Publishers can share secure signals on RTB requests through Authorized Buyers, Open Bidding, and SDK Bidding with the third-party bidders they choose. These signals can be created through a signal collection script or adapter provided by a bidder or secure signal provider whom the publisher chooses.
The publisher is ultimately responsible for what information is contained in their chosen signals. The signals must be obfuscated before being sent to Google.
Obfuscated data examples:
- Encrypting, hashing, or otherwise transforming data to a non-human readable format.
- Any information that doesn’t include a self-describing component and is not recognizable as PII or structured data.
Non obfuscated data examples:
- PII in the clear. Examples: phone number, email address.
- Structured data that makes otherwise “non-plain text” information understandable. Examples: .json, .xml files that provides an explanation of the data it contains.
In this article:
- Allow secure signal sharing
- Select allowed secure signals
- Select bidders to share secure signals
- Report on secure signals
- Troubleshoot secure signals
- How Google processes secure signals
Allow secure signal sharing
Complete the following steps to allow secure signal sharing:
- Sign in to Google Ad Manager.
- Click Admin, then Global settings, and then Ad exchange account settings.
- In the "Secure signal sharing" section, click the toggle on to allow secure signal sharing. To disable secure signal sharing, click the toggle off .
- Click Save.
Share contact information (Optional)
You can select a contact to receive notices from Google about the Ads Data Processing Terms and EU General Data Protection Regulation.
- Select the type of contact: Primary contact, EU representative, or Data Protection Officer.
- Provide the following contact information:
- Enter the contact’s name.
- Enter the contact’s email address.
- (Optional) Enter the contact’s phone number and address.
- Click Save.
Select allowed secure signals
Complete the following steps to select the secure signals to share with bidders:
- Sign in to Google Ad Manager.
- Click Inventory, then Secure signals. A table shows the secure signals you can share.
- To share a secure signal, under "Enable app integration" or "Enable web integration," turn on the toggle .
- For web integrations only, Google can deploy the signal collection script for you.
Select Google deploy under "Signal collection deployment".Using this option only deploys the signal to your page from a location provided by the signal collector.
If the signal collection script requires information or integration, work with your signal provider. - Alternatively, deploy the signal collection script for an existing Prebid UserID module (Beta) .
Under "Signal collection deployment", select Prebid UserID module (Beta) . - Under "Secure signals settings," select Share to share secure signals on non-personalized (NPA) ad requests.
- Click Save.
If you select the "Publisher deploy" option, you must deploy the signal collection script on your own. You should also contact the signal provider(s) directly to understand additional requirements or if issues arise.
Web signal deploy option | Google actions | Publisher actions |
---|---|---|
Publisher deploy | None |
Publisher is fully responsible:
|
Google deploy |
Google will load the script from a location shared by the provider. Google does not:
|
The publisher is responsible for any additional integrations required for the script’s operation. |
Prebid UserID module | Google passes output of a Prebid UserID module(s) per configuration in the Ad Manager UI. |
Prebid UserID module integration can be manually controlled by the publisher, or you can choose to automatically pass all Prebid UserID modules through secure signals. To use auto-configuration:
When this toggle is turned on, you won't be able to use Ad Manager to individually control those secure signals. |
Select bidders to share secure signals
To view and edit bidder groups, turn on View and Edit bidders permissions. By default, these permissions include the following user roles:
- View bidders: admin, executive, trafficker, salesperson, and sales manager.
- Edit bidders: admin, trafficker, salesperson, and sales manager.
To view and edit Secure signals, under Manage people, turn on Edit companies and contacts.
Share secure signals with all bidders
To allow secure signals to be shared with all bidders:
- Sign in to Google Ad Manager.
- Click Delivery, then Demand channel settings.
- Under the "Default settings" tab, click Secure signal sharing.
- Turn on the toggle for the desired demand channels.
Bidders can now receive the secure signals you share with them. The bidders must choose whether they want to receive a signal (from any publisher) when it's available.
Share secure signals with specific bidders
To allow or not allow secure signals to be shared with the bidders in an override group:
- Sign in to Google Ad Manager.
- Click Delivery, then Demand channel settings.
- Click Override groups, and then select an existing override group or create a new override group.
