Google Cuts Off Adobe’s DSP From Its Ad Exchange

Malware scare cited as reason for interrupting rival’s access to widely used inventory pool

illustration depicting a person floating alone on a chunk of ice with the adobe logo on their back while google sits atop a land mass in the distance
Adobe Advertising Cloud's EMEA seat on Google's ad exchange has been suspended. Illustration: Dianna McDougall; Sources: iStock
Headshot of Ronan Shields

Google has blocked access to its online ad exchange via one of the industry’s major online media-buying tools in Europe following concerns that Adobe’s demand-side platform was implicated in a recent malvertising attack.

The move means Europe-based media buyers are now unable to use Adobe’s DSP to purchase ad inventory on Google Ad Manager, aka AdX, arguably the most popular programmatic monetization tool among premium publishers.

There are concerns that Adobe’s DSP was recently identified as a tool used to help spread a notorious form of malvertising known as eGobbler. Therefore, media traders in the region will have to use alternate tools to buy premium inventory using real-time bidding on the Google-owned ad exchange.

In an emailed statement sent to Adweek, Phil Duffield, managing director for Europe, Middle East and Africa (EMEA), Adobe Advertising Cloud, confirmed that his outfit’s EMEA seat on Google’s ad exchange had been “temporarily paused” after one of its U.S.-based clients was deemed to be running a creative asset that was redirecting users to a URL that was not expected. Adobe has since addressed the matter.

“We are now working with Google to implement additional measures to ensure this does not occur again, and quickly reactivate our EMEA seat for AdX,” reads the statement.

“Google AdX is a great partner for Ad Cloud, but only comprises a small proportion of our overall inventory sources in EMEA, and we’ve been working with our EMEA clients to ensure campaign delivery continues uninterrupted. Our AdX seats in the Americas and APAC are unaffected.”

Google was unable to respond on record to Adweek’s request for comment by time of publication, although an advisory note on the Google Ad Manager website documents its efforts to prevent the spread of malware using proprietary technology with the company advising that all players perform due diligence on their supply chain.

“Any authorized buyer whose creative is found to contain malware is subject to a minimum three-month suspension,” it reads.

The Adobe DSP forms a key part of its Adobe Advertising Cloud with its specialized tools for buying online video inventory largely coming via its $540 million purchase of TubeMogul. The California-based outfit was part of a slew of ad-tech companies that made an initial public offering in the mid-2010s, only to later be bought by a separate entity.

Historic conflict

The latest episode between the pair echoes an earlier confrontation when in 2015 Google-owned YouTube pulled its inventory from AdX, a move that meant third parties such as TubeMogul could no longer buy ad space on the highly sought-after video-sharing site. Instead, advertisers would have to use Google’s own TrueView to purchase such ad space.

Speaking at the time, several sources told Adweek how the move was likely to cause hardships for video ad-tech players such as TubeMogul, given how heavily reliant they had been upon YouTube as an inventory source.

TubeMogul’s leadership later mounted a 2016 marketing drive dubbed “Independence Matters” in a bid to court media buyers, including a series of attack ads that underlined the pitfalls of dealing with walled gardens, principally their “conflicts of interest” (see video here for an example of its campaign spots).

Critics of Google—Adobe execs chief among them—are likely to characterize the latest faceoff as an example of the downside of Google’s dominance in the digital media landscape, especially since it has its own DSP as part of Google Marketing Platform.

Such critics argue the fact that Google reselling publisher inventory via its online ad exchange calls into question the objectivity of its DSP, popularly known as DBM, especially since such platforms claim to use data to impartially identify media placements most likely to generate sales for advertisers.

Antitrust concerns

Google and Facebook’s dominance of the online advertising market—they collectively command almost 60% of the U.S. market—is understood to have contributed to the U.S. Department of Justice launching an antitrust probe into “big tech.”

Regulators in the E.U. too are examining such players’ dominance of the market with the U.K.’s Competition Markets Authority currently sounding expert opinion from ad execs as part of its ongoing digital markets strategy review.

However, Google’s (likely) defense of taking such moves to curb the spread of malware via online ads is likely to prove a watertight case, given that such policies are in place as a means of protecting the public from harm.

Earlier in the year, digital security outfit Confiant identified eGobbler as one of the major malvertising perpetrators in the industry, claiming the operation exploited a vulnerability in the iOS version of Chrome to launch a short (but high volume) malware attack.

Confiant’s senior security engineer made the below observations in a blog post:

“Like other bad actors, eGobbler leverages cloaking techniques and obfuscation to make their payloads look like legitimate ads,” it reads.

“The typical entry points for eGobbler campaigns are legitimate ad servers that they infect coupled with one or more buy-side platforms.”

@ronan_shields Ronan Shields is a programmatic reporter at Adweek, focusing on ad-tech.