TAG TrustNet is a cross-industry network running an always-on platform making the industry more accountable, responsible, and efficient. The platform was validated with major brands, agencies and tech vendors over a 2-year pilot and is positioned to contribute to the continued growth of the industry by enabling Responsible Advertising based on 3 principles: know your business partners, know their business practices, make timely informed decisions. While providing accountability and compliance, TAG TrustNet is driving business value and efficiencies for network participants at a minimal cost compared to the benefits it generates.
Based on a cost in a 1 to 2% range of the advertising spend depending on volume, the cost/benefit ratio can reach a high multiple depending on how the reconciled data is used. The network provides a range of direct benefits, that can be enhanced over system integrations and applications.
DLT is a breakthrough in various industries as a technology solution taking away the complexities and inefficiencies of supply chains. It allows companies to share and reconcile transaction data among trusted business partners in line with their contractual agreements in a secure and trusted collaborative environment. It most notably takes away the need for lots of different integrations between different organisations, simplifies legal agreements among participants, and allows to automate them over smart contracts. Compliance information becomes readily available and always-on reporting contributes to the reduction of expensive reconciliation and auditing.
Building log file integrations with every partner in the ecosystem is expensive. Maintaining them when they are up and running is also expensive because it comes with a substantial commitment to keep technology up to date: over time partners will change their technology, naming conventions, access settings or specifications. With TAG TrustNet only one integration is required to get access to the logs of every other network member. Moreover, log file data can be downloaded already pre-reconciled according to defined rules and used for automated business agreement management. For these reasons, for most companies DLT will be a cheaper, more efficient way to get access log files than other methods.

Log files reconciliation requires log file data provided by various individual supply chain participants to be consistent. One way to address this question is to define detailed standards for log file formats, data fields naming conventions, taxonomies and meanings. To come to an agreement on industry logging standards is taking time and will require significant investments from adtech vendors to adjust their logging systems.

The other approach is to write log file data to the TAG TrustNet DLT network, where it is automatically harmonised to a common network format at the moment it is written. This approach requires less investments from ad-tech vendors, as it allows to use any formats, taxonomies and naming conventions as long as they can be harmonised to a common format. The only standard required to avoid any ambiguity is to define the meaning of data fields. With this approach the log files reconciliation functionality may be supported by the industry much faster with minimal changes required from ad-tech vendors.

In general, Ad Verification Providers deliver ad effectiveness impression data, blocking and pre-bid tools. They do not cover cost efficiency (supply chain costs), ad delivery/reconciliation, and compliance to industry standards. By incorporating your Ad Verification data within TAG TrustNet you are able to:

Confirm what site and application ads actually appeared on. Matched log-level data from the DSP, Exchange/SSP, ad server and Ad Verification company are used to confirm the domain that was recorded for an impression from each platform. If there are differences this can help identify technical problems, misplacement, and domain spoofing.

Matching cost data from the DSP and Exchange/SSP means you can analyse standard verification metrics leading to better business decisions.

TAG TrustNet allows you to evaluate how industry standards (ads.txt and sellers.json) and certifications (TAG) get implemented in a single place to improve brand safety, and reduce fraud, malware and piracy.

TAG TrustNet reconciles supply chain participants data producing a single shared truth that can be used for discrepancy management, managing partner and tag deployments and improving operational efficiency.

There is no other solution available today that allows to cross-verify impression log files of ads coming from multiple supply chain data sources. TAG TrustNet allows to compare the ads.txt file from a publisher, the sellers.json file from an exchange, and the impression log file from the exchange/SSP to ensure these files exist and consistently describe their relationship and the seller/buyer identifiers with what appears in the log file.


TAG TrustNet does not allow its members to process Personal Data or otherwise link data within the TAG TrustNet with other data held by a participant to create Personal Data. Every TAG TrustNet member shall comply with TAG TrustNet Member Requirements, which state that log-level data provided for ingestion into TAG TrustNet shall not include any Personal Data and, as such, should fall outside of the scope of data protection laws, including, without limitation, the GDPR and the CCPA. All Personal Data, and any data fields which represent “pseudonymous data,” shall be removed before the underlying dataset is ingested into TAG TrustNet.  

