IAB Tech Lab Releases SafeFrame 2.0 Secure Ad Container for Public Comment

IAB Tech Lab Releases SafeFrame 2.0 Secure Ad Container for Public Comment

IAB Tech Lab today released SafeFrame 2.0 for public comment for a 60-day period until September 28. SafeFrame is an API specification for communication between a web page and an ad that is enclosed within an iframe on the page, enabling safe ad interactions (e.g., ad expansion) without direct access to the publisher’s page data.

SafeFrame 2.0 is a major upgrade over the current version, which was last updated in 2014. It incorporates key improvements that account for advances in browser technology, standards, and business processes, such as header bidding, support for current ad formats, and page security, while respecting user privacy preferences. The SafeFrame 2.0 update aims to:

  • Simplify host implementation for easier adoption
  • Improve ad function for more flexibility and innovation
  • Align with latest advances in browser technologies to serve ad vendors and protect publisher page data
  • Support current ad formats and practices
  • Improve page security and respect user privacy preferences
  • Provide support for header bidding
  • Align specifications with MRAID for easier conversion of mobile in-app creatives to web browser creatives

“While SafeFrame has continued to provide benefits to the marketplace, over the last six years there have been significant technological developments, and it was clear that an update was needed,” said Shailley Singh, Vice President, Product and Global Programs, IAB Tech Lab. “SafeFrame is designed to offer publishers a scalable way to insert ads on their sites, without having to risk page security and user privacy when ad scripts and service vendor scripts would otherwise have direct access to the page.”

Publishers are often left to sacrifice security for yield or employ costly operations to certify vendors and partners for third party-scripts placements in order to avoid risk. Adoption of SafeFrame 2.0 provides a highly scalable option for placing rich, interactive ads, without sacrificing page security or risking malicious ad behaviors such as unwanted downloads or page redirects.

Gareth Glaser, Chair, PreBid.js Project Management Group added: “When it comes to header bidding, vendors often ask publishers to disable SafeFrames because of restrictions that complicate an already complex process—forcing a choice between revenue and page security. The SafeFrame Working Group is working with organizations like PreBid.org to simplify the inclusion of SafeFrame ads in header bidding. We anticipate that with the adoption of SafeFrame 2.0 we’ll see that trend reverse, and we look forward to vendors asking publishers to make sure that SafeFrames are enabled and supported.”

For creative developers, this update simplifies mobile-to-web conversion and allows for more creative freedom. “The updates to SafeFrame 2.0 enable innovations for safe ad placement that weren’t possible with the previous version,” explains Ken Weiner, CTO, GumGum. “The 60-day comment period gives us time to try out the new features and to offer feedback for the best possible implementation in the coming year. We’re excited about the possibilities.”

SafeFrame co-chairs, Lucas Silva, Software Engineer, Google, and Marian Rusnak, Software Engineer, Verizon, share more details on the updates in the following piece for IAB Tech Lab titled “Safeframe 2.0: Safer, Simpler and more advanced.”