SIMID: Secure Interactive Media Interface Definition
SIMID (Secure Interactive Media Interface Definition) is the IAB Tech Lab standard for rich interactive ad experiences in streaming video and audio. It defines how a publisher's media player and an interactive ad creative communicate, replacing the older and now-deprecated VPAID standard.
The current version is SIMID 1.2, released December 2022.
Why SIMID exists
VPAID gave ad creatives full access to the player's DOM and JavaScript context: powerful, but deeply insecure and incompatible with server-side ad insertion (SSAI). A single buggy or malicious VPAID script could crash the player or the entire publisher page.
SIMID draws a hard security boundary. The interactive creative runs in a sandboxed cross-origin iframe. The player manages all media loading and playback. The creative and the player communicate only through the postMessage API using a well-defined protocol. A fatal error in the creative cannot affect the player or the publisher's page.
How SIMID fits into the VAST ecosystem
VAST describes the ad metadata (media files, tracking URLs, companion ads). SIMID describes how the player and an interactive creative layer talk to each other during ad playback. A SIMID creative is referenced from a VAST 4.x document as one of the assets inside <MediaFiles>.
The <InteractiveCreativeFile> element
To serve a SIMID creative, add an <InteractiveCreativeFile> element inside <MediaFiles>. Two attributes are required:
type="text/html": the MIME type of the creative resourceapiFramework="SIMID": tells the player which API to use
A third optional attribute, variableDuration="true", signals that the ad can extend the ad break duration (e.g. for a game or survey). If the player does not support variable duration, it must not render the ad at all.
<MediaFiles>
<MediaFile delivery="progressive" type="video/mp4" width="1280" height="720">
<![CDATA[https://example.com/ad.mp4]]>
</MediaFile>
<!-- SIMID interactive layer -->
<InteractiveCreativeFile type="text/html" apiFramework="SIMID" variableDuration="true">
<![CDATA[https://adserver.com/ads/creative.html]]>
</InteractiveCreativeFile>
</MediaFiles>Players that do not support SIMID will play the video file and ignore the <InteractiveCreativeFile>. This makes SIMID gracefully degradable.
How the player loads a SIMID creative
- Player creates a hidden, cross-origin iframe.
- Sets
iframe.srcto the URL from<InteractiveCreativeFile>. - Listens for the creative's
createSessionpostMessage; responds with resolve. - Sends
SIMID:Player:initwith environment parameters (viewport size, version, skip settings, etc.). Waits for resolve. - Starts media playback; sends
SIMID:Player:startCreative. - Makes the iframe visible, positioned over the media element.
From this point, both sides exchange messages: the player sends media events (SIMID:Media:timeupdate, SIMID:Media:pause, etc.) and the creative requesting actions (SIMID:Creative:clickThru, SIMID:Creative:requestFullscreen, etc.).
SIMID vs. VPAID: comparison
| Feature | VPAID | SIMID |
|---|---|---|
| Security model | Shared DOM and JS context with player (insecure) | Sandboxed cross-origin iframe, no DOM or JS access to player |
| Media control | Creative manages ad video loading and playback | Player manages all media loading and playback |
| SSAI support | Not possible | Fully supported |
| Pre-caching | Only the VPAID script; video cannot be pre-cached | Both video and SIMID creative can be pre-cached |
| Fatal error impact | Can crash the player or publisher page | Isolated to the creative iframe only |
| Communication | Direct JS function calls in shared context | postMessage API across security sandboxes |
| Creative MIME type | application/javascript | text/html |
| Audio advertising | Out of scope | Supported |
| CTV / native players | Requires HTML video element | Works in native or web player with sandboxed web view |
| Status | Deprecated by IAB Tech Lab | Current standard (v1.2) |
SIMID message categories
All SIMID messages are JSON objects exchanged via postMessage. They fall into three groups:
- Media events: sent by the player when the media element fires events (e.g.
SIMID:Media:timeupdate,SIMID:Media:ended) - Player messages: player lifecycle events sent to the creative (e.g.
SIMID:Player:init,SIMID:Player:adSkipped,SIMID:Player:resize) - Creative messages: requests from the creative to the player (e.g.
SIMID:Creative:clickThru,SIMID:Creative:requestFullscreen,SIMID:Creative:reportTracking)
Every message expects either a resolve or reject response, making the protocol fully acknowledged and debuggable.
VAST versions that support SIMID
The <InteractiveCreativeFile> element was introduced in VAST 4.0 and is present in 4.1, 4.2, and 4.3. SIMID creatives are not expressible in VAST 2.0 or 3.0.
Does vastlint validate SIMID?
vastlint validates VAST XML structure, which includes checking that <InteractiveCreativeFile> is correctly placed inside <MediaFiles> and that apiFramework is present. It does not validate the SIMID creative's JavaScript/HTML content or the runtime postMessage protocol (which requires a live player environment). See the rules reference for all VAST structural rules.