Bad guys always find ways to exploit internet users. Matt is the good guy who stops them. | RGR 072

Share this post

Share on facebook
Share on twitter
Share on linkedin
Share on google
Share on pinterest
Share on skype
Share on email

Overview:

When mobile communications started out, Matt Gillis spent lots of hours on the golf course showing businessmen what a cell phone could do.

Then he was the guy at Verizon that game publishers went to to get their games approved, then started his own game company, then helped mobile app developers make money from ads. Now he runs clean.io, a cybersecurity company that protects developers against malicious ads.

The creators of those ads, Matt says, are “some of the most sophisticated media buyers on the planet.” They ruin the user experience. And some of those users might be yours. So it’s good to have Matt on your side.

______

Rise Grind Repeat Podcast
powered by EIC Agency

______

Hosted by Dustin Trout
Produced by Andrei Gardiola

__________

Check out the full video episode at:

Youtube Channel – https://bit.ly/3dlwjnJ
Spotify – https://spoti.fi/2Mgfpe6
Apple Podcasts – https://apple.co/2MiQdUv

__________
Check out the full video episode on Youtube at:

https://www.youtube.com/watch?v=D4m1Q2VHe-c

For more information visit our website at https://eic.agency/

We are also on Instagram @EveryImpressionCounts

| Rise Grind Repeat 072 |

00:12
On today’s episode of Rise, Grind, Repeat, we talked to Matt from Clean.io helps publishers keep more of their revenue by preventing ad fraud. Let’s dive right in. Matt, thank you so much for joining another episode of Rise, Grind, Repeat, I’m excited for this episode you, you’re in the ad fraud industry. My whole background is in paid media and ad fraud is a huge topic. And so there isn’t a whole lot of education in this area. But before we get into all of that, and the nerd out on that, and I’d love to hear more about your, your backstory, how, when did entrepreneurship start for you? And just kind of introduce a little bit about who you are?

00:49
Yeah, so good to meet you. I am the CEO of a company called Clean.io. So that’s where I am now. And obviously didn’t start here. But yeah, I’ve been in the mobile business my whole career. So it started right out of college, as you know, a summer students standing on a golf course, letting businessmen call back to their office on this thing called a cell phone. This is in the early 90s. Right. And so it was actually pretty cool to do that then. But fortunately, I’ve been like, kind of through very various waves of innovation on the mobile side, worked at mobile carriers. Did all the early services that you did on your cell phone, and things like ring tones, believe it or not, things like video on demand games. I would say my first entrepreneurial bug came when I left Verizon Wireless, where I had a great job I you know, anybody who wanted to distribute games, to customers had to they were my partners. And, and quite frankly, I saw a lot of these games companies making a tremendous amount of money. I saw a lot of folks getting rich, and I decided it was my turn to go give it a try. And so I went and did a small video game startup, me and two other guys. And we very quickly had, you know, rocket ship growth. Our biggest game was this game called Who Wants to Be a Millionaire, which I’m sure you’ve heard of.

02:07
Yeah.

02:08
So So we took a lot of LinkedIn, the casual classic games to mobile devices. And a pretty big Japanese video game company called Capcom acquired us, you may be familiar with Street Fighter Resident Evil Mega Man, like the old classics. And they were looking to kind of ride the mobile wave. And they only had hardcore games. So they, they acquired our company. And so I wrote it out of Capcom. And that was kind of like my first entrepreneurial exit, I guess you could say. And, and it’s interesting, each of my, my opportunities kind of connects together. So I was doing games. If you remember the early days of the iPhone, it was really hard to get people to want to pay 99 cents for something.

02:51
Yep.

02:52
So and so we were trying to sell like Street Fighter and get someone to pay $6.99 cents on a console. You know, people would pay 50 bucks. Oh, yeah. But you couldn’t get you can get them to spend five bucks on a latte every day. But to pay 99 cents for something, it wasn’t happening. And so we were struggling with the business model. And lo and behold, I ran into some some old folks that I worked with back in the days of Verizon. And they had started this company called Millennial Media. And it was effectively like a mobile ads company. And so their focus was to give app developers the ability to make money with ads in their apps. And so that doesn’t seem so foreign today. But this was in like, 2009 2010 Yeah, so So did that, you know, join there, you know, they were very successful long before I got there. And but we, you know, I ran the the publisher business there. So getting other publishers to take our SDK and make money with ads. So we would partner with companies like Zynga who have worked with friends and that sort of stuff. And we took that company public on the New York Stock Exchange. Wow. And then we sold that company to AOL, which was acquired by Verizon. And, and then I wrote that one out, because we then went and acquired Yahoo. So I ended up running the publishing business through all that. So like, we were the kind of stitched together. And I guess, like so at the end, I was leading this publisher business at Verizon media both is what it was called at the end of the day. And I needed to unplug and so I took some time off and recharge the batteries and, and I ran into a bunch of old colleagues who are solving this problem of malicious ads. So I’m, you know, I swore that once I got out of the ads business, I’d never go back. But now we’re, you know, I’m running a cybersecurity company that really helps, you know, preserve user experiences and revenue and make sure that, you know, the bad guys don’t win. So it’s kind of fun.

