Clean.io raises $2.5M to fight malicious advertising

Existing approaches to blocking malicious advertising aren’t working — at least according to digital ad veteran Seth Demsey.

That should resonate with anyone who’s ever encountered an ad that immediately redirected them to a website filled with annoying gift card offers. And it’s the issue that the startup Demsey co-founded, clean.io, is working to address.

Today, the company is unveiling the new clean.io name (a rebrand from its old moniker of Clean Creative), and also announcing that it’s raised $2.5 million in seed funding from Real Ventures.

“When you think about what we’re really dealing with, forget media, forget ads — we’re dealing with the beautiful openness of the web,” Demsey said. “That allows you to compose different elements from different people on the page, but that power of composition also opens the door to abuse.”

Hence the aforementioned ads that suddenly overwhelm you with scammy-sounding offers.

Demsey — who worked at Microsoft and Google before spending several years as CTO for TechCrunch-owner AOL’s advertising business — said companies have tried to fight back by scanning website code and by creating blacklists of bad advertisers. But the clean.io team saw that “these things were moving and changing so fast that blacklists were not effective anymore, and that scanning wasn’t effective anymore.”

Instead, Demsey said the company has created “a general purpose system for JavaScript security that allows us to determine what should and should not be allowed to execute in JavaScript.” Put another way, clean.io provides “granular control over who gets to load JavaScript.”

As a simple example, if clean.io detects JavaScript that redirects your browser, it can check to see who’s actually calling for the redirect — if it’s the publisher whose page you’re on, then that’s probably fine. But, Demsey said, if it’s “some random JavaScript CDN,” then clean.io will say, “Let’s block this one.”

CEO Matt Gillis added that clean.io’s approach is particularly tough on the sources of malicious advertising, who he described as “the most sophisticated performance advertisers on the planet.” That’s because the startup’s technology doesn’t simply block the ad. Instead, it runs the ad and blocks the bad JavaScript, which means the advertiser pays for the impression without getting results.

“We make it unprofitable for the bad actors,” Gillis said. “Most of the others who are scanning or URL blocking not really eliminating [the bad behavior], they’re just playing the game of cat and mouse.”

As for why the company changed its name, Demsey suggested that clean.io could eventually apply this technology in areas beyond advertising.

“The name change is to really signify the fact that our ambitions and our technology are broader than merely cleaning up the ad ecosystem,” he said.