Processor features

Share secure signals with bidders (Beta)

For publishers

Publishers can share secure signals on RTB requests with the third-party bidders they choose. These signals can be created through a signal collection script or adapter provided by a bidder or third party that the publisher chooses to work with.

The publisher is ultimately responsible for what information their chosen signals contain. The signals must be obfuscated before sending them to Google. Secure signals will only be shared at the publisher’s explicit instruction and only with bidders the publisher has allowed to receive the signals. At no point will information contained in the signals be visible or readable by Google or its platforms.

Examples of obfuscated data: 

  • Encrypting, hashing, or otherwise transforming data to a non-human readable format.
  • Any information that doesn’t include a self-describing component and is not recognizable as PII or structured data.

Examples of data that hasn't been obfuscated: 

  • PII in the clear. Examples: phone number, email address
  • Structured data that makes otherwise “non-plain text” information understandable. Examples: .json, .xml that provides an explanation of the data it contains
Web signal deploy option Google actions Publisher actions
Publisher deploy None

Publisher is fully responsible:

  • To load the vendor’s script. 
  • For any integrations required for the script’s operation.
Google deploy

Google will load the vendor’s script from a location provided by the vendor. 

Google does not:

  • Validate the script in any way.
  • Perform any additional integrations.
The publisher is responsible for any additional integrations required for the script’s operation.
Prebid UserID module Google passes output of a Prebid UserID module(s) per configuration in the Ad Manager UI.

Prebid UserID module integration can be manually controlled by the publisher, or you can choose to automatically pass all Prebid UserID modules through secure signals.

Locate the automated option in Inventory, then Secure signals. Select the checkbox "Use your Prebid configuration to automatically configure your Secure signals settings", which overrides any manual configuration for the secure signals that are detected in the Prebid UserID module.

You won't be able to use Ad Manager to individually control those secure signals.

Secure signals are subject to the Google Ad Manager Partner Guidelines. When you turn on secure signals, you acknowledge that you've reviewed and accepted the Ads Data Processing Terms.

In this article:

Allow secure signal sharing

Complete the following steps to allow secure signal sharing:

  1. Sign in to Google Ad Manager.
  2. Click Admin, then Global settings, and then Ad exchange account settings.
  3. In the "Secure signal sharing" section, click the toggle on On to allow secure signal sharing. To disable secure signal sharing, click the toggle off off disable.
  4. Click Save.

Share contact information (Optional)

You can select a contact to receive notices from Google about the Ads Data Processing Terms and EU General Data Protection Regulation. 

  1. Select the type of contact: Primary contact, EU representative, or Data Protection Officer. 
  2. Provide the following contact information:
    1. Enter the contact’s name.
    2. Enter the contact’s email address.
    3. (Optional) Enter the contact’s phone number and address.
  3. Click Save.
Contact information is shared with Google and not directly with bidders.

Select allowed secure signals

Complete the following steps to select the secure signals to share with bidders: ​​​

  1. Sign in to Google Ad Manager.
  2. Click Inventory,  then  Secure signals. A table shows the secure signals you can share. 
  3. To share a secure signal, under "Enable secure signal," turn-on the toggle On.
  4. For Google to deploy the signal collection script for you, select Google deploy under "Signal collection deployment."
  5. Alternatively, for an existing Prebid UserID module to deploy the signal collection script, select Prebid UserID module (Beta)  under "Signal collection deployment."
  6. Under "Secure signals settings," select Share to share secure signals on non-personalized (NPA) ad requests.
  7. Click Save.
If you're using a Content Security Policy (CSP), ensure the signals you select are allowed by the publisher. Google will load the vendor script from a URL provided by the vendor. If the script requires any further integration for its correct operation, it is the publisher's responsibility. You should contact the vendor for additional information.
If you select the "Publisher deploy" option, you must deploy the signal collection script on your own. You should also contact the signal provider(s) directly to understand additional requirements or if issues arise.

Select bidders to share secure signals

To view and edit bidder groups, the "View bidders" and "Edit bidders" permissions must be enabled. By default, these permissions include the following user roles:

  • View bidders: admin, executive, trafficker, salesperson, and sales manager
  • Edit bidders: admin, trafficker, salesperson, and sales manager

To view and edit Secure signals, the Manage people permissions, "Edit companies" and "Edit contacts", must be enabled.

To allow secure signals to be shared with a specific bidder:

  1. Sign in to Google Ad Manager.
  2. Click Delivery, then Bidders.
  3. Select Authorized buyers or Open Bidding.
  4. Click the name of the bidder.
  5. For Open Bidding, click Settings
  6. Turn on the Allow secure signal sharing toggle On.
  7. Click Save

The bidder can now receive the secure signals you share with them. Bidders can choose whether they want to receive a signal when it's available.

Select override groups to share secure signals

To allow secure signals to be shared with bidders in an override group:

  1. Sign in to Google Ad Manager.

  2. Click Delivery, then Demand channel settings.

  3. There are two ways to change secure signal settings depending on whether the bidder is currently included or not included in an override group:

    • Bidder is not included in an override group. On the "Default settings" tab, under "Secure signals", turn on Secure signal sharing for the desired demand channel.

    • Bidder is included in an override group. Click the Override groups tab and select an override group. On the "Settings" tab for the selected override group, under "Secure signals", turn on the Allow secure signal sharing toggle On. This setting applies to all bidders in the selected override group.

  4. Click Save

The bidders in the override group can now receive the secure signals you share with them. Bidders can choose whether they want to receive a signal when it's available.

Report on secure signals

Use the following dimensions to report on secure signals.

  • Secure signal presence Beta serves as an integration health check to ensure secure signals are being sent from client to Ad Manager.
  • Secure signal delivery Beta is whether any of the secure signals were sent to the winning bidder.
  • Secure signal name (presented) Beta  and Secure signal name (delivered) Beta both serve to measure the impact of a specific secure signal, such as do the winning bidders use specific signals.

Learn more about report dimensions for secure signals.

How Google processes secure signals

When Google processes secure signals for Ad Manager it operates as a data processor under the General Data Protection Regulation and as a service provider under the California Privacy Rights Act, Virginia’s Consumer Data Protection Act, the Colorado Privacy Act, Connecticut’s Act Concerning Data Privacy and Online Monitoring, and the Utah Consumer Privacy Act. As such, Google processes secure signals on your behalf.

Security certifications

ISO 27001

ISO 27001 is one of the most widely recognized, internationally accepted independent security standards. Google has earned ISO 27001 certification for the systems, applications, people, technology, processes and data centers serving a number of Google products, including Google Ad Manager.

About GDPR

Keeping users’ information safe and secure is among our highest priorities at Google. Over the years, we've worked closely with Data Protection Authorities in Europe and have implemented strong privacy protections that reflect their guidance. We are committed to complying with the General Data Protection Regulation (GDPR) and will collaborate with partners throughout this process.

For the use of secure signals from publishers, we are offering the Google Ads Data Processing Terms, which you may review and accept in Ad Manager.

How to accept the Ads Data Processing Terms

When you turn on secure signal sharing, you acknowledge that secure signals is a processor feature and is subject to the Ads Data Processing Terms. Turning on secure signal sharing means that you have reviewed and agree to be bound by the Ads Data Processing Terms.

Was this helpful?

How can we improve it?
Release notes

Read about the latest Ad Manager features and Help Center updates.

See what's new

Clear search
Close search
Google apps
Main menu
Search Help Center