Demand side platform

How Demand side platform Works

Ad Request from Publisher → Ad Exchange → DSP Engine
                                           │
                                           ├─ [Step 1: Pre-Bid Analysis]
                                           │    ├─ IP Reputation Check
                                           │    ├─ User-Agent Validation
                                           │    └─ Geo & Device Data Scan
                                           │
                                           ├─ [Step 2: Decision Logic]
                                           │    │
                                           │    ├─ IF Threat_Score > Threshold → REJECT
                                           │    └─ IF Threat_Score ≤ Threshold → BID
                                           │
                                           └─ [Step 3: Post-Bid Monitoring]
                                                ├─ Impression Verification
                                                └─ Click & Conversion Analysis

A Demand-Side Platform (DSP) operates at the heart of the programmatic advertising ecosystem, acting as an automated decision-maker for advertisers. Its role in fraud prevention is integrated directly into the ad buying process, which occurs in milliseconds. The primary goal is to analyze and filter ad opportunities before committing an advertiser’s budget.

Pre-Bid Fraud Analysis

When a user visits a website or app, an ad request is generated and sent to an ad exchange. The exchange then offers this impression opportunity to multiple DSPs. Before deciding to bid, the DSP performs a rapid analysis of the request data. This includes checking the user’s IP address against known fraudulent sources, validating the user-agent string to identify bots, and examining geographic and device data for inconsistencies that signal invalid traffic (IVT).

Real-Time Bidding and Filtering

Based on the pre-bid analysis, the DSP’s algorithm scores the ad opportunity for its potential fraud risk. If the risk score exceeds a predefined threshold, the DSP will not place a bid, effectively preventing the advertiser’s ad from ever appearing on a suspicious site or in front of a bot. This real-time filtering is the first line of defense, saving ad spend that would otherwise be wasted on fraudulent impressions.

Post-Bid Verification and Optimization

Even after an ad is won and displayed, the DSP’s job isn’t over. It continues to monitor the traffic for signs of fraud. This includes verifying that the ad was actually viewable by a human and analyzing click and conversion data for suspicious patterns, such as an abnormally high click-through rate with zero conversions. This data is then used to refine future bidding strategies and update internal blocklists.

Diagram Element Breakdown

Ad Request & DSP Engine

This represents the initial flow where a publisher’s available ad space is announced to the DSP. The DSP engine is the core component that orchestrates the subsequent analysis and bidding actions.

Pre-Bid Analysis

This is the DSP’s proactive defense mechanism. It’s a series of rapid checks (IP, user-agent, geo-data) performed the moment an ad opportunity becomes available. Its importance lies in preventing bids on obviously fraudulent traffic, which is the most efficient way to combat ad fraud.

Decision Logic

This is the rule-based or AI-driven core that makes the final call. By comparing a calculated threat score against a set threshold, the DSP automates the rejection of low-quality inventory. This matters because it removes human error and allows for fraud prevention at an immense scale.

Post-Bid Monitoring

This represents the ongoing analysis after an ad has been purchased and served. It acts as a feedback loop, identifying more subtle forms of fraud that might have bypassed pre-bid filters. This continuous learning is crucial for adapting to new fraudulent techniques.

🧠 Core Detection Logic

Example 1: IP Address Blocklisting

This logic prevents bids on traffic originating from IP addresses known to be associated with data centers, VPNs, or botnets. It is a fundamental pre-bid filtering technique that stops fraud before any money is spent by comparing the incoming IP against a curated blocklist.

FUNCTION handle_bid_request(request):
  ip_address = request.get_ip()
  
  IF ip_address IN known_fraudulent_ips:
    REJECT_BID(reason="IP on blocklist")
  ELSE:
    PROCEED_TO_BID(request)
  END IF

Example 2: Session Click Frequency Analysis

This logic tracks the number of clicks from a single user session within a short timeframe. An abnormally high number of clicks can indicate a bot or click farm. This is a behavioral heuristic used in both real-time and post-bid analysis to identify non-human patterns.

