AdEx employs a number of tactics to prevent fraud.

The most vital of those is the transparency. Traditional ad tech is full of middlemen, and there is no transparent and trustless reporting — to get reports, you have to rely on one or usually more than one parties.

This means that if you are a publisher, for example, the middlemen between you and the advertiser has economic incentive to report lower traffic, impressions, number of conversions, etc. This way they would have to pay you less and keep a larger portion of the revenue. The only way to get that data is from the middleman, and you have practically no way of verifying the legitimacy of that data.

In a decentralized and transparent system such as AdEx, this is not possible — since the data is uploaded from every individual user directly to IPFS (another decentralized system designed for storage). The finality of all that data is settled between the publisher and the advertiser on the blockchain (Ethereum), in a way that incentivises both parties to report all the data they have accurately.

This achieves a transparent bidding process between publishers and advertisers directly, without any mediators, therefore removing the ability of anyone between the publisher/advertiser, or themselves, to hide data and cheat the other parties.

The other important problem AdEx has to tackle is click fraud. The blockchain or decentralization is not a silver bullet solution that solves this, therefore we have to resort to traditional methods of eliminating click fraud — throttling, blacklists based on IPs, user agents and other factors.

However, the inherent openness of the system helps a lot in this regard — first of all, every publisher/advertiser is free to implement their own click fraud prevention depending on the specific way they’re being attacked/targeted.

Further to this, there is no strict requirement on what the publisher/advertiser agrees on as a target action — they can agree on impressions, clicks, but most importantly — they can agree on conversion goals, such as for example sign ups on the publisher’s website and product/service purchases. Obviously, the payout from such an action will be much larger than the payout from a click, but it will also occur less often. Overall, the revenue should be about the same, but with the difference that this approach strongly discourages click fraud.

Finally, we are working on cryptography-based solutions to eliminate click fraud.

Every user has a cryptographic identity, which is auto-generated in their own browser the first time they see an ad, and every interaction with the ad is in the form of signed messages. We can use that to defer the decision whether a user is genuine — the system will collect all signed messages. If we determine that a user is fake at a later stage, we will simply exclude all messages signed by this user and recalculate. This gives us more flexibility in the way we determine user legitimacy.

Another approach that will be optional for publishers/advertisers to enable is a simple proof-of-work: meaning that the cryptographic identity of the user will take some time to generate — e.g. 5 seconds. This will ensure click fraud is more expensive to achieve than the actual revenue it makes, therefore essentially eliminating it.