Ad Serving Over HTTPS

Published by: Katie Knochel ,
Published on: March 12, 2014


Is anyone serving ads in an https environment? I am looking to gain more information on how this is affecting client relations and indirect ad serving. We understand there is a lower indirect demand for secure ads, and that we would need to go back to our direct advertisers and request secure tags, if we proceed with https. Would love to hear anyone else's experience.



The big exchanges and networks are requiring secure calls. By not implementing secure calls, you will see a decrease in reach over time.

The overhead should not affect the ad experience.

The distinction between server-to-server calls for programmatic vs. the ad tag and what gets displayed to the browser needs to be made.

Are you just serving ad tags or integrating via programmatic bidding?

Hi Katie,
Delivering ads into a secure page requires that all calls in the ad delivery chain shall be made and served using HTTPs, otherwise there would be a security vulnerability that essentially breaks the authentication of the entire page. This becomes a bit more challenging when working with indirect demand source as you have less control on the entire chain.

Technically you can ask your indirect partners to use “Absolute URLs” in all calls (without “http|https”) – which force the browser to use the current security scheme of the page in all calls. But you cannot validate that and not always knows who eventually deliver the ads.

At GeoEdge we specialized in Ad verification and Quality Assurance and can help to manage this risk. We would automatically detect in real time incidents that one (or more) of the calls are not secured, and will pinpoint the source of ad. So you can keep working with Indirect partners when needed.

Please contact me directly if you would like to get additional information (

Rocket Fuel