FUNCTION analyze_user_session(session):
  click_count = session.get_click_count()
  time_duration_seconds = session.get_duration()

  // Allow max 5 clicks in a 60-second window
  IF click_count > 5 AND time_duration_seconds < 60:
    FLAG_SESSION_AS_FRAUDULENT(session.id)
  END IF

Example 3: Geographic Mismatch Detection

This logic compares the IP address's geographic location with the device's self-reported location data (if available). A significant mismatch—for example, an IP from Vietnam but a device language set to Russian—can be a strong indicator of a proxy server or GPS spoofing used for fraud.

FUNCTION check_geo_mismatch(request):
  ip_geo = get_geo_from_ip(request.ip)
  device_geo = request.get_device_location()

  IF device_geo AND ip_geo.country != device_geo.country:
    INCREASE_FRAUD_SCORE(score=50)
    LOG_WARNING(details="IP and device country mismatch")
  END IF

📈 Practical Use Cases for Businesses

• Campaign Shielding – A DSP uses pre-bid filtering to automatically block ad requests from non-compliant domains or suspicious IP addresses, ensuring that campaign budgets are spent only on legitimate, viewable impressions.
• ROAS Improvement – By eliminating spend on fraudulent clicks and impressions that never convert, a DSP helps improve Return on Ad Spend (ROAS). Cleaner traffic data leads to more accurate performance metrics and better optimization decisions.

* Data Integrity – A DSP ensures that analytics dashboards are fed with clean data by filtering out bot traffic. This allows businesses to make accurate strategic decisions based on real user engagement, not on skewed metrics inflated by fraud.

• Supply Chain Transparency – Modern DSPs can analyze `ads.txt` and `sellers.json` files to verify that they are buying inventory from authorized sellers, which helps prevent domain spoofing and protects against illegitimate resellers.

Example 1: Domain Blocklist Rule

This logic prevents a business's ads from appearing on low-quality or known fraudulent websites. The marketing team can maintain a dynamic list of domains to exclude from all campaigns run through the DSP.

// Rule applied at the campaign level within the DSP
BEGIN RULE
  IF bid_request.domain IN global_domain_blocklist
  THEN
    ACTION: REJECT_BID
  END IF
END RULE

Example 2: Viewability Threshold

This logic ensures a business only bids on ad placements that have a high probability of being seen by a real user. The DSP uses historical data to predict the viewability of an ad slot before bidding, protecting spend from being wasted on ads that are never on screen.

// Pre-bid logic based on historical placement performance
BEGIN LOGIC
  placement_id = bid_request.placement_id
  predicted_viewability = get_historical_viewability(placement_id)

  IF predicted_viewability < 70%
  THEN
    ACTION: DO_NOT_BID
  END IF
END LOGIC

Example 3: Conversion Rate Anomaly Detection

This post-bid logic automatically flags traffic sources (publishers or sites) where the click-through rate (CTR) is exceptionally high but the conversion rate is near zero. This pattern suggests automated clicking, and the DSP can automatically add the fraudulent source to a blocklist.

// Post-campaign analysis run daily
FOR EACH publisher IN campaign.publishers
  ctr = publisher.ctr()
  conversion_rate = publisher.conversion_rate()

  IF ctr > 15% AND conversion_rate < 0.1%
  THEN
    ACTION: add_to_blocklist(publisher.id)
  END IF
END FOR

🐍 Python Code Examples

This code filters incoming ad requests by checking the request's IP address and user agent against predefined blocklists. This is a common first-line defense in a DSP to discard traffic from known fraudulent sources before any resource-intensive analysis.

KNOWN_BAD_IPS = {"1.2.3.4", "5.6.7.8"}
BOT_USER_AGENTS = {"Bot/1.0", "FraudulentCrawler/2.1"}

def pre_bid_filter(request_data):
    """Filters requests based on IP and User-Agent blocklists."""
    if request_data.get("ip") in KNOWN_BAD_IPS:
        print(f"Blocking request from bad IP: {request_data.get('ip')}")
        return False
    if request_data.get("user_agent") in BOT_USER_AGENTS:
        print(f"Blocking request from bot user agent: {request_data.get('user_agent')}")
        return False
    return True

# Example ad request
ad_request = {"ip": "1.2.3.4", "user_agent": "Mozilla/5.0"}
if pre_bid_filter(ad_request):
    print("Request is clean, proceeding to bid.")

