The Case of Advertising Fraud, Non-Human Traffic, and Viewability: What You Need to Know

Author Aaron Peabody

Conceptualized by Clayton Stewart

Do you advertise online?  Have you ever wondered who is actually viewing and clicking on your ads? Did you ever get the feeling that something wasn’t quite right? We have. And when we performed some simple math and basic research, we were astonished at what we found.

Each year advertisers are inundated with fraud and non-human traffic which is estimated to cost billions of dollars. When one observes the volume of traffic considered fraudulent, “non-human,” or simply unviewable, the numbers vary with every source. Most sources quote roughly 30%. Imperva Incapsula says 51.8% and Google cites as high as 56%. In 2013, El Toro began analyzing about 91% of all the programmatic display inventory at the exchange level, excluding Facebook and Google. What we uncovered was that there were 20-30 billion quality purchasable impressions every day. Presently, in 2017, Eltoro analyzes 60-80 billion display impressions daily. From simple usage and population studies, we know that Web traffic in the United States didn’t increase three-fold in that given time period. Something was wrong. Where did this traffic come from? How can there be three times the traffic available to purchase in just a few years time?  In this article we’ll define the diverse forms of fraudulent and non-human traffic and quantify how much suspected fraudulent traffic is on the Internet.

Fraud and Non-Human Traffic

Fraud and non-human traffic comes in various shapes and sizes. Although both categories feed into the same systemic problem, it’s important to understand the difference between the two. The reason being, is that the general misconception is all fraudulent traffic is non-human (robotic).

Non-Human Traffic

When we refer to “non-human traffic,” we’re referencing what is known as “bots.” Web traffic can be generated by (ro)bots which are computer programs that can mimic human keystrokes, clicking patterns, and/or Web surfing. There are a variety of different categories of bots, but the three you must know are simple bots, sophisticated bots, and botnets.

Bots are typically classified as legitimate or illegitimate. Legitimate bots are usually designed out of a legitimate business necessity for the purpose of doing something advantageous. An example of a legitimate bot would be a Web vulnerability analyzer, referred to usually as a “crawler,” that will look at a website for problems and then document security issues for the owner. These types of bots are helpful and normally not a consequential concern to digital ad buyers.

Illegitimate bots, on the other hand, express themselves in the form of malware, spam, ad clickers, and “viewability” busters. These types of bots are utilized to artificially inflate web traffic, click on ads, mimic human behavior in some shape or fashion, and usually do so with the purpose to delude digital ad metrics and steal from ad-buyers. These bots are employed for malicious intent and are an immense problem for digital ad buyers and the digital ad industry at large.

Human Fraudulent Traffic

Fraudulent traffic that does not fall into the bot categorization is more difficult to track, considering the person initiating the session is an actual human, but the impressions, clicks, and conversions they generate, although made by a human, are fraudulent in nature. Normally this is done for financial gain where the person doing the clicking/browsing/etc. has no intention of buying a product or service, but is being paid to click or browse a site to inflate statistics. This type of traffic is almost always utilized to intentionally misrepresent Internet audiences. Some notable forms of this traffic are click-farms, domain-spoofing, and site-bundling.

Viewability and Non-Human Traffic

In order to counteract the fraudulent traffic problem, the digital advertising industry introduced metrics that were meant to combat fraud, one of which was “Viewability.” “Viewability” is a metric supposedly used to prove if an ad was seen or not. However, sophisticated bots replicate human behavior which can render the viewability metric completely useless. Furthermore, other forms of fraudulent traffic are real humans employing a multitude of tactics meant to abuse an ad system and its automated fraud checks, including those of viewability. So the question is: how can any metric be trusted, if bots, by their very nature, are built to mimic natural human behavior? And if humans are the ones perpetrating the fraud, then the Viewability metric is again useless because the human knows what to do in order to perpetrate the fraud while satisfying the underlying requirements for Viewability or any other standard.

The answer to all of this is very simple: Viewability and other metrics that are employed for the sole purpose of fighting fraud, are not metrics that can be trusted. Period.

Because of the aforementioned, El Toro believes viewability is not the metric that matters when measuring digital advertising success. As such, we have devised a method to measure actual sales lift, revenue, and Return on Ad Spend (ROAS) in a clear and open framework; all of which are real and measurable by both parties. By focusing on actual conversions (both online and offline), each campaign is an honest campaign. Metrics can be abused, but conversions cannot.

