Key Takeaways

• ads.txt effectively reduces domain spoofing and unauthorized reselling. These were two of the largest fraud vectors before ads.txt existed.
• It doesn't prevent all types of ad fraud. Bot traffic, click fraud, pixel stuffing, and ad stacking require different countermeasures.
• The fraud reduction depends on DSP enforcement. ads.txt only works if buyers actually check it. Most major DSPs now do.
• ads.txt is a necessary layer, not a complete solution. It's one of several tools in the anti-fraud stack.

---

Can ads.txt Reduce Fraud?

Yes.

But only specific types.

What ads.txt Prevents

Domain Spoofing

Before ads.txt, a bad actor could create fake bid requests claiming to be from nytimes.com or espn.com. DSPs had no way to verify the claim. They would bid on what they thought was premium inventory and receive fraudulent impressions.

ads.txt stopped this.

When a DSP receives a bid request claiming to be from nytimes.com, it checks nytimes.com/ads.txt. If the SSP and account in the bid request aren't listed, the bid is rejected. The bad actor can't add themselves to the publisher's ads.txt because they don't control the publisher's domain.

This single mechanism eliminated billions of dollars in domain spoofing fraud.

Unauthorized Reselling

Some intermediaries would obtain publisher inventory through legitimate SSPs and resell it through unauthorized channels, collecting additional fees. With ads.txt, publishers declare exactly which entities are authorized to sell their inventory. Reselling through channels not in ads.txt is immediately detectable and rejectable by DSPs.

What ads.txt Does NOT Prevent

Bot Traffic / Invalid Traffic (IVT)

ads.txt verifies who's selling the inventory. It doesn't verify who's viewing the ads.

Bot traffic, data center traffic, and other forms of invalid traffic operate within authorized supply paths. The SSP is legitimate, the account is authorized, but the impressions are generated by non-human traffic.

Preventing IVT requires traffic quality analysis, bot detection, and verification vendors (IAS, DoubleVerify, MOAT).

Click Fraud

Fraudulent clicks on ads aren't related to supply chain authorization. Click fraud happens after the ad is served, regardless of whether the supply path is verified.

Pixel Stuffing and Ad Stacking

These techniques serve ads in invisible or obscured placements. The supply path may be fully authorized, but the ad isn't actually viewable. Viewability measurement and verification tools address this.

Misrepresented Content

A publisher might have a clean ads.txt and verified supply chain but misrepresent the content of their pages (claiming premium content categories when the actual content is low quality). Brand safety and content verification tools handle this.

The Net Effect

ads.txt cut overall ad fraud by closing the two largest loopholes (domain spoofing and unauthorized reselling). Industry estimates suggest ads.txt prevented tens of billions of dollars in fraud since its introduction in 2017.

But fraud adapts.

As domain spoofing became harder, fraudsters shifted to other techniques. ads.txt is an essential defensive layer, but it works best alongside other anti-fraud tools: sellers.json for identity verification, schain for path verification, and third-party fraud detection for traffic quality.

For publishers, maintaining a clean ads.txt protects your domain's reputation with DSPs and ensures that fraud against your brand is detectable. Check your verification status with BeamFlow's scanner.