  • “Personal Data” means any information defined as “personal data,” “personal information,” “personally identifiable information,” or other similar term under applicable data protection laws. 

While impression timestamps and oRTB Bid Request Impression IDs that are ingested into TAG TrustNet might be considered “pseudonymous data” in some circumstances, it is “anonymous data” in this case because:

– It is not possible for Fiducia, as a platform provider for TAG TrustNet, to use this data to identify an individual and;

– TAG TrustNet obfuscates these data fields when they are exported to reasonably prevent anyone from linking TAG TrustNet impression records to an individual (see below for more details).  

In addition to the above, Fiducia, as a platform provider, takes the following steps to reduce risks of re-identifiability of data ingested by, or exported from, TAG TrustNet, so as to achieve the standards of anonymization under applicable data protection laws (such as by not allowing re-identification via the “means reasonably likely to be used” by a third party, per the GDPR standard for determining whether data is “identifiable”):

– For all supported data sources, the TAG TrustNet Node Data Connectors filter any data fields that represent Personal Data from processing in the TAG TrustNet. Only data fields outlined in TAG TrustNet Member Requirements are ingested to by TAG TrustNet for processing.

– When data is exported by TAG TrustNet Members to external databases, the TAG TrustNet Node obfuscates oRTB Bid Request Impression ID, oRTB Bid Request ID, and Timestamp data fields as follows. oRTB Bid Request Impression IDs and oRTB Bid Request IDs are replaced with anonymous impression IDs, which cannot be linked back to original oRTB Bid Request Impression IDs or oRTB Bid Request IDs. Timestamps are rounded to 1-hour intervals.

TAG TrustNet can verify the following:

  • ads are coming from a publisher that has an ads.txt or app-ads.txt file. 
  • ads are coming from an exchange that has a sellers.json file.
  • based on log level data from the exchange, the exchange is listed as an authorized seller in the publisher’s ads/app-ads.txt file, and the publisher is identified as a known source of inventory in the exchange’s seller.json file. This is technically done by verifying the seller ID from the exchange/SSP log file matches the seller ID (also called the Publisher’s Account ID) in the ads.txt or app-ads.txt file AND the seller ID in the sellers.json file.

General Information

It is a type of database which stores transaction records and is consensually shared, synchronized and accessible across multiple organisations, sites, institutions, or geographies. A distributed ledger stands in contrast to a centralized database, which is more prone to failures, cyber-attacks and fraud, as it is administered by a single organisation and therefore has a single point of failure.


The terms blockchain and DLT are often used interchangeably. Blockchain is a particular type of DLT which was popularized by Bitcoin. In Bitcoin, the ledger of transactions is as a sequence of blocks of data linked together through cryptography. The name comes from the fact that the ‘blocks’ are ‘chained’ in this fashion.
A DLT Network is a network of computers, called network nodes, which implement a distributed ledger by running specialised software and communication protocols to share, synchronise and access the ledger records. When a ledger update happens, these nodes apply a consensus mechanism to agree on the ordering of transaction records and whether they should be included. The consensus mechanism allows the ledger to be tamper resistant and immutable and containing only confirmed and validated transactions. Because the nodes contain identical replicas of ledger records, users of nodes know that “What you see is what I see” when they access the ledger.

TAG TrustNet is a permissioned network, as opposed to unpermissioned networks like Bitcoin that are open to anyone. It is pemissioned in three ways: (a) the participants need to agree to the governance and control principles to participate to the network, (b) the participants need to be approved to become network members, (c) the participants need to comply with the network minimum requirements at all times.


A smart contract is a computer program stored in a distributed ledger network wherein the outcome of any execution of the program is recorded on the distributed ledger. A smart contract might represent terms in a contract in law and create a legally enforceable obligation under the legislation of an applicable jurisdiction. Smart contracts allow organisations to automate their business relationships using software code with enforceability based on the distributed ledger records.

There are three ways in which the data from TAG TrustNet can be trusted:

  1. The source of the data being reported to TAG TrustNet is authenticated by the network, so there is no question about who is providing the data.
  2. TAG TrustNet stores the impression data using distributed ledger technology which creates an immutable record of the transaction.
  3. The data for each impression that is collected from all the companies that were involved in delivering it can be compared to see if there are any inconsistencies.

