e.g. travel). It then aggregates the inventory for sale according to these segments, enabling it to charge a bit more. The advertiser is able to extend the reach of their campaign in a target audience without having to deal with lots of publishers.
  • Price model arbitrage: The network buys inventory on a CPM (cost-per-thousand impressions) basis, providing the publishers with a nice, reliable revenue stream. But it sells the inventory on a CPC (cost-per-click) or CPA (cost-per-acquisition) basis, reducing the risk of the inventory for advertisers (who are only paying for success), and absorbing the associated risk itself. The network makes money on the difference between the CPM it pays publishers and the "effective CPM" (eCPM) it charges advertisers.
  • Platform specialization: Advertising on emerging-media platforms such as video and mobile still requires quite a lot of specialized technology, forcing Rich Media vendors to build close relationships with the publishers that they deal with. Over time, many of the vendors in this space have gone the extra mile for their advertiser customers and turned themselves into networks, making it easier for advertisers to buy ads in these new formats across a range of publishers.
  • Behavioral targeting: The network buys inventory from publishers, and when the ad call is passed over to the network, it drops a third-party cookie. By doing this across all its publisher clients, the network can build up a profile of users by cookie ID - knowing, for example, that cookie ID XYZ123 has visited ten sites about watersports in the past week. The network can then use this information to add value to the inventory it's reselling, enabling advertisers to buy "active surfer dudes" and the like.
Can you give me some examples?

Sure. Here are some examples of ad networks which (roughly) map to the types above. In practice, of course, most ad networks employ a combination of the above techniques to maximize the margin on the media they represent.

Simple arbitrage: Advertising.com
adcom No doubt my description of Advertising.com as a "simple arbitrage" network will generate howls of protest from AOL (Advertising.com's parent company). But one of Advertising.com's main value propositions is the breadth of sites and audience it can deliver. Because Ads.com deals with so many publishers, advertisers can almost always find some inventory that maps onto the audience they're looking for, and are happy to pay a (relatively) modest fee for the privilege.

Simple arbitrage 2: Google Content Network (AdSense)
adsense_logo_main No discussion of networks would be complete without a mention of Google AdSense. AdSense provides a way for lots of small publishers to make inventory available to the pool of advertisers that use Google Adwords - in addition to their ads appearing next to Google's search results, these ads can also appear on the small publishers' sites; the ads are matched with the sites on a contextual basis (the content of the site is crawled to extract keywords which then stand in for the keywords that advertisers normally bid against for paid search results).

A crucial feature of this system is that the publisher is paid on a cost-per-click basis, so assumes a big chunk of the risk - if no one clicks, the publisher doesn't get paid. Google makes its money on the margin between the cost-per-click they pay the publisher, and the cost-per-click they charge the advertiser. The value proposition lies in connecting lots of small (and large) advertisers to lots of small publishers who are running sites which have a really good content match to the advertiser's offering. In other words, if you manufacture Mongolian nose-flutes, AdSense allows you to get your ads onto all the Mongolian nose-flute fansites out there, with very little effort.

Vertical aggregation: Martha's Circle
marthascircle Martha's Circle is the (rather winsome) name for the ad network run by Martha Stewart Omnimedia. It's a classic example of a publisher/media owner extending their brand (and saleable audience) by signing up sites in the same sector (in this case, lifestyle) and creating a niche network. For an advertiser wanting to reach thirty-something women with an interest in the home, this kind of network is a no-brainer when building a media plan. Glam.com is another good example, as is Fox Interactive Media.

Price Model Arbitrage: DRIVEpm
drivepm_logo DRIVEpm is Microsoft's own advertising network, acquired with the acquisition of aQuantive last year. DRIVEpm styles itself as a "performance" network, meaning that it uses a variety of techniques (amongst them, price model arbitrage) to enable advertisers to buy inventory on a cost-per-performance basis, whilst still paying publishers on a cost-per-thousand basis. Scott Howe, former GM for DRIVEpm and now VP for the Microsoft Advertising business unit, wrote a great article back in 2005 about some of the dynamics in a performance network from the perspective of a media buyer looking to get the best ROI. Well worth a read.

Platform specialization: VideoEgg
image VideoEgg is a video advertising network (the clue's in the name, I guess). Its offering is a classic mix of innovative ad unit technology (their latest offering is something called "AdFrames") with a network attached. Another feature of VideoEgg is that it offers advertisers a CPE (cost-per-engagement) model for buying video advertising, performing the same kind of price model arbitrage that DRIVEpm is doing. Their publisher audience is widget & app developers for social media environments such as Facebook and MySpace, ensuring that their value proposition to advertisers is further differentiated (essential as the online video market becomes more crowded).