This code calculates a simple fraud score for a click event based on multiple risk factors. DSPs use more complex scoring models to decide whether traffic is legitimate, allowing for nuanced decisions instead of simple block/allow rules.

def calculate_click_fraud_score(click_event):
    """Calculates a fraud score based on click attributes."""
    score = 0
    # Clicks happening too fast after impression are suspicious
    if click_event["time_to_click_ms"] < 500:
        score += 40
    
    # Traffic from data centers is a high-risk indicator
    if click_event["is_datacenter_ip"]:
        score += 50

    # Clicks from known bot signatures
    if click_event["has_bot_signature"]:
        score += 100
        
    return score

# Example click
click = {"time_to_click_ms": 350, "is_datacenter_ip": True, "has_bot_signature": False}
fraud_score = calculate_click_fraud_score(click)
print(f"Click fraud score: {fraud_score}")

if fraud_score > 80:
    print("High fraud risk detected. Invalidating click.")

Types of Demand side platform

• Pre-Bid Filtering DSPs – These platforms specialize in analyzing traffic signals *before* an ad auction occurs. They use data like IP reputation, device characteristics, and known fraud patterns to decide whether to participate in the bid at all, saving money and resources by avoiding tainted inventory from the start.
• DSPs with Integrated Third-Party Verification – These platforms incorporate data and filtering technology from specialized ad verification companies (e.g., IAS, DoubleVerify, HUMAN). This provides an extra layer of security by leveraging the expertise and extensive blocklists of a dedicated fraud detection service directly within the bidding workflow.
• AI-Powered DSPs – These advanced platforms use machine learning algorithms to detect new and evolving fraud patterns that rule-based systems might miss. They analyze vast datasets in real-time to identify subtle anomalies in user behavior, traffic sources, or conversion metrics, offering more adaptive and proactive protection.
• Self-Serve DSPs with Fraud Controls – These platforms give advertisers direct control over their anti-fraud settings. Advertisers can upload their own IP or domain blocklists, set viewability thresholds, and create custom rules for filtering traffic, allowing for a highly tailored approach to fraud prevention based on their specific risk tolerance.

🛡️ Common Detection Techniques

• IP Reputation Analysis – This technique involves checking an incoming IP address against global databases of known malicious actors, including data centers, VPNs/proxies, and botnets. It serves as a fundamental, first-line defense to block traffic from non-human or obfuscated sources.
• Behavioral Analysis – The DSP analyzes user actions within a session, such as click frequency, mouse movements (or lack thereof), and time between impression and click. Unnatural, repetitive, or overly fast interactions are flagged as potential bot activity.
• Header and Signature Analysis – This method inspects the technical details of a bid request, such as HTTP headers and the user-agent string. Inconsistencies or signatures matching known bots or outdated browsers can reveal fraudulent traffic attempting to disguise itself as legitimate.
• Geographic & Carrier Mismatch – This technique flags inconsistencies between a user's IP-based location and other signals like device language, timezone, or mobile carrier information. Such mismatches often indicate the use of proxies or other methods to spoof location for fraudulent purposes.
• Publisher and Inventory Analysis – DSPs analyze the performance history of publishers and specific ad placements. Placements with consistently low viewability, abnormally high click-rates, or other signs of invalid traffic are flagged and deprioritized or blocked in future auctions.

🧰 Popular Tools & Services

Tool	Description	Pros	Cons
The Trade Desk	A major independent DSP that provides advertisers with extensive tools for media buying, including robust partnerships with leading third-party ad verification and fraud detection services to ensure traffic quality.	Massive reach across channels (CTV, audio, mobile); strong third-party integrations; advanced reporting.	Typically requires significant ad spend; can be complex for beginners.
Google Display & Video 360	Google's enterprise-level DSP, which integrates deeply with the Google Marketing Platform. It uses Google's vast data and AI capabilities to automate bidding and includes built-in fraud detection to filter invalid traffic.	Seamless integration with Google Analytics and other Google products; powerful machine learning for optimization; automatic refunds for fraudulent impressions.	Primarily focused on Google's ecosystem; less transparency into "walled garden" inventory.
MediaMath	An omnichannel DSP known for its commitment to supply chain transparency and fraud prevention. It partners with verification leaders like HUMAN to provide pre-bid filtering and ensure brand-safe environments for advertisers.	Focus on transparency (Source initiative); strong identity and validation features; flexible and customizable.	Can have a steeper learning curve; operates in a highly competitive market.
Amazon DSP	Amazon's DSP allows advertisers to programmatically buy ads on Amazon sites and apps as well as across the web. It leverages Amazon's exclusive first-party data and has its own systems for monitoring and filtering invalid traffic.	Access to unique Amazon shopper data; strong for reaching audiences on Amazon-owned properties.	Most powerful when used for campaigns targeting the Amazon ecosystem; some features are only available to sellers on Amazon.