04:48
Yeah, no, that’s impressive background. That’s awesome, awesome story to how you got here today. I mean, how did the whole conversation startup of ad fraud I mean, it’s not not it’s not every people that talk about you know, there’s a lot of malicious clicks or a lot a lot of ad fraud that’s going on. So I mean, how did this problem arise? And even more, so I mean, would maybe love to back it up a little bit and just kind of explain what the whole problem is and the entire ecosystem?

05:14
Yeah. So what’s kind of cool is that the team that built this company, I’m not a founder, I was brought in as the CEO in January of 2019. So I’ve been doing this for almost two years. All of us that work here pretty much came from the digital media ecosystem. So we’ve we’ve, we’ve walked a mile in our customers shoes, to say the least. And so we’ve got a tremendous amount of empathy. When I was advising media, one of the biggest challenges I had was these malicious ads, where, you know, you probably have had it happen to you, Dustin, where like, you’re on your phone, and you’re scrolling. And then all of a sudden, you know, the screen redirects, and says, congratulations does and you want an Amazon gift card, or, or it says, You have 39 viruses on your phone, click here to fix it. And if you did, click here, it would launch into the app store into some VPN app that you have no idea what it is. So really, what what those experiences are, there’s a bad actor on the other end of that, that that actor is actually buying ads. So those experiences start and originate with someone that has bought an ad on a website. And they’re injecting malicious JavaScript that take over the user experience. So often, folks, you know, they don’t, they don’t know why, or how that’s happening. But it really is called malvertising, which is malicious advertising. So it comes through the digital media ecosystem. And what’s interesting is, is these bad actors that are doing this sort of thing. You know, I would call them some of the most sophisticated media buyers on the planet, what they do, is they know how to buy, you know, 1000 ads, at a cost of, you know, 50 cents. And they, you know, when when most other normal advertisers are buying those thousand ads per 50 cents, the click through rate on that would normally be, you know, half a percent, right, really, right. But what these guys have figured out is, if they buy that ad, and they inject their JavaScript to re launch you and take you somewhere else, it’s effectively 100%, click through rate, right. And so they can do that. And they take over the whole screen on your handset. And so, quite frankly, they actually get engagement, you know, and you know, guys like you and me, we probably don’t click on these things, or we do take survey, that’s one thing, but my mom can, she may get duped because, you know, it generally would have a Verizon ad on it. So look like it’s coming from Verizon, it looks like it’s a Facebook page. And so they do a lot of things to really spoof the user experience. And really, what they’re trying to do is they’re trying to collect your personally identifiable information. And they’ll sell that, or they’re trying to collect surveys, and they’ll sell that. Or they’re trying to, you know, get attribution for an app install. So there’s a ton of different economics behind it. At the end of the day, really ruins the user experience, right. And so when you’re, when you’re wanting to go to, you know, pick your favorite site, Dustin, like, if you normally would go there and read three news stories and spend eight minutes there, that website generally has predictable economics where they understand that, hey, if Dustin comes here for eight minutes, you know, we’re going to serve him 42 ads, or whatever the number is. Now, if Dustin goes to that website, in that eight minutes gets cut short, because he gets redirected to a website that he can’t get out of, because usually that’s what happens, like, it’ll have a close button, you can hit the close button because they lock that in, you can’t hit the back button, you got to reboot your phone. So what happens to these websites, they lose a lot of money, because all their you know, their user sessions and their their time on page and time on site all get cut short. So it’s a it’s a pretty costly problem. But you know, to take back to your question, we live the problem, all of us live the problem, and there were no solutions. And so, you know, five founders kind of banded together to bring this thing to market. They got the engine fired up. And it just so happened that like our time, our timing was great. I had left where I was, I had golf for a few months, not too cold to golf. And I ran into these guys and said, What are you up to? They’re like, we’re creating this new company, and we think you might be interested in and I was like, wow, like I understand the problem. I know, the customer said I lived it. Let’s go blow it up. We did.

09:27
No, that’s awesome. So it’s more you’re on the publisher side rather than the actual ad clicks. There’s I mean, there’s two different types of fraud and I mean, you have the the bots that are clicking on ads, which now you’re you’re getting charged as as an advertiser, but this is more so helping the publisher side of things, right.