- In the override group settings, click Secure signal sharing, and then:
- To allow secure signal sharing for the group, turn the toggle on .
- To not allow secure signal sharing for the group, turn the toggle off .
The setting applies to all bidders in the selected override group.
- Click Save.
Report on secure signals
Use the following dimensions to report on secure signals.
- Secure signal presence Beta reports the presence of the secure signals in the ad request.
- Secure signal delivery Beta reports if secure signals were sent to the bidder who won the impression.
- Secure signal name (presented) Beta reports the names of the secure signals sent in the ad request.
- Secure signal name (delivered) Beta reports the names of the secure signals that were sent to the bidder who won the impression.
Learn more about report dimensions for secure signals.
Troubleshoot secure signals
Find out why secure signals aren't delivering. #securesignals
To ensure secure signals are being included in all eligible RTB ad requests, there are a number of troubleshooting steps possible.
Identify missing secure signal providers on requests
In Ad Manager reporting, use the appropriate "Demand channel" filter (Ad Exchange, Open Bidding or SDK Bidding) and combine with the "Secure signal name (presented)" or "Secure signal name (delivered)" dimensions to see which secure signal providers are being sent on ad requests. You can additionally use the "Date" and "Inventory types (expanded)" dimensions to help limit the focus of your report to a specific time period or environment.
Ensure secure signal delivery
Review your secure signals controls in Demand channel settings and ensure that any default settings or override groups align with your preferences. If default settings are toggled on for some or all demand channels, ensure there is not a conflicting setting in an override group that may be preventing some or all bidders from receiving the signal.
In demand channel settings, you can also control whether Authorized Buyers can use bid request data to build user profiles for uses such as interest-based ads and remarketing.
For SDK Bidding specifically, learn how to ensure bidders can send their own signals by verifying your SDK Bidding setup.
Use Delivery tools or Ad inspector
In mobile app environments, you can verify signals are being passed using either Delivery tools or Ad inspector. If secure signals are missing, make sure that the ad units coded into the map exactly match the ad units in Google Ad Manager, because they are case sensitive. You can learn more about troubleshooting secure signals delivery in mobile app environments by reviewing the Verify your SDK Bidding setup and Inspect mobile app ad delivery articles.
Use Developer tools
In web environments, you can inspect a browser’s local storage to find if signals are present.
- In Chrome, click the ellipsis , then More tools, and then < > Developer tools.
- Click the “Application” tab.
- Under the "Storage" pane and "Local storage", click the URL (like https://www.example.com). The site's local storage data displays.
- Identify the "Key" corresponding to the signal provider.
- If you see the desired signal(s) in the corresponding entry, the signal has been cached in the browser’s local storage and is being sent.
Consult with your secure signal provider
We recommend that publishers work with their secure signal provider(s) to ensure their implementation is healthy. Additionally, go through previous steps to manage errors and misconfigurations. Working with your secure signal provider directly ensures the script is loading and operating as expected.
How Google processes secure signals
When Google processes secure signals for Ad Manager it operates as a data processor under the General Data Protection Regulation and as a service provider under the California Privacy Rights Act, Virginia’s Consumer Data Protection Act, the Colorado Privacy Act, Connecticut’s Act Concerning Data Privacy and Online Monitoring, and the Utah Consumer Privacy Act. As such, Google processes secure signals on your behalf.
Security certifications
ISO 27001
ISO 27001 is one of the most widely recognized, internationally accepted independent security standards. Google has earned ISO 27001 certification for the systems, applications, people, technology, processes and data centers serving a number of Google products, including Google Ad Manager.
About GDPR
Keeping users’ information safe and secure is among our highest priorities at Google. Over the years, we've worked closely with Data Protection Authorities in Europe and have implemented strong privacy protections that reflect their guidance. We are committed to complying with the General Data Protection Regulation (GDPR) and will collaborate with partners throughout this process.
For the use of secure signals from publishers, we are offering the Google Ads Data Processing Terms, which you may review and accept in Ad Manager.
How to accept the Ads Data Processing Terms
When you turn on secure signal sharing, you acknowledge that secure signals is a processor feature and is subject to the Ads Data Processing Terms. Turning on secure signal sharing means that you have reviewed and agree to be bound by the Ads Data Processing Terms.