📊 KPI & Metrics

Tracking Key Performance Indicators (KPIs) is essential to measure the effectiveness of a DSP's fraud prevention capabilities. It's important to monitor both the technical accuracy of the fraud detection (e.g., IVT rate) and its impact on business goals (e.g., conversion rates), as the ultimate objective is to improve marketing efficiency and return on investment.

Metric Name	Description	Business Relevance
Invalid Traffic (IVT) Rate	The percentage of ad traffic identified as fraudulent or non-human by the DSP or an integrated third-party tool.	Directly measures the effectiveness of the DSP's filtering and indicates how much ad spend is being protected.
Viewability Rate	The percentage of served ad impressions that were actually visible to the user according to industry standards.	High viewability correlates with lower fraud, as it helps exclude non-viewable tactics like ad stacking or pixel stuffing.
Click-Through Rate (CTR) vs. Conversion Rate	Comparing the rate of clicks to the rate of actual desired actions (e.g., purchases, sign-ups).	A high CTR with a near-zero conversion rate is a strong indicator of click fraud, signaling wasted ad spend on fake engagement.
Cost Per Acquisition (CPA)	The total cost of a campaign divided by the number of successful conversions.	Effective fraud filtering reduces wasted spend on fake clicks, lowering the overall CPA and improving marketing efficiency.

These metrics are typically monitored through the DSP's reporting dashboard, often in near real-time. Many platforms allow for automated alerts when key metrics fall outside of expected ranges, prompting immediate investigation. This feedback loop is crucial for continuously optimizing anti-fraud rules, updating blocklists, and reallocating budget away from underperforming or suspicious publishers.

🆚 Comparison with Other Detection Methods

DSP-Integrated vs. Standalone Verification Tools

DSPs with integrated fraud detection offer speed and efficiency by analyzing and filtering traffic in a single step during the real-time bidding process. This can reduce latency compared to making a separate call to a standalone verification service. However, standalone tools (like those from IAS or DoubleVerify) offer universal, cross-platform measurement, providing a consistent source of truth if an advertiser uses multiple DSPs. Their specialization often means they can detect more sophisticated fraud types, though at a potentially higher cost and with added complexity.

Pre-Bid Filtering vs. Post-Bid Analysis

A DSP's primary fraud-fighting strength lies in pre-bid filtering—the ability to reject fraudulent impressions before they are purchased. This is highly effective at saving money. Post-bid analysis, in contrast, happens after the ad is served. While it cannot prevent the initial waste, it is crucial for identifying more subtle fraud, securing refunds from publishers, and providing the data needed to refine pre-bid models for future campaigns. Most advanced DSPs use a combination of both methods for comprehensive protection.

Automated DSP Filtering vs. Manual Blocklisting

Automated filtering, often powered by AI and machine learning, allows a DSP to identify and react to new fraud patterns at scale without human intervention. It is fast, scalable, and adaptive. Manual blocklisting, where an advertiser personally adds suspicious domains or IPs, is less scalable but offers precise control. It is best used as a supplement to automated systems, allowing advertisers to block specific sources that may be unique to their industry or campaign goals.

⚠️ Limitations & Drawbacks

While a Demand-Side Platform is a powerful tool for fighting ad fraud, its detection capabilities are not foolproof. Over-reliance on a DSP's built-in features without understanding their limitations can lead to a false sense of security and leave campaigns vulnerable to more sophisticated invalid traffic.