09:44
Or I think there’s a few so he talked about the different types of fraud. So the one type that you mentioned, which is like the you know, the bot to the bots and IVT. Yeah, like traffic is what that stands for. Non humans, right. And so, yes, there’s no there’s folks that solve that problem. We are not One. Gotcha. All right. There’s fraud that exists where I would call it like domain misrepresentation where, you know, the site says that it’s the New York Times, and it’s a cat blog. And so that’s another type of fraud, the fraud that we prevent, is what I would say is fraud, that when everyone has already realized that it’s a real human, it’s a real device and a real network. But there’s shady stuff that happens. And that’s when we stop. We generally protect the user experience on behalf of the publishers. But the reality is, is that, you know, advertisers are impacted as well, because of this, because if you think about it, on any given website, or any web page, there’s usually more than one ad, and the bad actor is probably trying to buy the cheapest ad that they can on the page, right? So for them, it’s all about, you know, yield and maximizing their yield that they get. And so they’ll buy the cheapest out of the page, if three other advertisers have bought on that same page, but that lowest rank ad causes that redirect. The rest of the ads on that page are useless. Yeah, they’re there. They’re quite frankly, silly. They may have technically fired the viewability metric to say it was beautiful, but they’re not engageable. And so I think that’s, you know, one of the things I think that is most overlooked in this problem is that, you know, we know it impacts end users, we know it impacts publishers, but really, there’s probably causing some damage and risk to the return on adspend for the other real advertisers that run that page.

11:25
Oh, absolutely. And with it, it’s a I mean, so is it is it ads that are bought programmatically, I mean, through DSPs, that this is happening. I mean, I don’t know if it can be done through Google their ad platform. But I mean, generally, what what are these? Because I mean, to your point, it sounds like very sophisticated media buyers, where they’re doing the header bit what, however, they’re buying the media, is it typically done through programmatic ways? And I guess, why doesn’t the publisher have something in place to prevent this?

11:54
In the first? Yeah, there’s tons of different ways that this happens, right? So I would say like, the most predominant thing is what you’re saying, which is programmatic media, right? And so it’s open, anybody can get a seat pretty much on any DSP. You know, and often, you know, everybody’s lured in by money, right? Like, because everybody wants to make money. So, you know, everyone wants to believe everyone’s real. Everyone wants to believe everyone has great intentions. And often these people don’t have great intentions, but they’ve got big budgets. And so people like, yeah, you know, oh, you know, you’re representing and they’ll always miss misrepresent who they’re representing. So let’s say, Hey, listen, we’re, um, we’re representing Nike, and we’ve got their ad budgets. And what they’ll do is like, they’ll have, you know, little Nike ads that they will put into the review queue for approval. And so the ad actually looks like Nike, and they’ll have a landing page that looks like Nike. But the reality is, is there’s so much sophistication to how these bad actors operate, that you really can’t detect it until it’s actually executing on the page at runtime. And that’s what we do that’s different than everybody else. We give publishers a single line of JavaScript, it sits on the page. And what it’s doing is it’s actually behaviorally analyzing the execution of JavaScript at runtime. And when we see shady or malicious or untrusted JavaScript, JavaScript trying to call functions that it shouldn’t be calling. And especially if it’s a McDonald’s ad, or a Burger King ad or an American Express ad, usually, those ads don’t upon render, start to call like a total screen takeover, without any clicks. So that’s basically how it creeps into the ecosystem. But there’s there’s various other means whether it’s through like compromised browser extensions, like there’s tons of different ways that these bad actors try to get, you know, get their ROI. But the most predominant thing is through programmatic. And I think your question was, like, why isn’t anybody doing about this? And why, you know, I think the honest answer is, is that the bad actors have really out innovated, you know, everybody in the space, you know, like, there’s tons of legacy solutions. And they’re just not effective in today’s in today’s world. And that’s why we came into the space about two years ago, you know, the most predominant way that folks used to try and stop this stuff was through like URL blacklisting. And as you know, like a bad actor, all he has to do is change his URL. Yeah. And, and, and, you know, they can do that every five minutes. And quite frankly, they probably could do that as a unique URL for every user. And so in order to put something onto a block list, you actually have to have a bad event happened, somebody has to catch that catch that in the wild. And so, you know, so they’re just really not effective to keep up. Other things like offline scanning, like a lot of these malicious ads, they’ll do a whole bunch of fingerprinting. And so, you know, they’ll look to see, is it a real device? Is it on a real network? Is there an Apple Pay session that’s available? Is there dark mode available? And these are all things that you know, that they check it real time because what the bad actors want to make sure of is that there is actually hitting a real consumer because they don’t wanna waste their money on bot traffic. Why would they do that? And so what they’re doing is they’re looking for real consumers. They’re looking for the signals that say it’s a real device. And it’s not in a scanning lab. Right. So that’s the other thing is that they want to detect if they’re the scanning lab, because if they are, they won’t execute their code. And so there’s a ton of really smart intel that goes into what they packaged together. And for us, because we’re sitting on page, because we’re at runtime, because we’re actually on real users in real traffic. You can’t really spoof that, right. So it all happens, you know, kind of, at the exact time that you would be consuming that content. And what we do is we prevent it in real time. But what we do is we actually let the bad actor buy the ad, we thought that the only way to actually prevent these guys from winning, was we had to make it financially punitive for them. So what we do that’s different, I think that everybody else is we actually let them buy the ad, and we let them render the approved ad, which is usually a very safe ad, right? It’s usually, you know, last weekend, they were spoofing LinkedIn, right.

