Ad Manager and Ad Exchange program policies
Prevent malware in ad content
Google actively works with trusted advertisers and partners to help prevent malware in ads. All publishers and ad networks should follow the security recommendations detailed at https://anti-malvertising.withgoogle.com/.
Google's proprietary technology and malware detection tools are used to regularly scan all creatives. Fourth-party calls or sub-syndication to any uncertified advertisers or vendors are forbidden. Any ad distributing malware is pulled to protect users from harm. Any Authorized buyer whose creative is found to contain malware is subject to a minimum three-month suspension. If you have a creative under policy violation, learn how to resolve it.
Creatives that trigger automatic-redirects or pop-ups
Auto-redirects are a form of malvertising that automatically click and unexpectedly take users to another site in a user’s browser or mobile app when rendered. Similarly, pop-ups are a form of malvertising that render system dialog boxes over the website enticing the user to click.
Google prohibits this behavior and is constantly improving detection and enforcement. The large majority of Ad Exchange and Google demand uses technical solutions to stop this malicious creative activity in Chrome, the Mobile Ads SDK, and other platforms.
Other exchanges, networks, and partners transacted through header bidding and remnant or reservation line items might not have the same policies and protections. Ensure that your demand sources have adequate policies to prohibit and protect against this behavior.
SafeFrame automatic protections enabled
SafeFrame is turned on by default for all reservation creatives. This may break some creatives, and those creatives may require updating to display properly. While it is possible to disable the SafeFrame feature, we highly recommend keeping it turned on.
SafeFrame is automatically enabled for all backfill creatives, and sandboxing is also enabled for browsers that support it.
For enhanced security, you may choose to use the
setSafeFrameConfig and the
setForceSafeFrame methods in the GPT API. These methods are used to override the configuration set in Ad Manager and force ads in a specific slot to always render in a SafeFrame. If you implement these methods, it is important to set up your reservation creatives with SafeFrame in mind.
Report a violation from a Google exchange or network
If you see an automatic redirect or pop-up from AdWords, AdSense, or Ad Exchange, contact publisher support with a recorded HTTP log of the redirect behavior, required for investigation.
Publisher support teams cannot investigate creatives from third-party exchanges or networks.