• Sophisticated Bot Evasion – Advanced bots can mimic human behavior, such as mouse movements and natural click patterns, making them difficult for standard DSP filters to detect.
• Limited Transparency – Some DSPs use "black-box" algorithms for fraud detection, giving advertisers little insight into why certain traffic was blocked or allowed, which can make troubleshooting difficult.
• Latency-Performance Trade-off – Aggressive pre-bid filtering requires more checks, which can add milliseconds of latency to the bidding process. In a highly competitive auction, this could cause an advertiser to lose out on legitimate impressions.
• False Positives – Overly strict filtering rules can incorrectly flag legitimate users as fraudulent, especially those using VPNs for privacy or corporate networks, leading to lost opportunities.
• Incentive Misalignment – Since DSPs often earn a percentage of media spend, there can be a financial disincentive to aggressively block all borderline traffic, as doing so would reduce their own revenue.
• Post-Bid Fraud – DSPs are most effective at stopping fraud *before* the bid. They are less effective against fraud that occurs after the ad is served, such as impression laundering or certain types of attribution fraud.

For these reasons, a hybrid approach that combines a DSP's native tools with third-party verification and continuous human oversight is often the most effective strategy.

❓ Frequently Asked Questions

How does a DSP prevent bidding on fraudulent inventory?

A DSP prevents bids on fraudulent inventory primarily through pre-bid analysis. Before an auction, it rapidly scans the ad request for red flags like suspicious IP addresses, known bot signatures, or data mismatches. If the fraud risk is too high, it simply refrains from bidding, thus protecting the advertiser's budget.

Can a DSP guarantee 100% fraud-free traffic?

No, a DSP cannot guarantee 100% fraud-free traffic. Fraudsters constantly develop new, more sophisticated techniques to evade detection. A DSP provides a powerful layer of defense that significantly mitigates risk, but it should be seen as a tool for reduction, not total elimination.

What is the difference between DSP pre-bid and post-bid fraud detection?

Pre-bid detection happens before an ad is purchased; its goal is to prevent spending money on fraudulent impressions. Post-bid analysis occurs after the ad has been served; its goal is to identify fraud that was missed, report on it, and use the findings to secure refunds and improve future pre-bid filters.

Do all DSPs offer the same level of fraud protection?

No, the quality and sophistication of fraud protection vary significantly between DSPs. Some offer basic IP and domain blocklisting, while more advanced platforms use AI-driven analysis and integrate with specialized third-party verification services to provide more robust, multi-layered protection.

How does a DSP use `ads.txt` for fraud prevention?

A DSP can crawl a publisher's `ads.txt` file to verify that the entity selling the ad space is authorized to do so. This helps combat domain spoofing, a type of fraud where a low-quality site masquerades as a premium one. If the seller is not listed in the `ads.txt` file, the DSP can automatically block the bid.

🧾 Summary

A Demand-Side Platform (DSP) is a critical tool in the fight against digital advertising fraud. It serves as an automated gatekeeper for advertisers, using pre-bid analysis to filter out invalid traffic before a purchase is made. By leveraging techniques like IP blocklisting, behavioral analysis, and third-party data, a DSP protects ad budgets, ensures campaign data integrity, and improves overall marketing effectiveness.

🔗 Related Articles

• Ad Fraud in 2025: New Tricks, Old Threats, and Smarter Defenses - https://decenterads.com/blog/ad-fraud-in-2025-new-tricks-old-threats-and-smarter-defenses
• 5 Ways to Counter Ad Fraud Without a Detection Tool - https://spideraf.com/blog/en-ad-fraud-detection-tool-free
• Impact Of Programmatic Ad Fraud On Your Campaigns - https://clickpatrol.com/impact-of-programmatic-ad-fraud-on-your-campaigns/
• How to Stop Programmatic Ad Fraud: Effective Strategies | Anura - https://www.anura.io/blog/how-to-stop-programmatic-ad-fraud-effective-strategies
• Click fraud: Understanding the impact on digital advertising - https://www.humansecurity.com/learn/topics/click-fraud
• What is Demand-Side Platform (DSP) in Advertising? - https://fraudblocker.com/blog/what-is-a-demand-side-platform-dsp-in-advertising/