14:14
And so we we let that ad render, what that does, there’s a few good things that come out of this one, the publisher gets paid, right? So the key is, is make sure that publishers get paid, they need money more than ever these days don’t block revenue, what we do is we prevent the malicious chance from executing, which in turn prevents the user from landing on that, you know, congratulations, you’re an Amazon gift card. And so if they don’t get the land on that page, they get no engagement. They get no ROI. So, so what happens is, you know, when publishers implement our software, pretty much like the bad actors get into ROI. So if you were a performance media buyer, which I think you run a digital media agency, right? Yep. If you’ve got a client that you’re buying media on behalf of, and they’re getting no ROI. What do you do? You shut off that property, you don’t buy on that property anymore. And so that’s why I say, think of these guys as the most sophisticated media buyers on the planet. Because when they get into ROI, guess what? They move to where they get ROI.

17:06
That Yep, yep. No, that I mean, that makes sense. It totally makes sense. Because I mean, what do you guys have any other competitors in the space? Really?

17:14
Yeah, there’s a handful of folks that have been doing it for some time before us. You know, some of them been around, you know, call it in 10-12 years. And some of them in around, you know, 6, 7, 8 years, those most of those folks were using those kind of what I would call those older, Gen one Gen two solutions, our solution is new, and it’s unique. And, quite frankly, we think it’s the most effective, right? Like we we’ve tried to, we live by these three things simple, smart and effective, we want it to be the simplest solution that you could ever implement. So it’s a single line of JavaScript, like, usually someone can have that on page in minutes. One of our customers that came through, you know, often this sort of stuff happens on evenings and weekends and holidays. Usually, the bad actors do it, then because that’s when the ad operations people aren’t sitting in front of their keyboards, you know, ready to turn it off? And so, so yes, what often happens, evenings, weekends, and so when we get called, like, we’ll get called on a Friday night, we went from first call to getting a contract complete to code on page in, like, in blocking real threats in a matter of like, two hours. Wow. So, so simple, smart, it’s set it and forget it, like most of these publishers, you know, like publishers have, you know, let’s just say they they’re making $20 million a year, $50 million a year, $100 million a year, they usually have one or two people in AD Ops, like they’re very lean whilst it’s most underappreciated, organization planet. And so like, they don’t have time to chase around these things, they need to set it and forget it solution. And that’s what we deliver for them. And then effective for us, it’s, you know, to me, if you ask a publisher, who’s buying a solution like ours, what are the top three things, you know, we say, simple, smart and effective. But if you ask them, what matters to them, its effectiveness, effectiveness and effectiveness. Yeah. Like they spend a lot of time and money creating content, and bringing users to their property, like a lot of them buy traffic to get people to come to their property. And if you’ve done all that hard work, you need to make sure that when your consumers actually go and try to consume content on your site, that your site is usable. And this sort of problem somewhat makes sites unusable. And you’ll see, you know, end users like you and me, like go to Twitter to complain about sites where this is happening when there’s so yeah, I think to me, it’s all about taking care of your end users and making them happy.

19:32
That I mean, that’s, that’s usually the recipe to any successful business, take care of that end user and get things tend to follow. I mean, obviously, with COVID going on, I mean, digital consumption has just gone through the roof. I mean, has that created a surge in fraud? And I mean, are you guys seeing an uptick since since COVID? happened in the fraud happening?

19:53
Yeah, so it’s been interesting. Um, you know, as you know, when you have these, you know, big you know, macros events, and these big economic events and those economics change that creates an opportunity, right? So and I always say, like, you know, wherever there’s money, there’s bad guys. And so in the ads ecosystem, you know, when COVID hit most big brand advertisers, because you couldn’t travel and you couldn’t go to the movies, and, you know, you weren’t being able to go and buy a car, a lot of these big media buyers are pulled back. Yeah, and what and what that created was that this this opportunity financially, where like, you know, fill rates went down for publishers, rates went down for publishers, right, so like, cpms, with publishers, and by the way, they went down at like, the most important time in the quarter, which, you know, the way the financials work at a publisher over the course of a quarter like January usually stays February’s a little bit better. But March is like, where you make all your money in q1. And so, you know, call it March the fifth or March the 10th, this head, and yeah, and everybody pulled back, well, when everybody else pulled back, guess who was there to buy? The bad guys?

