Google Makes Identity Verification Mandatory for All Advertisers
Google’s latest move will take a few years to fully roll out, but there’s an essential lesson for all of us—online business identity is important.
Google, the world’s largest search engine, has just announced that all advertisers must prove their legal identity if they want to run ads on Google. What’s more, this identity information will be displayed publicly to Google users so they can see who is running ads and where they’re located.
In a blog announcement last week, Google said they are making it obligatory for advertisers to verify their business/personal identity and outlined what the process will look like. This is not the first time Google has made a move to require identity verification. In 2018, Google made identity verification compulsory for political advertisers. Now, their policy has been extended to all advertisers.
What does this mean for Google advertisers and the internet as a whole?
Let’s hash it out.
How This Will Help Detect Online Scams
This move by Google hardly comes as a surprise as we’ve seen many phishing scams being run on Google ads to dupe users. In these scams, fraudsters set up fake websites that look genuine, but ultimately they’re used to sell fake products and/or steal sensitive information from users. With the new policy in place, all advertisers – whether individuals or companies – won’t be able to run ads without submitting legal identity documents and getting approval from Google.
On the user’s side, they will be able to check the identity and location of the advertiser behind a particular ad. Here’s how it will look to users:
(Look familiar? Yes, it looks very similar to Google Chrome’s EV SSL display…more on that in a bit!)
Why Is Google Doing This?
Apart from the obvious advantage of security against phishing scams, there are many reasons why Google may be prioritizing business identity verification. The simple truth is that online anonymity isn’t always a good thing—research has shown over and over that people and organizations are more likely to engage in bad behavior if they have some level of anonymity. Here are a few of the possible reasons why Google has introduced business identity verification:
- To Lock Down Policy Violators: One of the most probable reasons why Google made this move is to make it harder for banned advertisers to keep opening new accounts after violating their policies. Right now, if your account gets suspended, all you have to do is to create a new account. But with identity verification in place, you’ll have to be authenticated by Google. And you know what that means—Google will be able to immediately identify if you have previous policy violations.
- More Data & Insights (for Google): If your organization completes identity verification from Google, you’re giving your company’s information to Google. And if there’s one thing that Google loves, its data. It’ll help them more accurately identify which companies are spending on ads and that could give a lot of valuable insights to Google.
- To Help Customers Make Informed Decisions: When it comes to online shopping, customers want to verify a company’s credibility before making a purchase. Many studies have shown that having more information helps customers make better decisions. By introducing business identity verification, Google has taken a positive step in that direction.
- To Help Customers Do Business Where They Want: For example, customers may prefer to purchase services directly from a company in their local area. But in many cases, they’re not aware of the company’s actual location and they might end up buying via a company in a different location that just has local sub-contractors. This verification will empower customers by giving them the company’s location information.
How Will the Process Work for Companies and Individuals?
As we just saw, all advertisers – whether individuals or agencies/companies – will have to undergo this vetting process. To scale this endeavor, Google has decided to do this process in phases. In the initial stage, Google will select certain advertisers in the United States and notify them about this verification process through email and an in-account notification. Eventually, this process will be required for all advertisers.
The verification process is divided into two steps. The first step is completing the form included in the verification email to submit requested information and documentation. The second step will be in-account identity check, wherein you’ll be asked to provide all required information and documentation, including ID for the authorized representative.
The verification process will differ for individuals, organizations, and agencies. Here’s how:
- Organizations: Identity verification must be completed by an authorized representative. Organizations will be required to submit legal documents such as a W9 or an IRS document showing the organization name, organization address, and EIN.
- Individuals: If you’re managing an individual account (you can check your Google Ads account to see your account type), you’ll be required to submit a US Government-issued photo ID as part of the verification program. Acceptable documents include a passport, national/state ID card, driver’s license, or residence permit.
