News, news analysis, and commentary on the latest trends in cybersecurity technology.
Human Security Tackles Malvertising With Clean.io Buy
Dark Reading's analysis suggests that Human Security's acquisition of clean.io will significantly expand the company's fraud prevention and anti-malvertising portfolio.
November 5, 2022
When dealing with a medium as flexible as the Web, it’s impossible for the site owner to fully control what a user sees. The user doesn't need the site's consent to change the user interface or experience through add-ons, custom browser properties, proxies, and firewall settings.
However, certain things are still within the site owner’s control, such as advertiser selection, security, pricing, and content policy. That's the idea behind site integrity, that the user or third parties can't try to force a change on the server or the site's backend operations without consent. If someone, or something, can violate site integrity, that is a threat with real business impact.
An example is malvertising, when cybercriminals abuse the programmatic advertising ecosystem to deliver malware to end users via online advertisements. Exposing users to malware is bad enough, but malvertising creates a significant brand reputation problem for the brands and platforms delivering the ads.
How does Human Security's acquisition of clean.io — announced on Thursday for an undisclosed amount — change the market for anti-malvertising technology? Dark Reading's analysis of the two companies suggests that by joining forces, Human Security and clean.io will be able to offer publishers, platforms, and brands a full range of anti-fraud and anti-abuse tools for the advertising ecosystem.
What's So Great About Clean Humans?
Safeguarding the advertising ecosystem means ensuring the industry's $500 billion annual ad spend reaches real humans rather than funding criminal schemes. Toward that goal, clean.io employs real-time behavioral protections on the page, as opposed to relying on static creative reviews and pre-scanning techniques offline, according to Human Security. Integrating clean.io's client-side JavaScript behavioral analysis and mitigation to Human Security's Human Defense Platform will make malvertising incredibly costly for bad actors, the company says.
"Human and clean.io have long been strategic partners to help combat two of the most important problems we face in programmatic advertising: malvertising and fraud," Ron Lissack, senior vice president and chief architect at Xandr, said in the release announcing the acquisition. "This type of consolidation in the ecosystem is welcome news and brings with it a true and holistic, 360-degree approach to fighting cybercrime."
A Solution to the Cart Problem
Many merchants and retailers rely on coupons to help boost sales (more than 90% of online consumers say they search for and use coupon codes while shopping online), but when those coupons are abused, they have to deal with lost revenue and damaged brand reputation. Between taking the hit on the coupons themselves, having to pay affiliate fees to the coupon app folks, and getting false impressions about the success of certain ad campaigns, coupon fraud is no joke.
Fraud prevention is Human's bread and butter, and Dark Reading's analysis suggests that cart protection is one of the areas that will benefit from the clean.io acquisition. Human Security can expand its concept of site integrity to include fighting checkout fraud and automated coupon and affiliate code replication. By integrating clean.io's cleanCart technology into its BotGuard product, Human Security can expand coverage beyond the detection and elimination of fake leads from the first-party marketing pool.
This combination will eliminate fake affiliates from the pool in some cases, and in others drastically reign in affiliate payouts for out-of-scope automated coupon redemptions.
It's a potent combination; cleanCart was already boasting a 3% conversion rate boost, while claiming to pay for itself entirely within 90 days of purchase. Add BotGuard's improvement to lead quality and conversion rates, and the percentage of fraudulently sourced clients making it through the checkout process should be low.
Final Analysis
Human Security is creating a significant pattern of scalable growth through innovation and acquisition. While the recent merger with PerimeterX took them deep into the enterprise e-commerce checkout process, the clean.io acquisition will help stop fraud at its source through its anti-malvertising leadership and bridge the gap, making potential tech partnerships with e-commerce solutions as a whole (Shopify, WooCommerce, et al.) and cart-specific solutions (X-Cart, OpenCart, etc.) even more attractive.
The acquisition of clean.io by Human Security should give a significant boost to the company's real-time fraud detection capabilities and increase its ability to catch novel threats in the wild. The sheer amount of threat intelligence the combined company will have visibility into is another significant product advantage.
"With the clean.io acquisition, the Satori team will gain invaluable talent and threat intelligence. This will help us defend our customers from future attacks and support disruption efforts like 3ve, Methbot, PARETO, and most recently, Scylla," Gavin Reid, vice president of threat intelligence and research at Human Security, said in a statement. "We're looking forward to expanding our investigative power and strengthening our takedown mechanisms to continue safeguarding all of our clients and the industry as a whole."
About the Author
You May Also Like
Transform Your Security Operations And Move Beyond Legacy SIEM
Nov 6, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024