Behavioral targeting: Tacoda
image Tacoda is also part of AOL's Platform A unit, and markets itself as the world's "first" behaviorally-targeted ad network (a hard claim to substantiate, but equally hard to refute). Tacoda tracks behaviors of the visitors to its network of over 4,000 sites and uses this information to associate behavioral profiles with those users. It then sells inventory on these sites on a user-target-group basis, rather than by group of site or content area. These "audience segments" have names like "Family Chef" and "Photo Bug".


How does it actually work?

Understanding how ad networks actually serve their ads is essential in understanding how some of the above business models (especially targeting) work. I'll cover two scenarios - a small publisher/small advertiser scenario, and a large publisher/large advertiser scenario.

Small publisher/small advertiser
A small publisher will insert their ad network's ad code directly onto their site - in many cases, this is the only ad code the publisher is using, and is serving 100% of that publisher's ads. On the other side of the fence, the ad network may provide a web UI to enable advertisers to create or upload ads, and (possibly) allow the advertiser to choose which sites (or groups of site) those ads will appear on. The diagram below summarizes this (thanks to Right Media for the advertiser & publisher people icons):


Examples of this kind of system are Google AdSense and the Yahoo Publisher Network (these are often called "self-service" ad networks). The actual ad delivery model is pretty simple - the same ad server (the network ad server) functions as both publisher and advertiser ad server (the ad call path is on the left side of the diagram above).

Large publisher/large advertiser
When it comes to large publishers using ad networks to deliver inventory to large advertisers, things get more complicated. In this scenario, both the publisher and the advertiser will likely have their own ad servers. The publisher will configure its ad server to "hand off" a certain block of inventory to the network, whilst on the advertiser side, the advertiser ad server will be configured to buy a certain portion of a campaign from a network (or networks). So the ad call has to be passed from the publisher to the advertiser via the network:



It's the point at which the ad call passes through the network ad server when the network is able to drop a cookie on the user's machine, enabling behavioral tracking and targeting (assuming, of course, that the users don't delete their cookies in the meantime).

Of course, hybrids of the two models above also exist: large publishers will sometimes hand over some of their inventory to a self-serve network, in particular, in which case the publisher's ad server calls the network ad server, which serves the ad itself.

This picture also becomes more complicated when you consider that many ad networks will pass the ad request on to another ad network if they themselves can't fulfil it (or fulfil it economically). So, for example, a targeted ad network may receive an ad call from a user it has no information about. Rather than serve an ad for that user at a low cost (and thereby preventing that ad impression from being served to another user at a higher cost), the ad network passes the ad call on to a "value" (read: cheap) network. So in the picture above you can have two, or even three or four, ad networks passing the ad call around like a hot potato.

This game of pass-the-parcel isn't really very good for the user, who has to wait a long time to see the ad (which really hurts the advertiser most, since a slow-loading ad might as well not render at all); and it's also not great from a security point of view, because the publisher is ceding control of a portion of their site's screen real-estate to an unknown network and an even more unknown advertiser. Which is why ad exchanges are emerging which provide a centralized clearing-house for inventory, thus dispensing with the round-robin approach described above.

Online Advertising Business 101 - Index of all posts

del.icio.usdel.icio.us diggDigg RedditReddit StumbleUponStumbleUpon

July 06, 2008

Online advertising's dirty secret: Malvertising

dodgy_spyware_ad There's been a lot of chatter recently about the "dark side" of online advertising, in particular, the activities of companies like NebuAd and Phorm using somewhat shady techniques to gather behavioral data about users and using this data to target ads. I've even blogged about it myself. And click fraud remains a significant challenge to confidence in online advertising.

But whilst the term "click fraud" generates about 25 million results on the world's best search engine, the term "malvertising" generates only 2,170. Since you may not be familiar with the term, I'll offer you the definition I found on urbandictionary.com (sadly, there's no Wikipedia entry for Malvertising):

An Internet-based criminal method for the installation of unwanted or malicious software through the use of Internet advertising media networks and exchanges.

So Malvertising = malware + advertising. See? Clever (if ugly). But despite its goofy name and low profile, malvertising arguably represents a greater threat to the online advertising industry than either unscrupulous behavioral targeting or click fraud.