It may be helpful to provide a little more information about the last point. One of the key deliverables from TAG TrustNet is that the impression data that is available from each vendor who was involved in delivering an impression is being stitched together to create a single record of each transaction across the supply chain. As a result of this, the data about the same impression from different sources can be compared and inconsistences can be identified. For example, if impression is reported by DSP, but not reported by exchange/SSP or ad server - most likely it was not delivered. Here are some other examples of this:

  • The impression clearing price from a exchange/SSP reports can be compared to that reported by the DSP.
  • The publisher domain recognised by a exchange/SSP can be compared to the publisher domain recognised by a verification tool (if they do not match it may be a sign of domain spoofing).
  • An exchange/SSP’s-reported platform fee can be cross-checked with payment data from publishers.

It should be noted that TAG TrustNet cannot guarantee that vendors will report data correctly, but it registers every piece of impression level information received from vendors in the distributed ledger–ensuring that after receipt impression data can’t be changed and remains immutable. If a vendor changes data in their systems after it was reported to TTN it may be detected and proven.

Some blockchain detractors have been claiming that blockchains have a massive negative impact on the environment due to high energy consumption. This is probably due to a misunderstanding around the Bitcoin use of blockchain and other types of blockchains. What is true for the Bitcoin as a public network based on a “proof-of work” protocol, requiring a digital-labor intensive “mining” process with high energy demands to validate each new block of data, is radically different for permissioned private networks. In a permissioned network, such as the one implemented by TAG TrustNet, each block can get validated by a handful of nodes acting as notaries, with the energy consumption of not more than a few PCs. The expectation with permissioned networks is that in most cases the efficiency gains provided by DLT - reducing paper trails and running automated processes to reconcile, record, audit data - will have a significant positive impact on the environment rather than the other way around. In addition to this, the TAG TrustNet platform runs distributed ledger transactions only to register large blocks of impression data instead of doing that for every impression. This further reduces the energy consumed by the platform. For more details on the efficiencies of private blockchains, please see this article from R3, the company providing the private blockchain platform used by TAG TrustNet (https://www.r3.com/blog/just-how-energy-efficient-is-your-blockchain/)

In addition to this:

  • The technical infrastructure of TAG TrustNet uses AWS and Amazon has committed to being carbon neutral by 2040, 10 years ahead of the Paris Agreement.
  • TAG TrustNet is also working with the AD Net Zero Advertising Association through the IPA and other 3rd party companies to reduce the carbon footprint in programmatic advertising. This is done by providing transparency to advertisers and their agencies of the carbon footprint created by their ad campaigns and how they could reduce it.
  • There are also other socially responsible benefits that are available to companies using TAG TrustNet. Currently this includes reducing ad spend going to criminal activity, and in the future may involve DEI, Corporate Social Responsibility and user privacy.


To resolve the industry accountability problem – which in a technology driven industry essentially requires a technology solution – by implementing an always-on decentralised technology infrastructure able to reconcile impression data in the context of an industry network, to enforce measurable industry standards, certifications, and legal requirements on an ongoing basis. This cannot be achieved with centralised solutions controlled by individual entities but requires an industry-wide approach and trade associations are best placed to play that role.
Requirements that are measurable over the impression log data provided to the platform get enforced over the DLT platform. Requirements that are not measurable will go through a traditional audit process.
Any company joining the network needs to comply with minimum requirements to become a TAG TrustNet member allowed to use the network over a node. This includes the need to get identified as a legitimate legal entity and to be issued a tracking TAG-ID. The requirements define the data that needs to be included in the data feeds of providers. The reconciliation of this data among supply chain participants allows a company to detect discrepancies between the different data sets providing a signal for potential fraud. Under certain conditions, a company may be prevented from participating to transactions should the ledger provide evidence that it does not comply with network requirements at all times.
A consent framework is activated as part of the network functionality. Depending on the case, access to data may require one or more parties to provide their consents. As all consents can easily be provided by all parties over their nodes this process is easily managed using the network functionality. Consents are automatically enforced and data providers remain in control of access as they voluntarily can decide whether to report data or not.
Anyone in the industry can contribute to the development of the network application ecosystem using the platform API providing access to the distributed ledger.
For TAG TrustNet to deliver its full benefits to its members it has to be widely adopted across the industry as a joint collaborative effort to implement a “new standard” in the way to conduct business in a more accountable, responsible, sustainable and efficient way. The network is helping to create a fair and open marketplace based on accountability with the enforcement of self-defined rules that all participants across the supply chain agree to implement consistently at all times.