21:01
Yeah, right, man. So

21:03
and so now the bad guys, like, usually in March, when prices are increasing, bad guys, you know, like, they’re gonna have challenges kind of meeting and beating the demand from, you know, the, you know, big automotive companies, or the big movie companies with that sort of thing. And so this was a real opportunity for them to increase their throughput. And so yeah, we saw malvertising kind of surge through March, and, you know, kind of kind of carried its way through into q2. And then as demand started to come back, call it in, you know, kind of mid May and that sort of stuff. You know, we saw it start to, you know, peer off a little bit. But, you know, this thing, this is an interesting thing in this industry. There’s a misnomer, like, you’re not always under attack, like bad guys, you know, like, they’re not always they’re robbing banks every single day, right? They pick their spots, one at a time. Yeah, so these bad guys, you know, and when you see one impression, the time you like, you couldn’t be more correct. They’ll probe all the time. So if I could show you our dashboard, right now, you’d see like, there is this kind of ongoing probing that happens with these bad guys. And, you know, they’ll buy, you know, 5-10 impressions per site, you know, like, and what they’re doing is, they’re just looking to test things to see if they can get engagement to see if the creative that they put through actually got past the checks and balances that any of these, you know, supply side platforms or demand side platforms have in place. And then they wait, they pick their spot. And so they may test and test and test and then go dormant. Let me go dormant for weeks. And then they’ll hit you on Saturday morning or Sunday morning work, like that sort of thing. So, you know, it’s it’s effectively organized crime. And you know, it’s very unpredictable. But, you know, we’re having fun because I think it’s a, it’s it’s kind of fun chasing an enemy that you can’t see, that has tools that you have no idea their weapons, and you have no idea where they’re getting them from, and you have no idea where they are. So you know, we’ve, we’ve done pretty well over the last couple years. Back, yes,

23:01
no, that’s awesome. And I know that you mentioned there’s a couple different things that are done with the end consumer, but I mean, for the most part, or who’s more impacted? Is it the publisher, or the end consumer? Because I know, I mean, there’s more news of hacks going on and all that I mean, should the end user be worried if they click and end up on an environment like that, that their social security number going to be scraped? And all that type of stuff? And?

23:24
I mean, listen, I think everybody should be concerned, I think, you know, ultimately, you know, publishers are responsible for their users, the way I look at it, right. And so like, the only thing you know, if you’re, if your job is to create content and serve ads, you need to make sure you’re doing it safely. And you need to make sure that your users aren’t compromised, because I don’t think anybody wants to be part of like that Wall Street Journal headline that says, you know, site XYZ was compromised, and, you know, user data was taken or, you know, devices were infected. So I think, you know, everybody’s got to take precautions. What I can tell you is that, like, we see, you know, nasty stuff on a daily basis, right. So like, and some of it is, like, less nefarious, and some of it is very nefarious. And it’s kind of everything in between. You know, I think, you know, just like any, you know, anything else, like when you see something that looks a little fishy, don’t click on it, right. So, you know, I think I got an email in my inbox in the day that looked really like it came from Netflix, and it told me that my credit card bounced. And I’m not a guy that usually has a credit card that bounces. But then when I read, you know, when I read the content, the contents of that email, you can tell that it was written by someone whose language wasn’t English as a first language. And so like, you know, like I’ve seen, you know, something looks suspicious, you should, you know, probably not click on it.

24:44
Yeah. Yeah. So, I mean, what, what percentage of overall, not traffic, but I guess impressions served and all that. I mean, how much of the total industry is this impacting? I mean, is it something where it’s like 50% of impressions served or, I mean, how big of an impact does it have? On the entire ecosystem?

25:01
Yeah, I mean, I think, you know, we, we’ve released data that shows that, you know, kind of like on any given Sunday, you know, you may see, like, upwards of like, up and we listen, we, our code runs across 7 million different sites and why you know, and we’re behaviorally analyzing, you know, 10s of billions of, excuse me, ad impressions per month. So, you know, we’ve got a what I would call like, census of the internet, sort of data. And so like, on any given Sunday, we’d see like, you know, it kind of could scale up to one to 3%, of all impressions that day that we’re going to be hijacked. But like you’ll see pockets of supply, where that actors will tend to try and go in, and, and inflict even more pain, like, they’ll tend to want to go and inflict pain inside Facebook. All right. And so if you think about it, inside a Facebook embedded browser is a pretty good place to hide, it’s kind of hard to reproduce, right? If you’re trying to, if you’re trying to capture it and get a URL to put on a blacklist, it’s really hard to reproduce. And so, you know, we’ve seen kind of instances where certain platforms, certain devices, certain browsers, you know, tend to be more impacted than others at any given point in time. But, you know, it is a pretty pervasive problem. And we’ve seen some sites, you know, like, the one site that I was telling you about there on a Friday night, you know, called us and said, geez, we need your help. When we first went on site in that first hour, their threat level was 50%, which means one in every two pageviews was being impacted, or was attempted to be impacted by a malicious ad. And so like, just think about that, what like, how crap does the user experience have to be? Right? And so obviously, they were getting blown up, and they needed help. And they were very quickly we, we shut it down.

26:49
No, that’s awesome. I mean, when you say one and two, that’s, that’s a ton. I mean, how much does this cost publishers on an annual basis? Do you guys have any numbers or estimates?

26:59
at all, to our service? or just in general,

27:01
just in general, how much does this cost publishers on?

