app-ads.txt (Authorised App Sellers) is an IAB Tech Lab standard that lets app developers publicly declare which ad systems are authorised to sell their inventory. For CTV buyers, it is the primary technical defence against app spoofing — the dominant fraud vector in the CTV supply chain.
The problem it solves: A fraudster can send a bid request to an SSP with a fabricated app.bundle claiming to be JioHotstar or SonyLIV. Without verification, your DSP bids premium CPMs on fake inventory. app-ads.txt stops this by creating a verifiable list of authorised sellers — if the SSP sending the bid isn't listed in the real publisher's app-ads.txt file, the impression is unauthorised.
How to read an app-ads.txt entry:
google.com, pub-1234567890, DIRECT, f08c47fec0942fa0
This means: Google Ad Manager is an authorised DIRECT seller under publisher ID pub-1234567890. The final string is Google's verified TAG-ID.
sellers.json is the complementary standard — published by SSPs rather than publishers. It declares who each SSP is selling inventory for, creating a two-sided verification chain. Together, app-ads.txt and sellers.json let a buyer verify the full supply path from publisher to SSP to bid request.
India CTV adoption: JioHotstar, SonyLIV, and Zee5 have all implemented app-ads.txt. The fraud risk is concentrated in smaller publishers and new FAST channel operators on open programmatic who have not yet published app-ads.txt files.
What buyers should do:
- Confirm "Authorised Sellers Only" is enabled in DV360 campaign settings
- Use publisher allow lists for brand-sensitive buys rather than relying on open auction filtering alone
- Run third-party verification (IAS or DoubleVerify) on any India CTV campaign with significant spend
Related questions
For a full breakdown, see the app-ads.txt and sellers.json for CTV knowledge base article.