- Agencies Managing Multiple Accounts: If you’re an agency/representative that manages multiple ad accounts, then you must complete verification for each account. Google will verify the legal name of each advertiser independently. Note that the advertiser name must be the legal name of the organization that’s running the ads, not your agency name.
All advertisers will have a 30-day window to submit their documents for verification. Once submitted, Google will review your application and send you an email notification within 3-5 days. If you fail to submit within 30 days, then you will no longer be able to run ads on Google. Not only –if you’re not able to meet Google’s identity requirements even after submitting within 30 days, you won’t be able to run ads.
Worried? Don’t Be!
If all of this sounds too complicated and too much work to you, then you don’t need to worry about it (yet). That’s because the process will take “a few years” to complete, according to Google. Right now, this process will be run only in the US, and only for some advertisers. So you can consider this to be in the pilot phase. Right now, nothing will change unless Google asks you to complete the verification process.
Important Lesson: Business Identity Verification Is Important
Do you notice the similarity between these two images?
Yes, you’re absolutely right. Both of these images show the company name and location as a popup next to the website URL. The image on the left clearly tells us that Google takes business identity quite seriously, because it’s beneficial to customers from many angles.
EV SSL = Verified Business Identity Everywhere
If you’re a business owner, this has an important message for you: business identity verification is valuable. The good news is, you’ve got another tool at your fingertips that can display your website’s verified business identity whether you’re advertising on Google or not. Of course, I’m talking about an EV SSL certificate – as shown in the image above on the right. EV SSL certificates enable all major browsers (including Google Chrome) to display your verified business identity to users.
A Final Word on Business Identity
Making business identity verification mandatory is – without a shadow of a doubt – a significant step towards a secure web. Although it’ll take time for it to become a standard practice across the globe, this move from Google teaches a critical lesson: it shows that customers want and need verified information about the real-world organizations behind websites. This change, once again, emphasizes the importance of business identity solutions such as extended validation (EV) SSL certificates. Remember, it’s your job to give every reason to your customers to trust you!
5 Ways to Determine if a Website is Fake, Fraudulent, or a Scam – 2018
in Hashing Out Cyber SecurityHow to Fix ‘ERR_SSL_PROTOCOL_ERROR’ on Google Chrome
in Everything EncryptionRe-Hashed: How to Fix SSL Connection Errors on Android Phones
in Everything EncryptionCloud Security: 5 Serious Emerging Cloud Computing Threats to Avoid
in ssl certificatesThis is what happens when your SSL certificate expires
in Everything EncryptionRe-Hashed: Troubleshoot Firefox’s “Performing TLS Handshake” Message
in Hashing Out Cyber SecurityReport it Right: AMCA got hacked – Not Quest and LabCorp
in Hashing Out Cyber SecurityRe-Hashed: How to clear HSTS settings in Chrome and Firefox
in Everything EncryptionRe-Hashed: The Difference Between SHA-1, SHA-2 and SHA-256 Hash Algorithms
in Everything EncryptionThe Difference Between Root Certificates and Intermediate Certificates
in Everything EncryptionThe difference between Encryption, Hashing and Salting
in Everything EncryptionRe-Hashed: How To Disable Firefox Insecure Password Warnings
in Hashing Out Cyber SecurityCipher Suites: Ciphers, Algorithms and Negotiating Security Settings
in Everything EncryptionThe Ultimate Hacker Movies List for December 2020
in Hashing Out Cyber Security Monthly DigestAnatomy of a Scam: Work from home for Amazon
in Hashing Out Cyber SecurityThe Top 9 Cyber Security Threats That Will Ruin Your Day
in Hashing Out Cyber SecurityHow strong is 256-bit Encryption?
in Everything EncryptionRe-Hashed: How to Trust Manually Installed Root Certificates in iOS 10.3
in Everything EncryptionHow to View SSL Certificate Details in Chrome 56
in Industry LowdownPayPal Phishing Certificates Far More Prevalent Than Previously Thought
in Industry Lowdown