27:06
Yeah, I mean, listen, we’ve had publishers kind of do ROI analysis on this thing. And if you think about it, you know, if, if they’re under attack, and one in every two pages was being impacted, and again, that’s not all the time, but if thinking, listen, if you had a threat level that went up, you know, 5%, or 10%, and it happened, you know, three times a quarter, four times a quarter, maybe you’d have, you know, a couple times a month, you can actually do the economics of like, okay, let’s let’s just pretend your ad server is down for like, 12 hours on a Sunday, once a month, you can figure out the financial impact of that. Right? And so that’s what publishers have done with us, which is they they’re like, you know, listen, this is like insurance, this is protection. This is, you know, taking care of our most precious asset, which is our users user experience. So, you know, the funny thing is, is I don’t think that there’s a model where you go, hey, let’s just roll the dice and risk it. You know, like,

28:02
I mean, you can, but I mean, that you’re opening up liability quite a bit. And I mean, that’s, it’s, it’s tough for the long term top right that way.

28:09
Yeah. Right.

28:11
Yeah. No, I mean, that’s that just showing the cost or the savings is huge. I mean, to your point, it’s not so much the cost, but what is the cost of not have a user come back because of a bad experience? I mean, it’s me, I’m sure they have numbers and run numbers on an average user, how often they come back, well, there’s daily, weekly and all that, but you’re cut all that in half, essentially, you’re, you’re cutting your overall revenue in half. And to your point, it’s, you know, if you get attacked hard and have to shut down that ad server have stopped serving ads, it’s gonna be a pretty big financial impact, probably probably a lot more expensive than what your guys’s services are.

28:43
For. And you’re right, right. I mean, like, every publisher probably knows very explicitly how much it costs to acquire a user. Right? Yep. So imagine, you know, like, it costs a lot of money to bring users to your platform to to your site’s God, you got to take care of them. And, you know, it’s easier to keep the user than to go and buy a new one. And so, if I go to your site, and I have a crappy experience, it’s probably a good chance. I won’t go back, you know, and especially if I go and it happens a couple times in a row. You know, it’s, to me, it just seems like common sense protection, right? Like, why wouldn’t why wouldn’t you want to make sure that your most precious precious asset is protected?

29:23
Absolutely. Absolutely. So I mean, there, it seems like there’s ebbs and flows based off of, you know, just the economics, and everything involved, but I mean, overall, looking to the future, I mean, what does the future look like for you guys for this industry? I mean, is this a growing concern? Or what does that look like?

29:44
Yeah, like, you know, the bad guys, as I said, they’re gonna migrate to where there’s money. And, you know, as they as they figure this thing out, they’re gonna, you know, change what they’re doing change how they’re, you know, how they’re attacking. For us, you know, our our path is to continue to protect, you know, websites from malicious and untrusted JavaScript like that’s what we want to do. And so, you know, we don’t really position ourselves as a, you know, as an advertising company, we position ourselves as a cybersecurity company that’s protecting websites from that malicious and untrusted JavaScript. So now you would say that, you know, maybe some of these, you know, client side injections that happen through compromised Chrome extensions that sit on your PC, like, you never know. And sometimes, it’s, you know, it’s the kids in your house that went and downloaded something, and you don’t know. And so it’s kind of then, you know, spyware and sniffing out your traffic all day, every day. So yeah, I think it’s a game of cat and mouse, and you know, we’re gonna continue to evolve, we evolve every day, you know, then that’s the cool part about this business is, you know, where I’ve worked in the past, it’s a lot of like, launch a product, and then, you know, put it into the wild, and then move to the next thing. And this business, like, this product is always living and breathing, there’s never launch and move to the next thing. And so, you know, we’re constantly re, you know, reverse engineering threads, we’re constantly, you know, digging into, you know, new methodologies, as you know, like, you know, you know, iOS and Android will be linked to releasing new software all the time. And every time they release something new, they’ve got new holes. And so the bad actors are gonna continue to innovate, I think we’ve always got to keep innovating to stay one step ahead of them.

31:25
Yeah, I think you put it perfectly. I mean, it’s a it’s a cat and mouse game. It’s you. You see what they’re doing, you innovate, you block it, they figure out how to innovate. And I’m but I mean, it’s needed. I mean, for sure. And it’s a, from a publisher side, I mean, is there anything? I mean, obviously, know that they’re at risk. But is there? Is there anything that they should be looking at to kind of get a pulse on? If they’re at risk at all? I mean, and do they have any internal numbers that they could be looking at, to basically identify where, oh, wow, we’re more at risk than I thought we should go to you? Is there anything that that publishers could look at?