Malvertising can take a number of forms, typically along the following lines:

  • Ads that try to trick you into going to a site, where malware is installed (e.g. those "Your PC is infected! Click here to install our anti-virus software NOW!" ads)
  • Hijacking legitimate ad clicks and redirecting users to sites which encourage them to install malware
  • Malware disguised as ads, that exploit security vulnerabilities in web client software (such as this one in Adobe Flash), either to install further malware, or to scrape PII from the browser

The enormous reach of modern ad networks, plus the ability to place malicious code on thousands of otherwise innocent sites, makes distributing malware via advertising networks a very attractive proposition.

The malware itself is usually focused on stealing users' personal data (e.g.login details for broker accounts), taking control of the user's machine for distributed denial-of-service attacks (turning it into a zombie), or convincing the user to spend their own money buying malware "removal" software after they have been "infected".

But it's not just the end user that suffers. The publisher who has unwittingly hosted the malvertising can find themselves besieged by angry users demanding to know why they've been served malware from their site. If the ad was served via an ad network, the publisher will possibly cancel their contract, depriving the ad network of their business (ESPN has already ditched ad networks altogether, although not ostensibly for this reason). And advertisers who want to use increasingly sophisticated ads with high levels of interaction may find that they are unable to because these ads are some of the ones most likely to contain malware, and so are blocked by the ad networks and publishers the advertiser wants to deal with.

Furthermore, if end users lose confidence in the ads they're being shown, either in terms of where a click will lead, or whether the ad itself is malicious, this will drive down ad clicks and drive up the installation of ad blocking software - both of which will have a disastrous effect on the industry.


What can be done?

The malvertising problem is not insoluble, but it will demand a concerted effort from all industry participants to fix (or, at least, contain) it. I'll blog about these topics again in more detail, but the main areas of attention will need to be:

Creative/URL scanning: Ad networks and third-party ad servers will need to start scanning creatives and destination URLs as a matter of course. The technical challenge of scanning Flash or Silverlight-based creatives is considerable, since malicious ads will take steps to cover their tracks, such as obfuscating code, and behaving normally if they detect they're being scanned. Ultimately, the co-operation of Adobe and Microsoft may be required to put in place more robust systems for determining an ad's provenance.

URL scanning is a more manageable problem - all ad networks should ensure that ad click destinations do not lead to sites which are known to host malware.

Creative template quality: Malware has been known to sneak into ads through sloppy management of creative templates - if an agency uses an infected template, then of course all ads created using that template will be infected. This problem will grow as larger numbers of smaller advertisers start to use online services which provide Flash templates that are customized to order - the advertisers will not have the technical sophistication to determine whether the resulting ads are safe or not. Some kind of 'quality seal' may be required for these services, though that will not stop bogus ones springing up.

Outlawing redirect-based tracking: At the moment, many ad networks use redirects to track ad clicks, meaning that a single ad click can be passed around many ad networks before the user is finally deposited at the advertiser site. This system is open to abuse via "click hijacking", where a bogus network sends some clicks for legitimate ads to malware sites. Publishers should inform ad networks that redirects for tracking are unacceptable, which will mitigate this problem.

Ad isolation: At the moment, an ad which is served with a page (rather than via an iframe) has access to that page's DOM, which means that if the ad is malicious, it can crawl the DOM, looking for user PII (such as usernames and passwords for the site the ad is on, or credit card details). Microsoft is working on some technology to isolate ads that are served on its network, so that even if they're served in a first-party context (i.e. not via an iframe or redirect), they are unable to access the page DOM. Other publishers & networks should consider doing the same.

Industry co-operation: Currently, very little specific information about malware is shared within the industry, partly for noble reasons (it can be difficult to be specific about a malware instance without revealing user PII) but mostly for ignoble ones (no ad network wants to advertise the fact that they've been subject to a malware attack). This must change - the industry needs to find a way to share this kind of data without an individual network or publisher having to step into the firing line.


As I said, I'll return to this subject with some more thoughts on some of the above issues. In the meantime, a great resource for information on malvertising is Spyware Sucks, a blog run by Microsoft MVP Sandi Hardmeier, who tirelessly chronicles various malvertising outbreaks. It makes for sobering reading.

del.icio.usdel.icio.us diggDigg RedditReddit StumbleUponStumbleUpon


About me



Enter your email address:

Delivered by FeedBurner