Intermediaries and Publishers

For intermediaries (such as ad servers, Ad Verification tools, DSPs, and Exchanges/SSPs) and publishers here is a summary of the process to join:

  1. Become a TAG Member and be verified as a legitimate legal entity with a TAG ID
  2. Agree to the network requirements and sign the TAG TrustNet Membership Agreement
  3. Sign the TAG TrustNet Licensing & Service Level Agreement
  4. Complete the Node and Data Assessment Form
  5. Get a Data Connector built and approved
  6. Get a Network Node set-up allowing to import and share data with other network members
  7. Set up ongoing data feed(s) based on advertiser requests
For TAG members with a TAG ID the TAG TrustNet membership is free. To have an active node on the network to share data, the only cost is a one-time activation fee of $5k, $10k or $15k depending on annual digital advertising revenue. The activation fee is waived for all companies joining TAG TrustNet on or before December 31, 2021.
Data is to be sent to the network using standard delivery mechanisms. It usually gets usually delivery to a cloud bucket (Amazon s3, Google GCP) or accessed via SnowFlake or other access points. As part of the data integration process, members are required to provide an example or a live data feed which will be used to create a TAG TrustNet Network Adaptor that will automatically ingest, match and harmonise data within the network.
Log-level data must be provided by all TAG TrustNet Members for their impression data to be deterministically matched across supply chains.
Member data is ingested into the network and matched with impressions data from other network members sharing the same identifier that is activated at the request of advertisers. The matched data is recorded in the distributed ledger and (i) shared with the advertiser over the TAG TrustNet Supply Chain Monitor and (ii) included in the reconciled data that can get exported by advertisers into their own systems.
A consent framework is part of the network functionality. Access to data may require one or more parties to provide consent and all consents are automatically enforced within the network infrastructure. The data provider always remains in control of data access.
  • Information security is a top priority for our company and is governed and enforced by our leadership. Our security program is based on industry standards and best practices including NIST, ISO, CIS and others as required for specialized needs (cloud specific, application security, etc.)
  • Through formalized Written Information Security Policy (WISP) and supporting standards and procedures, we are able to track and monitor the health of our program and better ensure all employees follow our standard for consistent security practices.
  • Data is stored in encrypted AWS S3, encrypted EBS, encrypted records in Amazon Dynamo DB and in Amazon Aurora. Data is disposed securely according to AWS policies.
  • We use AWS KMS for encryption of all EBS volumes and S3 buckets that contain customer data.
  • Each customer is supplied with dedicated EC2 instances, EBS volumes and S3 buckets to work with his data using Fiducia software.
  • Vendor risk is controlled by our formal Third Party Risk Management (TPRM) program to ensure any vendor who may host, store, transfer, process, manage, or otherwise handle your data and information is vetted prior to any engagement and meets a high standard of minimum security practices.
  • Our contracts with third parties incorporate privacy and security obligations designed to ensure a level of data protection similar to and not less than our own privacy and security controls.
  • We perform an annual business security risk assessment that addresses the confidentiality, integrity, and availability of data and information both internally and with the assistance of an outside third party assessor.
  • We are in the process of preparing for a SOC2 Type 2 certification with an anticipated completion in 2024. Our certification scope will cover the totality of systems, facilities, and personnel that handle and process customer information.

Technical Questions

The Reconciliation SDK (software development kit) is a tool developed by Fiducia that can be installed on publisher sites and applications. It creates a log file record ID map when an ad is requested that can then be shared with every supply chain participant. With this ID map, log files of various supply chain participants can all be matched deterministically line to line. The SDK is preserving consumer privacy and cannot be used for consumer tracking.
TAG TrustNet uses existing log files that supply chain partners can already provide. The only time an additional tag is needed is when the TAG Reconciliation Service is deployed. Whether or not this is needed gets determined as part of the initial supply chain mapping exercise.
Customer data is retained for up to 60 days at the impression level and up to 3 years for the aggregated data used within the TAG TrustNet web application.