31:59
It’s interesting, we launched this product, we, we use focus as a weapon here. It’s one of the things like it’s a bit of a mantra, right? And so cuz at a startup, you don’t have unlimited resources. And when you’re building a product, you know, if you ask your customers like, Hey, what are the features you want? And if you gave them a list of 10 features that like the prospective customers gonna say, I’d like all 10. And if you force them to make choices, right, which is what we did, and that’s why we say, the top three things are effectiveness, effectiveness and effectiveness. And one of the things we did was when we launched, we actually didn’t even have a dashboard. And you think about like, how could a company like we’re asking someone to put code on their website? Like, don’t you think they want a dashboard from us, that tells them how well we’re doing or what problems they have, or that sort of thing? And like our answer back to the publishers was simply this. Don’t you have a dashboard? Isn’t there something that you look at every single day to see like your KPIs? I would think monetization, I would think, you know, number of ads served for unique use, like and so what we said to publish in the early days, you’ll be able to know from the metrics that you look at your site, whether you have a problem or not, especially if you’re looking at your data closely. And so you’ll see that your time on site, or your you know, like the KPIs that I told you if those are being impacted. And so that’s kind of, you know, what I would say is, you know, most publishers, it’s like, Listen to your users, like, look at your data, listen to your users. Listen, your users also means like, looking at social channels. If you’ve got a problem, chances are the problem is bad enough, your users are telling you. Yeah, like so. If you go to Twitter, and you search, you know, ad redirect, you can probably, you know, see like, users actually take the time to take screenshots and say, Hey, publisher XYZ, you got a problem. And you need to fix it. And so, no, I think users are pretty vocal. And they’ll tell you, but, you know, generally speaking, I think most folks in AD ops that usually hear about this, they usually hear about it from their CEO, CEO is usually on the site. He’s like, Hey, man, I had a really crummy experience. And that’s what really causes them to, you know, try and figure out what’s going on.

34:01
Gotcha. Makes sense. And I mean, you guys are really young. But you guys have been doing quite a bit. I mean, you mentioned before this, you guys have gone through, you know, some funding and stuff like that. We’d love to love to hear more about that. What was that process? Like?

34:16
Yeah, I mean, it’s super cool. We bootstrapped the company. And I got here. Last January, we raised a small seed round in, I think, April of last year. So we raised two and a half million last year, real ventures out of Montreal was our VC on that one. And we had planned to raise, you know, I think, a $5 million round, call it, you know, in q1 of this year, and so I had prepared to go and hit the road. I had a whole bunch of meetings set up in February. And at the end of February in New York, I had like, I think like four days, multiple VCs lined up each day, you know, which is what you do when you raise money, you kind of like cram them all together and go down the pavement. And as covid started really taking hold. Most of the New York VCs all hit pause. All the New York VCs were they were the first ones to close their doors even before lockdown. VCs are usually a revolving door of you know, global entrepreneurs who, you know, have been locked up on a plane and they come right from the plane to the, you know, to the VCs office. And, you know, they’re like, they’re like shaking your head. Yeah. And so all the VCs literally said, Hey, Matt, we need to pause. And we’ll, we’ll regroup once we figure this thing out. Most VCs you know, took three weeks in a month to kind of like get get their sea legs, they didn’t know what the new world was gonna look like. And some actually still don’t know what the new world is looking like. But so I actually started the third week of March. And I did an entire series A around all on zoom.

35:50
That is so cool. I think I

35:51
think I pitched 40 different VCs. And I hadn’t met one of them. Probably bad on my part that usually you should start having those coffee meetings, you know, the quarter prior before six months prior. And no joke, like, Listen, we were rising, grinding and repeating. Right? And so like, I just I was like, Hey, listen, our results are gonna speak for themselves. And I’ll go and hit the road when we’re ready to hit the road. And I think we like I really, truly believe that we would have people and not in an arrogant way, but like people would line up to want to be part of this business. Yeah. And, and so yeah, so I went and pitched 40 VCs? You know, we had a bunch of term sheets, in COVID. You know, we did our diligence on each other, and tons of you know, you know, zoom calls and reference checks, and, you know, beyond reference checks. And God, I would tell everybody invest in your LinkedIn, like, really invest in your LinkedIn, because at the end of the day, your reputation is all that matters. And what these people are going to look for is, who do they know in common? Like who are the people called? What skilless? Like, is he like, Do you trust him? Like, is he grinder? Is he gonna, you know, give it his all and die trying? And and so I think, you know, that actually helped, you know, because I couldn’t meet them. I couldn’t break bread. So yeah, so we raised 5 million bucks. You know, we announced it a couple months ago. And then we’ve got a great partner Tribeca venture partners is, was the lead. And, you know, really proud to have, you know, chipmaking in the team, they’re on board with us. And, you know, we were their first investment in COVID. Two, which is interest. Right. So, you know, I jokingly said, the chip, you know, maybe we should just meet on the turnpike somewhere and do a sales just like, just to show that we actually did meet. But I haven’t, like, we’ve never seen each other 10 yet. And I think that’s cool.

