Attention Advertisers: HTTPS Compliance in 2017

By Caitlin Ellis, Sr. Manager, Revenue & Yield Optimization
Wednesday, February 1, 2017 / 1 min read


To safeguard user security, it’s becoming more common in the mobile advertising industry to use secure connections (HTTPS) instead of insecure connections (HTTP). The latest development is Apple’s new App Transport Security (ATS) policy, which improves user privacy and data integrity. We’re happy to report that Fyber’s infrastructure is already fully ATS compliant through the Fyber SDK (7.2.0 and above) which ensures that all requests from the client are made via HTTPS.

But what does this new policy mean for advertisers? The good news is that complying with ATS is easy, improves your data security, and ensures your ads will not be blocked for security reasons. Here’s everything you need to know to navigate the new changes.

What is App Transport Security?

Introduced as part of iOS 9, ATS requires apps to connect over HTTPS, instead of HTTP, to keep client-server communications and user data secure with encryption. This change helps instill confidence in users that their apps won’t accidentally leak user data. ATS is enabled by default on Apple platforms.

How are Fyber apps affected?

Apple stated that as of Jan. 1, 2017, all new apps and app updates submitted to the App Store need to support the protocol, as reported by TechCrunch. Since then, Apple has given more time for the industry to adapt but did not specify an exact deadline.

Does Android have a similar policy?

Yes, Android devices have mixed content blocking for preventing advertisers that use a combination of secure and insecure URLs in the same bid response, which is a threat to user security.

What do advertisers need to do?

Compliance is easy. Simply make sure all of your tracking links and click-through URLs use HTTPS. This is particularly relevant for direct response ads which are mobile-web campaigns. It’s recommended to use HTTPS across all platforms to ensure that your ads are delivered properly across web, mobile web, iOS and Android.

All campaigns using third-party attribution partners (such as Tune, AppsFlyer, Kochava, etc.) should already be migrated to HTTPS.

Learn more

If you have any further questions regarding user security, please contact your account manager, or email advertisers@fyber.com