> We learnt that not all advertisers that place bids through the Google ads system support HTTPS, resulting in fewer ad impression bids and lower overall ad revenue.
No, its that sites served over HTTPS won't show HTTP-only ads. Google determines who gets the view based on a auction system. Limiting supply of ads limits competitive bidding.
So Google does not serve the ads from its own servers? Google just runs the programmatic auction and then lets the winning advertiser point to whatever slow, non-HTTPS ad server they like? I guess once Google gets paid by the auction winner, they don't care what happens next with the served ad. And serving it from their own servers would just be an extra cost.
No, they don't actually serve all ads. I imagine they know not to pass off a request from a HTTPS page to a HTTP-only server (mixed-content blocking would give a near-100% failure rate) but here is an example of Google's Doubleclick network being used to spread malware: https://blog.malwarebytes.org/threat-analysis/2014/09/google...
I think it can do both. Kind of like how Amazon sells products that ship both from its own warehouses, but also from the vendors directly. But just like with Amazon, there's probably an increasing amount of ads that come directly from the vendors.
Browsers do not allow content that is delivered over HTTP to be loaded in sites that use HTTPS. If your site wants to display an ad, Google figures out who is willing to pay the most for the spot and includes content from that ad buyer in your site. If your site uses HTTPS, Google can only choose between ad buyers that provide their ads over HTTPS, since those using HTTP wouldn't be displayed.
The blog post explains what's happening but not the why. How could HTTPS possibly lower ad revenue? What is the mechanism?