37:43
I think that’s gonna become more common. I think I think the airline industry is gonna be impacted just because the commercial flying because people are realizing, wow, we can we can chat through a whole negotiation. We can, we can structures, we can do it all through Zoom. We don’t need to fly the team out across the country. I mean, it is cool to do that. But I mean, what are your thoughts on? I mean, when that opens up, do you think things will get back to how they were? Or do you think Zoom is more,

38:07
we’ve been very successful in in, you know, doing Zoom calls and growing our customer base, and all that sort of stuff. That being said, I don’t think you can ever replace, showing up on someone’s doorstep, you know, the shaking their hand, the, you know, building rapport one on one, like, you know, the trade shows like, like, you know, we used to do a ton of business by meeting people at trade shows, and, you know, it’s kind of like, everybody goes to Palm Springs, you all show up at the same hotel, you can crush through 30 meetings in two days. Those days are, I don’t know, when those days are gonna happen. Yeah. So, you know, I don’t know, I, I think we’re coping, I think everyone is figuring out how to navigate what this thing is. God, I hope, you know, we open up again real soon. Because I think, you know, I’m, I’m just as concerned about the mental health aspects of my biggest thing.

38:57
That’s my biggest thing is I mean, everyone is focused on the economics and printing and all that type of stuff. But it’s, it’s the mental side, I mean, from the kids not being able to go to schools, from people just being locked up. I mean, that, that, to me, that’s gonna have more of a long term economic impact than the short term that everyone’s focusing on now. But, I mean, I agree, I think the mental side is, is a huge overlooked piece of what we’re going through now.

39:21
I listen, I think, for me that like raising money for anybody who’s ever raised money, I’m sure there’s tons of people that listen your podcast that raise money, and they’ll say like, it’s one of the hardest things you do as an entrepreneur, right? Like raising money is really hard. Raising money during COVID for me, was like it was physically and mentally exhausting. And I’ll tell you, one of the reasons why is, you know, we shut the office down, right? And so, you know, I ended up sitting on my couch and working from my couch. I have three kids at home who were being homeschooled at the time. And it just wasn’t conducive. I came in, you know, in kind of work by myself from this office. This is our new headquarters here in Baltimore. And god it was lonely. And you know, and it’s hard, right? And so like, when someone tells you No, right, like, you got to get, you know, brush yourself back off. And if they didn’t understand your pitch or they don’t understand your vision, it’s hard.

40:14
Yeah. No, I completely agree. I mean, you guys have been crushing it. You guys just got funding. I mean, what does the next 6-12 months look like for you guys? What are the biggest focus areas? For you guys growth?

40:26
Sure, you said the next six months?

40:28
Yeah, next six to 12 months? What is the the near future kind of look like for you guys? biggest goals you guys are trying to accomplish as a as a company?

40:36
Sorry, you’re breaking up on me. So I don’t know

40:39
if I can hear you correctly. But I think you said what is the future growth look like for us?

40:44
What are the biggest focus areas? Or what are you guys working on in the next six to 12? months? What are? Yeah, essentially, what are you guys looking to accomplish?

40:54
Yeah, so you know, listen, maybe I’ll come back on in a couple months, and we can talk more, we’ve got some pretty cool new products that are in the pipeline that we’re bringing to market. And, you know, think of it this way. You know, digital media isn’t the only place where bad actors can conduct their exploits. There’s a lot of, you know, big playgrounds where money exchanges hands. And we’re really focused on preserving user experience and revenue. And so I think you can look for us to kind of start to tackle some adjacencies in the ecosystem, in digital media, in, in the internet, because it’s a huge playground. And it’ll be back to probably tell you more a PC with that.

41:37
Awesome, no, I would love to have you back on here in a few months and hear more about that. And I’m excited to watch you guys grow, think what you guys are doing is huge. I mean, one from the publisher from the user. I mean, me from a digital media buy perspective, I mean, just making the whole ecosystem a little bit better for everyone. And I think, you know, there’s been a lot more people trying to take advantage just as digitization just continues to grow, as we head into the future. But that being said, I mean, that there’s, you know, publisher that’s even debating, you know, been thinking about your solution. I mean, what would you say to them, to get them to try you guys out.

42:13
So one of the coolest parts about our businesses, we give everybody a 30 day free trial. So you want to test drive us, it’s free, come check it out. It’s simple. You know, had to Clean.io it’s our website, a lot information on there, if you want to send me an email matt@clean.io super simple. But yeah, listen, we try and make it easy for folks to to, you know, to get the protection that they need, you know, simple to execute, and, you know, just make the world a little bit safer. So, yeah, it’s a, you know, we try and we try to do what’s right for the industry, like, I spent the last eight years of my life, you know, trying to get publishers to make money. And so now I’m kind of on this side, trying to fix a bunch of the broken things that kind of, you know, accelerated as we can, you know, help to, you know, help the monetization ecosystem. So, this is our search shown, I guess you can say,

43:03
No, I love it. You guys been growing quickly. And I, I can’t imagine that you guys aren’t gonna slow down at all. I mean, it’s, I can’t wait to have you back on. So I really appreciate the time and we’ll follow up after this. But I said it’d be awesome to create a couple part series from this. So I really do appreciate your time.

43:22
I love it, Dustin. Thanks for having me. Appreciate it. Thank you.

Share this post

Share on facebook
Share on twitter
Share on linkedin
Share on google
Share on pinterest
Share on skype
Share on email

stay in touch

Receive the latest episodes straight to your inbox!