Apple again forces changes with iOS9: mobile ads to move to SSL

What is it?

With the release of iOS 9 Apple has enforced secure connections between applications and back ends. What that means is that iOS9 will block all non SSL calls. Developers of existing applications will need to adopt Apple’s best practice as soon as possible and new applications will need to work with secure connections (SSL) exclusively from the start.

Why do we need it?

Privacy and encryption are hot topics in the industry right now and Apple has rightly made a decision to address this industry concern. The added protection of using HTTPS makes gives consumers safety and ensures that no malicious malware, tracking or other unwanted ads are injected into a users mobile device.

What does this mean for the mobile ad industry?

The way creatives are generated will change. Advertisers will need to build secure creatives including trackers and third party ad tags. That means that third party vendors will need support secure creatives and advertisers should make sure that third party vendors are SSL-compliant. For a creative to be compliant the HTTP call must be HTTPS.

The transition to secure connections is already in progress and some ad exchanges are already informing developers that they will need to adopt secure connections in order to receive ads. As developers update their apps and new developers build new apps with secure connections, the amount of available non-secure mobile ad inventory will decrease. Ad exchanges have started to implement policies for secure creatives and they will stop accepting non-secure creatives for an increasingly larger proportion of their ad inventory as developers update their apps to support Apple’s iOS9 policy.

Advertisers not adopting secure creatives using SSL will start to experience limited access mobile ad inventory across as exchanges. Note that not all ad exchanges have published their plan for addressing secure creatives.

What is Smadex doing about it?

Smadex will be one of the first demand players to address the SSL issue. We will be rolling out updates to address the change to SSL throughout December 2015. This is what it means for advertisers:

  • Smadex will serve first party ads as via SSL connections
  • For third party ad tags, we will need to make sure that the third party vendor is SSL-compliant before we accept HTTPS ad tags. We will continue to support non-SSL ad tags but we will only be able to deliver those creatives across ad requests/ad exchanges that do not require SSL
  • Finally, we will require advertisers with secure creatives to also use HTTPS impression pixels

For more information about how to prepare for HTTPS / SSL calls contact us on contact[at]smadex[dot]com