El Toro believes in taking the complete opposite position to the industry standard of cookie-based, container-based, and javascript-based programmatic hogwash. Malicious bots are coded to take advantage of viewability and CTR, not work against it. The end result is an artificial boost of campaign metrics and a waste in advertising budgets. El Toro’s technology drastically reduces ad serving to fraudulent traffic by foregoing targeting by cookies and by not claiming success based on unreliable metrics like viewability. Furthermore, El Toro only serves ads to verified IP addresses that correlate with a physical address to a statistical confidence level of at least 95%.

The Math - Quantifying the Number of Impressions in the United States utilizing simple math

In order for an advertisement to be placed, an individual has to be connected to the Internet and browsing the Web. If someone wants to calculate how many impressions are served to a segment of real people, one should be able to quantify that by how many individuals have access to the Internet, multiplied by how many banner ads an average Internet user sees per day. From there, a person with basic mathematical skills could take the amount of impressions actually available on any given day subtracted by the plausible amount of impressions that should be available, and the difference of the two should roughly equal the amount of fraudulent non-human traffic in the United States network. Below, we expound upon this mathematical methodology and extrapolate the calculation. The results will surprise you.

The Equation

As of 2016, according to Internet Live Stats, the United States has 286,942,362 people with Internet access. In 2012, ComScore released a report that every internet user in the U.S. will view an average of 1,707 display advertisements every month. Considering this was the last study regarding average monthly online ad impressions per person that we could find, let’s adjust the figure to accurately reflect current digital media usage rates.

In 2012, the average adult spent 4.1 hours per day online. From that same study we saw a 28.78% use increase from 2012 to 2015, bringing the figure up to 5.28 hours a day. If we assume a consistent yearly digital consumption growth rate of around 29%, the original 1,707 ad impressions per month in 2012 can be adjusted to 2,202 ad impressions per month in 2015 (assuming the digital media they are utilizing has ads, unlike services without ads such as Netflix or Hulu Plus).

Simplifying the calculation to daily ads served, let’s divide 2,202 monthly ad impressions by 30 days (in order to derive the daily impressions), thus on average, an individual in the United States sees about 73 impressions a day. Assuming that all 290 million people were on the Internet on any given day, this would imply that, on average, there should be 21.17 billion ad impressions available per day in the United States.

Available Internet Users (290,000,000) X Average Daily Number of Banner Ads Seen Per Internet User (73) = Total Plausible Daily Available Impressions (21,170,000,000)

So how does this compare to actual available web traffic? Consider that Google, which owns 42.3% of the digital ad market, serves 30 billion impressions daily. From here we can estimate with relative certainty that there are roughly 70.9 billion impressions available on the market every single day. Or in other words:

Actual Daily Available Internet Ad Impressions (70,921,985,815) - Total Theoretically Plausible Daily Available Impressions (21,170,000,000) = Estimated Fraudulent Traffic Impressions (49,751,985,815)

The Answer, Which is a Severe Problem

We can estimate that these 49.7 billion impressions being served are either highly suspect or perhaps even fraudulent, and the numbers themselves conclude that up to 70.15% of total traffic is potentially non-human.

So how much does fraudulent traffic cost advertisers in just display advertising? According to eMarketer, annual digital display ad spending in 2014 was $21.07 billion. eMarketer also notes that Display Ad spending was $32.17 billion in 2016. Calculations based on 2014 spending means fraudulent traffic cost advertisers roughly $14.8 billion dollars. Calculations based on 2016 spending show that fraudulent traffic has cost advertisers roughly $22.6 billion dollars-- a mind-boggling growth in fraud of $7.8 billion dollars in only two years. Without significant change, this problem is only going to get more expensive as time goes on.

The Solution

The first step of the design of El Toro’s platform was to eliminate the “headless funnel” by identifying highly desirable targets and advertising directly to them. This is the exact same model that direct mailers use and is called “direct response.” The advertiser knows something about the client and then advertises to the client based on what is already known. For example, this could mean that an auto dealership could send a mailer to someone who is due for an oil change, a new extended warranty, or perhaps a new car. But instead of sending mailers to a home address, El Toro is sending digital ads to the recipient's IP address.

