IAB Tech Lab Releases SafeFrame 2.0 Secure Ad Container for Public Comment

Posted by Jonas Jaanimagi On July 30, 2020 Media Releases

IAB Tech Lab has released SafeFrame 2.0 for public comment for a 60-day period until Sept 28th 2020.

SafeFrame is an API specification for communication between a web page and an ad that is enclosed within an iframe on the page, enabling safe ad interactions (e.g., ad expansion) without direct access to the publisher’s page data.

With adoption of SafeFrame 2.0, publishers, advertisers, and their vendors stand to gain from all the benefits the latest update offers. After six years since the last update, SafeFrame 2.0 brings simplicity, scalability, and innovation, all while maintaining the security for which SafeFrame was first intended.

Among the key benefits of SafeFrame 2.0 are:

Publisher Page Security

The isolation between publisher code and ad code enables publishers to maintain control of the page layout and limit interference from ads while still allowing rich interaction and select data collection. Using the SafeFrame API, publishers also have the ability to decide what website information (if any) should be exposed to which advertisers and vendors.

Consumer Privacy

Preventing access to the publisher’s page also protects consumer data. While SafeFrame shares information with ad served to its API-enabled iframe, the publisher chooses what to share and can protect sensitive consumer data. SafeFrame helps publishers ensure that consumer privacy preferences are honored.


With the implementation of SafeFrame, publishers can allow rich interaction from ads served to an iframe while maintaining page security. Not only does SafeFrame save hours of troubleshooting a broken page caused by ad scripts, the certification process for ad placement is reduced because ads served into the SafeFrame don’t don’t add the kind of risk that comes with direct access. Enabling rich media inventory within SafeFrame improves revenue potential while keeping operational costs under control.

Programmatic Support

Header bidding operations have increased over the years. While SafeFrame executes AFTER the header bidding process, the SafeFrame wrapper was often reject for lack of support in the programmatic process. The SafeFrame Working Group is working with programmatic providers that offer header bidding in an attempt to have features added to the process that better communicates the presence of SafeFrames. As these features are added ahead of SafeFrame 2.0 adoption, including SafeFrame equipped ads should become standard operating procedure.

Simplicity (and Innovation)

SafeFrame 2.0 was developed with simplicity in mind. The prescriptive host implementation was removed as well as any features that didn’t have anything to do with ad display. For example, other measurement solutions by vendors and standards like OpenMeasurement for Web replace measurement features from previous versions. Modern browser features such as Sandboxing, Feature Policy, and Intersection Observer are recommended for enhancing SafeFrame capabilities without weighing down the API.

MRAID Alignment: While MRAID is still for mobile and SafeFrame is still for Web, alignment on the two simplifies ad conversion from mobile to Web and Web to mobile. The alignment also enables a unified API for all HTML ads regardless of the platform.

For a supportive blog article from IAB Tech Lab please click here


Jonas Jaanimagi