Ad tech provider Colossus faces scrutiny for alleged mishandling of identifiers

Ad tech giant Colossus is in a tough spot amid accusations that it tricked advertisers into buying audiences they never intended to target.

Shocked by the allegations, many are now reviewing their ad buys with the ad tech provider to see if they were misled.

Their concerns stem from a report from ad transparency startup Adalytics, which found that Colossus was mislabeling identifiers, leading to unintended ad buys. The repercussions of these mistaken purchases are significant, ranging from targeting the wrong audiences to bombardment with repeated ads and potentially disrupting conversion tracking models.

The situation particularly resonated with a portfolio group of agencies.

One executive, preferring to remain anonymous, revealed that Colossus is an approved supply-side platform for his company, used by several clients. Following the Adalytics report, they are now meticulously reviewing bid requests and impressions routed through Colossus since the beginning of the year to validate allegations of identity theft and their potential impact on their customers. Next steps include assessing the financial fallout and seeking reimbursements from Colossus, with a broader reassessment of their relationship with the SSP on the table.

The agency manager was not yet sure how much Colossus owed its clients, but assuming the credentials were transferred to a known user from an untargetable average user credential, they estimate that would represent an increase of at least 30%. in CPM, based on the improvements they’ve seen using cookie-free targeting alternatives, such as Google’s Privacy Sandbox. But additional identifying information on these exchanged identifiers, such as the user’s profession or even multicultural identifiers (given that the Colossus SSP specializes in multicultural audiences), could increase the base CPM by 200% to 400%, they said.

And it’s not just this agency that is rethinking its links; Overall, some ad tech vendors have stopped treating Colossus as a marketplace altogether.

“We stopped buying from Colossus,” said an ad tech executive, who asked to remain anonymous due to commercial sensitivities.

Their decision, made independently of the Adalaytics report, was based on their own testing, which ultimately led them to the same conclusion. The results are presented here, but the main takeaway is this: identity disparities are not unique to Colossus; they’re actually quite common across various ad tech providers. However, Colossus’ specific problem is that user IDs never match, which sets it apart from other providers.

So does one editor, who also spoke to Digiday on condition of anonymity. But it’s not just the Adalaytics report that dissuaded them from selling ads on programmatic marketplace Colossus. It was also his financial situation.

According to Colossus parent Direct Digital Holdings’ Form 8-K: Current Report Filing, filed April 23:

Such a rapid succession of disturbing events certainly leaves room for speculation.

That’s why the head of the publisher, whose company uses Colossus SSP (among 32 other SSPs), said that after learning of the Adalytics report last week, he suspended Colossus due to the mismatch. credentials – and indications of financial problems within the company – set off too many alarm bells.

Colossus SSP represented only a single-digit percentage of the publisher’s programmatic fill rate. The executive added that while “this does not represent significant exposure for us, it is also not worth taking the risk.” So we decided to take a break until we can figure out what’s going on.

The publisher said it reviewed the 33 SSPs the media company works with with a fine-tooth comb to see if ID rotation or impersonation was happening with other providers and with just one other SSP ( whom the executive refused to name). had been caught doing the same thing.

Colossus could face further problems, ultimately leading to a loss of confidence – and business – from publishers.

Because Colossus represented a very low fill rate for the publisher, which is already being replaced by other SSPs, the publisher said: “It’s not even worth investigating further than that.” While this seems anomalous compared to all other SSPs, it’s simply not a risk worth taking for us.

Not only that, but the fact that Colossus’ parent company’s auditor abruptly withdrew and the company had to request an extension of its filings raised numerous red flags with the publisher’s director regarding the financial situation of Colossus.

While there is no money outstanding from Colossus to the media company – beyond the small portion of ad inventory sold through the SSP in the past two weeks – the executive said : “Seeing that their auditor has pulled out and they’ve requested an extension with their deposits – that’s never a good sign. … There’s usually a very clear reason why they’re opting out, either to pay, or they don’t want to be associated with something, or they don’t want to certify… (by) attaching their name to the financial statements.

For its part, Colossus responded to Adalytics’ claims that it misreported identifiers in bid requests by attributing the problem to the complexity of the ad tech ecosystem. He points out that the large number of technical integrations with different vendors inherently exposes their platform to potential discrepancies.

As true as this may be, there is little to consider as well: the scale, valuable replication of identifiers, selective targeting of a major demand-side platform, and potential financial benefits suggest that identifier mismatches were sufficient to sow doubt in the minds of some. Advertising executives said these were not isolated incidents, but an intentional practice by Colossus SSP to misrepresent stocks to achieve higher returns.