Instead of placing online ads in front of unidentified prospective clients based on the keywords they type into a search engine (which is the existing, old model), El Toro picks the exact household that they want to target via that home’s IP address which we’ve mapped.

El Toro’s platform is designed to specifically reduce the possibility of programmatic ads being seen by non-human and fraudulent sources by designing a system that leveraged IP Addresses instead of cookies. It employs patented algorithms which can ensure a minimum of 95% degree accuracy that the ads they displayed were targeted accurately.

Programmatically, the El Toro system is able to detect malware and infected toolbars, prior to serving ads and thereby creating a solution that connects to the target on a one-to-one basis within an environment where cookies are completely ignored. In other words, instead of adhering to an existing model that is known to be broken, El Toro invented a new model to address the actual problem instead of the symptom.

Prior to a digital ad campaign, El Toro’s clients provide a list of targets which are nothing more than physical mailing addresses. During the campaign, El Toro displays advertisements to those list of addresses which it has converted into IP addresses. After the campaign is run, El Toro asks for the list of mailing addresses of the conversions on the advertisers side and then matches it back to the original list.  If “John Doe” who resides at “123 Anywhere Lane, Louisville KY” was on the original targeting list, then “John Doe” purchases, then there is a 1-to-1 match.  This is an easy, straightforward way to perform attribution which takes into account almost all forms of purchases/conversions, not just online conversions. When you can prove conversions, then things like Click-Through Rate (CTR), bounce rate, viewability, and other metrics become almost useless.

Additionally, since some clients are likely to purchase in any target group (assuming you did a good job of defining the group) even if we don't serve ads to them, we then compare these sales results to a control group and determine the real lift in sales and increase in average ticket. Once we have this number we can then calculate a metric called Return on Ad Spend (ROAS), which can be used to measure any of your direct marketing campaigns in a balanced scorecard. No one else in the Advertising Technology industry offers this.


Mark Twain is famously quoted for saying, “Whenever you find yourself on the side of the majority, it is time to pause and reflect.” That saying holds true in regards to online advertising. If you find yourself following the pattern that everyone else is following by adhering to the metrics of the masses, then you’re part of the statistics in the online fraud scheme. The only way to separate yourself from this is to not be a part of the majority.

The goal of this article was not only to point out, with basic math, one of the biggest issues that plagues the programmatic advertising industry-- it was also to suggest that you don’t have to blindly accept this as one of those things that come at the “cost of doing business.” And while I might have shamelessly plugged my employer (hey, they pay my bills and give me the platform and opportunity to write articles like this so I obviously I have to throw them a bone), the fraud numbers speak for themselves and they are truly troubling. Not just troubling, but it’s also absurd that with only a few calculations we can demonstrate how big of an issue ad fraud is for digital advertisers.

El Toro has solved a problem for many companies. But it cannot be just El Toro that steps up. It has to be every company in the industry. We cannot continue to use a broken system as a base and then try to develop further flawed technology to try to correct that base’s inherent problems.  Many flawed arguments don’t produce a sound conclusion. The only way fraud is going to be stamped out in online advertising is by stopping it before it makes its way into the system.

By reinventing the model, El Toro has opened up a “Blue Ocean” scenario where it doesn’t compete with other media companies on metrics, namely because those metrics aren’t applicable anymore. Instead, El Toro started from the ground up by building a new targeting technology that directly addressed fraud, which then solved the problem of viewability, click farms, and most bots/malware because of the way it is designed to operate. This is the type of thinking that will bring El Toro and other AdTech firms head-to-head against the existing companies that are complicit in the continuation and proliferation of online fraud traffic. It’s not enough to just expose a problem. The problem itself has to be fixed. Luke Wilson’s character in the cult classic movie Idiocracy said, “you either lead, follow or get out of the way.” We are choosing to lead. The Idiocracy reference was intentional-- in the movie, society devolved over time as the global average IQ plummeted.  As AdTech gets more complex, doesn't it feel like buyers are getting less sophisticated? Let’s change it together.


For Media and Public Relations Inquiries Contact:

Aaron Peabody

(502) 353-0390

For Sales and Information on El Toro Contact:

Clayton Stewart

(502) 353-0390